$ rpki-client -vvf repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa File: 3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa (raw, json) Hash identifier: MNszZnIoAzv/XRj5b4YuvVQ+VmFmnsG7kA5nvphcOpw= Subject key identifier: 08:F4:EC:84:40:2F:90:CD:3E:C0:EE:46:22:B1:4E:58:3E:C9:26:11 Certificate issuer: /CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Certificate serial: 0C5B79FAD2584A1DA9C6F4E6DE47F262272E08CC Authority key identifier: F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa Signing time: Sun 01 Dec 2024 05:57:02 +0000 ROA not before: Sun 01 Dec 2024 05:52:02 +0000 ROA not after: Sun 30 Nov 2025 05:57:02 +0000 asID: 153071 IP address blocks: 160.25.114.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Apr 2025 19:02:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:5b:79:fa:d2:58:4a:1d:a9:c6:f4:e6:de:47:f2:62:27:2e:08:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Validity Not Before: Dec 1 05:52:02 2024 GMT Not After : Nov 30 05:57:02 2025 GMT Subject: CN=08F4EC84402F90CD3EC0EE4622B14E583EC92611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:2a:45:62:6d:ed:71:11:d7:b9:77:ff:79:cf: 33:72:09:17:8d:10:39:34:6e:75:6a:66:a6:7b:bd: bf:c3:33:1c:d6:1b:1d:02:94:48:07:4f:36:81:9e: 35:99:52:06:1b:f5:06:25:85:89:e9:0d:91:4b:a9: f4:d7:3d:5e:41:d0:af:f3:a9:e3:7f:0e:b0:6f:c2: b9:77:43:4f:03:af:0b:47:6b:6d:48:f8:9f:a0:68: 32:33:b6:da:b5:29:dc:34:be:ba:5c:f6:1a:0c:02: d3:1e:7b:75:37:b2:7a:6a:28:47:70:41:88:75:cc: 34:d5:aa:42:7c:f9:af:3f:3b:61:67:c2:89:bc:da: ca:7f:a8:f6:50:c0:fe:ab:cd:37:69:f1:fb:69:53: e0:fb:4e:ad:31:c0:d0:dd:43:9e:f6:32:c6:c1:12: 66:78:1f:01:15:f9:4f:2a:73:46:0c:5a:62:e7:09: 7f:e0:d1:62:34:21:df:7b:3b:45:c2:91:b2:54:0c: 66:79:cb:e6:6f:ef:a7:b8:7b:b8:3e:7c:cc:31:d9: 2b:af:d9:8a:d7:12:af:8c:a9:2d:f5:b4:0a:5e:72: ca:94:13:b2:f8:66:da:53:68:53:18:9b:af:56:d4: d3:97:21:0d:72:a3:bb:dc:66:8f:9c:e4:11:95:5e: f9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:F4:EC:84:40:2F:90:CD:3E:C0:EE:46:22:B1:4E:58:3E:C9:26:11 X509v3 Authority Key Identifier: keyid:F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.114.0/23 Signature Algorithm: sha256WithRSAEncryption 1e:22:d4:1d:6b:ab:67:f8:f7:92:b6:d2:c5:bd:87:6d:f4:e3: 18:79:a3:c8:78:2a:bf:5f:57:9d:27:e3:26:c9:79:b5:da:05: 1a:db:c3:28:1d:d9:c9:e8:a2:f3:9a:ac:21:fa:1b:e8:ab:99: c9:98:28:6f:07:21:fe:fc:53:8f:72:48:a9:f4:6d:18:25:e6: 70:4b:df:d2:71:b5:a4:62:c4:e7:8b:b3:95:b3:c1:ab:56:76: c1:ac:f6:9f:b7:3a:61:e7:b7:c9:3c:d0:a1:0b:d7:d6:8e:3e: 39:dd:e0:53:30:9b:7e:47:eb:42:63:19:67:be:3f:4a:3c:ea: ed:48:61:f7:b5:42:e3:06:ec:a3:9a:3f:af:ec:5b:d2:86:2b: a6:fe:d6:3d:eb:d9:cc:ae:42:0c:ab:b5:b7:91:31:c6:b2:3a: 92:66:f3:20:0b:82:42:76:5d:f0:2d:a2:17:96:2b:5f:66:d9: c1:47:0c:3e:df:b0:70:76:d7:8e:29:aa:99:63:00:3f:c9:6e: 4c:92:18:37:67:df:34:33:e5:f4:c3:4f:6f:50:5a:e4:3f:5d: b2:8d:be:29:d9:cf:c4:98:3d:60:0a:bb:c2:c5:1f:7d:b0:9e: bd:96:9b:62:34:aa:ec:a5:17:f1:05:dc:b6:5e:89:b3:b6:5f: 57:ac:29:81 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUDFt5+tJYSh2pxvTm3kfyYicuCMwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3 MzFCMzkwODAeFw0yNDEyMDEwNTUyMDJaFw0yNTExMzAwNTU3MDJaMDMxMTAvBgNV BAMTKDA4RjRFQzg0NDAyRjkwQ0QzRUMwRUU0NjIyQjE0RTU4M0VDOTI2MTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoKkVibe1xEde5d/95zzNyCReN EDk0bnVqZqZ7vb/DMxzWGx0ClEgHTzaBnjWZUgYb9QYlhYnpDZFLqfTXPV5B0K/z qeN/DrBvwrl3Q08DrwtHa21I+J+gaDIzttq1Kdw0vrpc9hoMAtMee3U3snpqKEdw QYh1zDTVqkJ8+a8/O2Fnwom82sp/qPZQwP6rzTdp8ftpU+D7Tq0xwNDdQ572MsbB EmZ4HwEV+U8qc0YMWmLnCX/g0WI0Id97O0XCkbJUDGZ5y+Zv76e4e7g+fMwx2Suv 2YrXEq+MqS31tApecsqUE7L4ZtpTaFMYm69W1NOXIQ1yo7vcZo+c5BGVXvlFAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUCPTshEAvkM0+wO5GIrFOWD7JJhEwHwYDVR0j BBgwFoAU+RtQub00SBt67TNB7L5nsXMbOQgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j Njc4NjBlMy02YWQ4LTQ3YTUtOTRjMC05M2ZmZDI0NzI4NjUvMC9GOTFCNTBCOUJE MzQ0ODFCN0FFRDMzNDFFQ0JFNjdCMTczMUIzOTA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3MzFC MzkwOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2Nzg2MGUzLTZhZDgtNDdhNS05 NGMwLTkzZmZkMjQ3Mjg2NS8wLzMxMzYzMDJlMzIzNTJlMzEzMTM0MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoBlyMA0GCSqG SIb3DQEBCwUAA4IBAQAeItQda6tn+PeSttLFvYdt9OMYeaPIeCq/X1edJ+MmyXm1 2gUa28MoHdnJ6KLzmqwh+hvoq5nJmChvByH+/FOPckip9G0YJeZwS9/ScbWkYsTn i7OVs8GrVnbBrPaftzph57fJPNChC9fWjj453eBTMJt+R+tCYxlnvj9KPOrtSGH3 tULjBuyjmj+v7FvShium/tY969nMrkIMq7W3kTHGsjqSZvMgC4JCdl3wLaIXlitf ZtnBRww+37BwdteOKaqZYwA/yW5Mkhg3Z980M+X0w09vUFrkP12yjb4p2c/EmD1g CrvCxR99sJ69lptiNKrspRfxBdy2Xomztl9XrCmB -----END CERTIFICATE-----Generated at Thu Apr 17 23:58:49 2025 by rpki-client