$ rpki-client -vvf repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/3136302e32352e3135372e302f32342d3234203d3e20313533303835.roa File: 3136302e32352e3135372e302f32342d3234203d3e20313533303835.roa (raw, json) Hash identifier: Ga+yghCCzynYQRLXxC8Ud9CUE2ETMSKZ2vuWiIruJEs= Subject key identifier: B9:95:89:C6:11:9A:70:0D:3E:E8:CD:AB:AD:13:CF:90:FA:4B:F3:05 Certificate issuer: /CN=ACFB1A5D9938A64B3B54A832D5B79C032486A759 Certificate serial: 1D2848827805C5E1A3DF638C3AB98CB79FBB0A37 Authority key identifier: AC:FB:1A:5D:99:38:A6:4B:3B:54:A8:32:D5:B7:9C:03:24:86:A7:59 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/ACFB1A5D9938A64B3B54A832D5B79C032486A759.cer Subject info access: rsync://repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/3136302e32352e3135372e302f32342d3234203d3e20313533303835.roa Signing time: Mon 12 Aug 2024 13:46:51 +0000 ROA not before: Mon 12 Aug 2024 13:41:51 +0000 ROA not after: Mon 11 Aug 2025 13:46:51 +0000 asID: 153085 IP address blocks: 160.25.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/ACFB1A5D9938A64B3B54A832D5B79C032486A759.crl rsync://repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/ACFB1A5D9938A64B3B54A832D5B79C032486A759.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/ACFB1A5D9938A64B3B54A832D5B79C032486A759.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:28:48:82:78:05:c5:e1:a3:df:63:8c:3a:b9:8c:b7:9f:bb:0a:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ACFB1A5D9938A64B3B54A832D5B79C032486A759 Validity Not Before: Aug 12 13:41:51 2024 GMT Not After : Aug 11 13:46:51 2025 GMT Subject: CN=B99589C6119A700D3EE8CDABAD13CF90FA4BF305 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:73:2a:38:d9:be:3b:4a:9b:cd:4a:1b:b9:64: 8d:4a:30:5e:0a:d0:cf:af:41:a4:b7:10:fb:fa:02: 82:8a:8f:96:e1:b2:c1:42:5d:77:af:33:ac:36:7e: 25:ad:d4:3f:58:85:89:79:47:ea:f6:f2:28:e0:7a: ce:55:f1:4e:0d:55:ae:db:d9:56:c6:9b:28:ec:e9: 8e:2a:14:45:f8:cb:3f:01:6b:40:7f:0e:00:2d:3d: 74:81:31:49:9c:82:3f:20:09:aa:9d:21:e0:c2:16: 88:82:84:67:67:17:ca:e9:16:76:f7:3a:00:43:54: 7b:ee:66:80:4d:ce:67:b7:20:5c:f4:fd:54:09:9f: 59:20:2e:de:ac:5a:8e:4c:e8:ea:c6:9d:50:59:fb: a4:76:ca:a2:c8:61:98:43:34:e3:bb:9d:12:ec:e3: 7a:fe:d9:da:23:00:2c:95:f8:7f:55:34:06:b3:d3: c5:09:01:bb:6f:74:a5:b8:43:75:f4:d5:9a:66:5d: ae:f0:76:03:5a:29:d9:f7:1b:2d:fa:16:7c:a4:58: 75:58:c2:40:1f:6b:d3:01:9c:a4:4c:89:c2:7d:29: ca:69:a2:f4:c2:6c:c4:91:ef:b2:7e:18:04:9f:47: eb:c5:72:ee:d8:10:d5:29:90:4c:ee:b2:30:7f:80: ce:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:95:89:C6:11:9A:70:0D:3E:E8:CD:AB:AD:13:CF:90:FA:4B:F3:05 X509v3 Authority Key Identifier: keyid:AC:FB:1A:5D:99:38:A6:4B:3B:54:A8:32:D5:B7:9C:03:24:86:A7:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/ACFB1A5D9938A64B3B54A832D5B79C032486A759.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/ACFB1A5D9938A64B3B54A832D5B79C032486A759.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/be954f42-9452-4247-99a5-31a53e56a9f8/0/3136302e32352e3135372e302f32342d3234203d3e20313533303835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.157.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:92:0b:a3:7c:2e:91:d0:26:21:db:cc:25:6f:29:1a:c7:d7: 46:e2:d4:75:d7:b3:43:ea:14:96:7d:b1:be:b7:d4:95:1f:60: 79:c6:80:b9:5b:59:38:6e:fc:6d:32:aa:b2:bf:99:44:5c:90: 5f:f6:71:c6:2e:53:1e:27:d3:cb:7d:93:f7:dc:96:a6:78:c0: a9:4e:a3:a5:37:1c:1b:eb:fd:04:a0:1b:59:eb:5a:6a:d8:b6: 68:31:69:7f:f4:4f:22:88:df:ea:2e:58:d9:23:33:87:b3:32: b4:fe:59:3b:ef:cc:a3:9e:ef:07:0d:58:ab:72:3f:31:9e:a2: 0e:b6:ef:3f:78:8d:84:12:71:5a:32:50:45:a2:78:a6:b2:96: 47:bb:4d:a6:13:62:b9:a2:b9:27:cc:c5:fd:81:d7:20:3b:29: 2c:dc:b6:ea:13:c6:c5:d6:bb:12:6a:e3:fb:63:07:25:c7:15: 08:3f:2c:f4:91:c8:cf:91:a4:ab:9b:c0:a8:2a:72:d9:52:0f: 55:60:ce:c5:7e:4d:5d:e2:ef:ed:fb:3b:0d:21:a4:8e:8d:8a: 81:d3:45:be:f9:12:b7:d9:e1:9a:bb:a4:24:b3:e2:f9:9d:d4: 17:76:91:a1:bb:4d:cb:96:2f:cb:96:9b:d5:51:84:a2:cd:a7: e9:34:bd:29 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUHShIgngFxeGj32OMOrmMt5+7CjcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUNGQjFBNUQ5OTM4QTY0QjNCNTRBODMyRDVCNzlDMDMy NDg2QTc1OTAeFw0yNDA4MTIxMzQxNTFaFw0yNTA4MTExMzQ2NTFaMDMxMTAvBgNV BAMTKEI5OTU4OUM2MTE5QTcwMEQzRUU4Q0RBQkFEMTNDRjkwRkE0QkYzMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAcyo42b47SpvNShu5ZI1KMF4K 0M+vQaS3EPv6AoKKj5bhssFCXXevM6w2fiWt1D9YhYl5R+r28ijges5V8U4NVa7b 2VbGmyjs6Y4qFEX4yz8Ba0B/DgAtPXSBMUmcgj8gCaqdIeDCFoiChGdnF8rpFnb3 OgBDVHvuZoBNzme3IFz0/VQJn1kgLt6sWo5M6OrGnVBZ+6R2yqLIYZhDNOO7nRLs 43r+2dojACyV+H9VNAaz08UJAbtvdKW4Q3X01ZpmXa7wdgNaKdn3Gy36FnykWHVY wkAfa9MBnKRMicJ9KcppovTCbMSR77J+GASfR+vFcu7YENUpkEzusjB/gM5RAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUuZWJxhGacA0+6M2rrRPPkPpL8wUwHwYDVR0j BBgwFoAUrPsaXZk4pks7VKgy1becAySGp1kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZTk1NGY0Mi05NDUyLTQyNDctOTlhNS0zMWE1M2U1NmE5ZjgvMC9BQ0ZCMUE1RDk5 MzhBNjRCM0I1NEE4MzJENUI3OUMwMzI0ODZBNzU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUNGQjFBNUQ5OTM4QTY0QjNCNTRBODMyRDVCNzlDMDMyNDg2 QTc1OS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JlOTU0ZjQyLTk0NTItNDI0Ny05 OWE1LTMxYTUzZTU2YTlmOC8wLzMxMzYzMDJlMzIzNTJlMzEzNTM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBmdMA0GCSqG SIb3DQEBCwUAA4IBAQA6kgujfC6R0CYh28wlbykax9dG4tR117ND6hSWfbG+t9SV H2B5xoC5W1k4bvxtMqqyv5lEXJBf9nHGLlMeJ9PLfZP33JameMCpTqOlNxwb6/0E oBtZ61pq2LZoMWl/9E8iiN/qLljZIzOHszK0/lk778yjnu8HDVircj8xnqIOtu8/ eI2EEnFaMlBFonimspZHu02mE2K5orknzMX9gdcgOyks3LbqE8bF1rsSauP7Ywcl xxUIPyz0kcjPkaSrm8CoKnLZUg9VYM7Ffk1d4u/t+zsNIaSOjYqB00W++RK32eGa u6Qks+L5ndQXdpGhu03Lli/LlpvVUYSizafpNL0p -----END CERTIFICATE-----Generated at Thu Nov 21 19:10:54 2024 by rpki-client on console-fra.rpki-client.org