$ rpki-client -vvf repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa File: 323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa (raw, json) Hash identifier: qMdSXe2z67bVJOmODSeb4BQMQ40LX9lF9FYmIAv+p7A= Subject key identifier: 76:E3:AB:E9:FF:CF:AF:CC:B6:BB:AB:A4:72:F2:B8:87:47:0F:B4:24 Certificate issuer: /CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Certificate serial: 1B738A117BD263B93AB72B3CE5AF5E06C683B1A2 Authority key identifier: 3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa Signing time: Thu 26 Sep 2024 05:00:00 +0000 ROA not before: Thu 26 Sep 2024 04:55:00 +0000 ROA not after: Thu 25 Sep 2025 05:00:00 +0000 asID: 46052 IP address blocks: 2001:df0:a8::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 18:33:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:73:8a:11:7b:d2:63:b9:3a:b7:2b:3c:e5:af:5e:06:c6:83:b1:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3D13C6FB9DB22CE134706325357C20E1DC9A1269 Validity Not Before: Sep 26 04:55:00 2024 GMT Not After : Sep 25 05:00:00 2025 GMT Subject: CN=76E3ABE9FFCFAFCCB6BBABA472F2B887470FB424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:bb:4b:25:44:1d:1a:ca:54:6e:62:23:db:33: 3f:ff:ba:fb:0f:0d:31:fc:d8:9b:d9:0e:35:66:e9: 98:67:ec:64:fa:08:e9:e4:99:5f:17:79:df:50:93: ae:72:17:10:52:3f:2d:83:7b:75:bf:4e:f7:52:04: 2f:10:fa:99:fd:70:bf:bf:73:66:fa:54:f4:ee:10: 0d:d0:f6:9d:5a:72:b4:4a:3b:9c:54:dc:41:64:d8: bd:b9:79:bb:9b:ba:c5:d6:d2:04:26:62:a2:6d:42: 65:ee:1a:5b:ed:44:f4:4c:09:57:82:5a:46:55:87: bc:93:84:8b:42:f4:ae:e4:c3:41:9a:51:7e:af:a5: b8:ca:a5:9f:bd:64:49:69:60:af:73:85:06:d0:23: 09:f5:9a:b7:78:81:3f:5d:20:3f:c7:45:7e:9a:cc: e0:89:6b:b2:0b:e8:14:14:a1:0b:97:45:25:6e:bb: ba:3e:6f:ce:04:e1:d7:22:65:75:e3:7f:74:0a:84: f1:7e:69:80:cc:88:34:58:6e:01:e6:b9:a6:9b:71: c5:e3:c4:3b:e2:3f:e4:cf:e4:03:da:93:e4:8b:21: 39:f5:a7:52:83:7c:92:46:73:9b:b6:82:76:de:27: d5:e5:1c:46:aa:89:43:67:3c:dd:bc:99:7a:72:01: 91:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:E3:AB:E9:FF:CF:AF:CC:B6:BB:AB:A4:72:F2:B8:87:47:0F:B4:24 X509v3 Authority Key Identifier: keyid:3D:13:C6:FB:9D:B2:2C:E1:34:70:63:25:35:7C:20:E1:DC:9A:12:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/3D13C6FB9DB22CE134706325357C20E1DC9A1269.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D13C6FB9DB22CE134706325357C20E1DC9A1269.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd1ee5e2-338c-4d20-807e-e50b75583db8/0/323030313a6466303a61383a3a2f34382d3438203d3e203436303532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:a8::/48 Signature Algorithm: sha256WithRSAEncryption 09:c1:e9:9d:aa:63:03:fa:99:b0:0d:c0:e9:35:f7:4d:25:a7: f5:a3:44:d5:a3:60:f6:65:df:12:4e:1e:89:b0:ff:ac:d5:66: cf:bf:74:23:bf:17:a4:52:8e:47:5e:4e:10:21:a0:eb:7b:3a: 11:08:ed:eb:32:cb:77:dd:d7:c9:cc:31:72:45:2a:c9:ec:63: b0:82:9a:6d:b2:f0:9d:99:a2:8c:0c:9f:ef:cc:23:d6:8f:82: ca:6b:63:d0:77:3b:0b:12:7b:fd:35:07:5f:81:2c:64:ac:ed: 40:66:fc:e7:37:cb:df:fe:f3:6d:25:43:f8:c0:c3:6d:83:ff: c1:7c:16:ce:85:87:8b:0b:1f:d1:cf:de:4d:8e:55:2e:f7:75: 79:45:48:36:6c:5d:a6:02:ef:02:86:aa:6d:1f:e9:23:1e:f0: a7:d0:e6:37:0e:90:16:ad:8a:d5:7a:bd:9e:25:e9:50:62:10: d7:d0:90:8d:12:59:16:7d:2f:1c:8c:b1:ec:5d:ea:48:6c:9c: cf:a5:4f:21:bf:ed:61:30:71:31:0c:ff:4e:ba:a0:d4:3d:e7: 11:2f:68:a9:62:e7:dc:e9:65:fe:5b:ba:99:31:86:b6:9b:a4: 7e:70:0d:77:ec:54:46:65:33:2e:62:77:ed:17:6e:c6:63:5b: ce:28:29:b0 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUG3OKEXvSY7k6tys85a9eBsaDsaIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFE QzlBMTI2OTAeFw0yNDA5MjYwNDU1MDBaFw0yNTA5MjUwNTAwMDBaMDMxMTAvBgNV BAMTKDc2RTNBQkU5RkZDRkFGQ0NCNkJCQUJBNDcyRjJCODg3NDcwRkI0MjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvu0slRB0aylRuYiPbMz//uvsP DTH82JvZDjVm6Zhn7GT6COnkmV8Xed9Qk65yFxBSPy2De3W/TvdSBC8Q+pn9cL+/ c2b6VPTuEA3Q9p1acrRKO5xU3EFk2L25ebubusXW0gQmYqJtQmXuGlvtRPRMCVeC WkZVh7yThItC9K7kw0GaUX6vpbjKpZ+9ZElpYK9zhQbQIwn1mrd4gT9dID/HRX6a zOCJa7IL6BQUoQuXRSVuu7o+b84E4dciZXXjf3QKhPF+aYDMiDRYbgHmuaabccXj xDviP+TP5APak+SLITn1p1KDfJJGc5u2gnbeJ9XlHEaqiUNnPN28mXpyAZE5AgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUduOr6f/Pr8y2u6ukcvK4h0cPtCQwHwYDVR0j BBgwFoAUPRPG+52yLOE0cGMlNXwg4dyaEmkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDFlZTVlMi0zMzhjLTRkMjAtODA3ZS1lNTBiNzU1ODNkYjgvMC8zRDEzQzZGQjlE QjIyQ0UxMzQ3MDYzMjUzNTdDMjBFMURDOUExMjY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0QxM0M2RkI5REIyMkNFMTM0NzA2MzI1MzU3QzIwRTFEQzlB MTI2OS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkMWVlNWUyLTMzOGMtNGQyMC04 MDdlLWU1MGI3NTU4M2RiOC8wLzMyMzAzMDMxM2E2NDY2MzAzYTYxMzgzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzNDM2MzAzNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN8ACoMA0G CSqGSIb3DQEBCwUAA4IBAQAJwemdqmMD+pmwDcDpNfdNJaf1o0TVo2D2Zd8STh6J sP+s1WbPv3QjvxekUo5HXk4QIaDrezoRCO3rMst33dfJzDFyRSrJ7GOwgpptsvCd maKMDJ/vzCPWj4LKa2PQdzsLEnv9NQdfgSxkrO1AZvznN8vf/vNtJUP4wMNtg//B fBbOhYeLCx/Rz95NjlUu93V5RUg2bF2mAu8ChqptH+kjHvCn0OY3DpAWrYrVer2e JelQYhDX0JCNElkWfS8cjLHsXepIbJzPpU8hv+1hMHExDP9OuqDUPecRL2ipYufc 6WX+W7qZMYa2m6R+cA137FRGZTMuYnftF27GY1vOKCmw -----END CERTIFICATE-----Generated at Wed Nov 20 21:31:15 2024 by rpki-client on console-ams.rpki-client.org