$ rpki-client -vvf repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa File: 3135372e36362e3132322e302f32342d3234203d3e203633383538.roa (raw, json) Hash identifier: 4USC1AQzGKvJLoaILHyi8/vcN8nVPul2782sFf1fdxE= Subject key identifier: 96:D9:19:95:6C:6F:AB:A5:AC:52:CD:AD:6B:CC:58:E7:CF:56:48:25 Certificate issuer: /CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Certificate serial: 5BE062249259E8AB5B4DCD44B86540A77072948D Authority key identifier: 5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa Signing time: Wed 23 Apr 2025 13:00:00 +0000 ROA not before: Wed 23 Apr 2025 12:55:00 +0000 ROA not after: Wed 22 Apr 2026 13:00:00 +0000 asID: 63858 IP address blocks: 157.66.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 18:12:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:e0:62:24:92:59:e8:ab:5b:4d:cd:44:b8:65:40:a7:70:72:94:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Validity Not Before: Apr 23 12:55:00 2025 GMT Not After : Apr 22 13:00:00 2026 GMT Subject: CN=96D919956C6FABA5AC52CDAD6BCC58E7CF564825 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:db:48:f3:d4:a1:67:9b:43:53:9f:16:50:4c: 4a:91:d7:0c:27:90:d1:82:02:37:66:99:47:34:cc: 62:e2:45:8c:ed:2b:8b:30:80:8f:73:2f:62:00:66: 30:6c:55:cc:94:e2:ae:5d:7b:22:7b:f6:c7:db:ad: cd:06:8d:a3:22:b7:bb:5f:8f:97:02:47:9e:c2:45: 02:44:63:7c:9d:98:0d:47:b2:a1:64:f2:f8:13:8a: c8:ad:b8:47:55:a1:76:bb:da:8a:48:bc:fe:d7:74: da:4e:d8:8e:6a:b5:f7:50:9a:ba:09:62:6a:20:fb: 79:93:92:f2:94:72:e5:39:7c:f6:cb:5d:28:5c:95: 55:1c:77:e4:81:59:01:b1:f8:3f:b1:99:82:6e:22: 84:d9:73:32:18:16:f1:02:99:b3:59:0e:9f:43:05: aa:49:29:22:e0:4b:b5:35:47:e4:5f:37:13:3e:01: 34:49:90:1a:a2:50:93:4b:39:f4:7e:47:d3:73:3a: 9b:b2:50:07:06:3a:b5:3d:6a:9a:2a:b6:ed:2a:6a: c5:a4:d6:c4:0c:ea:5c:23:19:65:c5:b7:78:4c:b2: 97:52:f3:93:da:61:a3:97:7d:19:fe:7f:80:97:f6: fc:10:cf:0b:29:33:86:b0:97:24:61:4a:75:75:e4: 9d:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:D9:19:95:6C:6F:AB:A5:AC:52:CD:AD:6B:CC:58:E7:CF:56:48:25 X509v3 Authority Key Identifier: keyid:5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.122.0/24 Signature Algorithm: sha256WithRSAEncryption b4:62:cc:bf:7a:ad:95:08:42:af:75:1a:89:e3:18:e4:8a:04: 11:43:a8:7a:1a:55:ea:3d:b8:48:8c:8e:b0:2d:53:af:5a:e6: 11:e7:89:fb:c6:5c:fb:d3:c5:15:d1:a7:86:9c:6e:bc:59:d6: 6f:87:a4:02:52:cb:c7:04:83:df:03:63:aa:e1:52:be:53:b1: 02:8f:09:00:d7:84:53:17:60:87:59:a9:53:20:24:b5:66:ed: bc:bc:0f:c7:ce:b4:42:fc:af:0e:c6:d7:18:ac:ac:82:32:ea: 3e:48:60:5e:e0:90:56:57:27:f6:a4:c6:74:a2:07:2a:57:ab: 0a:29:33:1f:7d:9d:b1:00:ec:7f:e1:ce:3a:5a:83:8b:56:77: a4:ad:d4:16:10:5b:05:b7:fd:47:7a:b4:7e:e8:dd:63:76:62: a3:3d:77:21:16:a4:b5:eb:16:03:ac:93:d7:b4:c9:24:0f:1f: 2c:d0:20:e6:dc:b0:16:1d:97:51:fa:e2:60:02:2d:36:31:21: bd:b4:f2:30:19:b8:48:39:4f:46:4c:6b:8c:81:d2:e6:1e:9c: f6:d1:77:1c:08:90:93:8c:a1:c6:89:76:29:01:ca:28:b0:db: 97:21:cf:3a:69:9f:23:62:ec:e3:a3:57:cd:71:17:ee:a7:07: 82:c5:b1:f9 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUW+BiJJJZ6KtbTc1EuGVAp3BylI0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RE NEE5ODRFQjAeFw0yNTA0MjMxMjU1MDBaFw0yNjA0MjIxMzAwMDBaMDMxMTAvBgNV BAMTKDk2RDkxOTk1NkM2RkFCQTVBQzUyQ0RBRDZCQ0M1OEU3Q0Y1NjQ4MjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+20jz1KFnm0NTnxZQTEqR1wwn kNGCAjdmmUc0zGLiRYztK4swgI9zL2IAZjBsVcyU4q5deyJ79sfbrc0GjaMit7tf j5cCR57CRQJEY3ydmA1HsqFk8vgTisituEdVoXa72opIvP7XdNpO2I5qtfdQmroJ Ymog+3mTkvKUcuU5fPbLXShclVUcd+SBWQGx+D+xmYJuIoTZczIYFvECmbNZDp9D BapJKSLgS7U1R+RfNxM+ATRJkBqiUJNLOfR+R9NzOpuyUAcGOrU9apoqtu0qasWk 1sQM6lwjGWXFt3hMspdS85PaYaOXfRn+f4CX9vwQzwspM4awlyRhSnV15J05AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUltkZlWxvq6WsUs2ta8xY589WSCUwHwYDVR0j BBgwFoAUWo1N7F/Cm+biSQRi9YCQPdSphOswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZWNmNWQ5NC03ZjFmLTQzYmYtYjdhYS0yMjBmMGMxNTZlYzAvMC81QThENERFQzVG QzI5QkU2RTI0OTA0NjJGNTgwOTAzREQ0QTk4NEVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RENEE5 ODRFQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NlY2Y1ZDk0LTdmMWYtNDNiZi1i N2FhLTIyMGYwYzE1NmVjMC8wLzMxMzUzNzJlMzYzNjJlMzEzMjMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzYzMzM4MzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ1CejANBgkqhkiG 9w0BAQsFAAOCAQEAtGLMv3qtlQhCr3UaieMY5IoEEUOoehpV6j24SIyOsC1Tr1rm EeeJ+8Zc+9PFFdGnhpxuvFnWb4ekAlLLxwSD3wNjquFSvlOxAo8JANeEUxdgh1mp UyAktWbtvLwPx860QvyvDsbXGKysgjLqPkhgXuCQVlcn9qTGdKIHKlerCikzH32d sQDsf+HOOlqDi1Z3pK3UFhBbBbf9R3q0fujdY3Zioz13IRaktesWA6yT17TJJA8f LNAg5tywFh2XUfriYAItNjEhvbTyMBm4SDlPRkxrjIHS5h6c9tF3HAiQk4yhxol2 KQHKKLDblyHPOmmfI2Ls46NXzXEX7qcHgsWx+Q== -----END CERTIFICATE-----Generated at Sat Jun 7 15:35:08 2025 by rpki-client