$ rpki-client -vvf repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/34332e3234302e3232352e302f32342d3234203d3e203633343933.roa File: 34332e3234302e3232352e302f32342d3234203d3e203633343933.roa (raw, json) Hash identifier: HGFInAh0mIwoPjQpqFiP9TOTN5TtMz6Lryz0/Y5JDGE= Subject key identifier: D7:94:A6:82:9B:4C:9C:AD:F9:CD:E1:60:F7:70:1A:8D:4F:6A:EB:D5 Certificate issuer: /CN=194F6EF659F1115C068AB59065D57F150E23F5B6 Certificate serial: 5AA4FD7F2345E358C96E7C6F0DFFA3F9261A4424 Authority key identifier: 19:4F:6E:F6:59:F1:11:5C:06:8A:B5:90:65:D5:7F:15:0E:23:F5:B6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/194F6EF659F1115C068AB59065D57F150E23F5B6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/34332e3234302e3232352e302f32342d3234203d3e203633343933.roa Signing time: Mon 20 Nov 2023 04:00:02 +0000 ROA not before: Mon 20 Nov 2023 03:55:02 +0000 ROA not after: Mon 18 Nov 2024 04:00:02 +0000 asID: 63493 IP address blocks: 43.240.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/194F6EF659F1115C068AB59065D57F150E23F5B6.crl rsync://repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/194F6EF659F1115C068AB59065D57F150E23F5B6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/194F6EF659F1115C068AB59065D57F150E23F5B6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Jun 2024 08:47:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:a4:fd:7f:23:45:e3:58:c9:6e:7c:6f:0d:ff:a3:f9:26:1a:44:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=194F6EF659F1115C068AB59065D57F150E23F5B6 Validity Not Before: Nov 20 03:55:02 2023 GMT Not After : Nov 18 04:00:02 2024 GMT Subject: CN=D794A6829B4C9CADF9CDE160F7701A8D4F6AEBD5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e7:c4:73:64:fe:06:0b:d7:80:fe:c1:32:1a: 17:55:9c:b2:cf:19:ce:c1:49:51:3e:29:20:29:3c: c4:ea:e0:fa:ca:90:e6:a4:98:93:9e:ef:17:44:ce: 70:56:c2:0e:97:66:08:9e:60:55:a8:81:ec:b3:84: a4:e6:57:99:93:5e:ab:03:95:2b:27:6f:97:8f:49: 1a:ff:b9:f4:35:17:48:cf:99:18:05:85:5f:01:93: 80:9b:d5:b2:60:d8:72:08:65:87:09:51:2c:67:40: 61:06:d8:c3:29:c9:eb:aa:45:c3:bd:fa:37:06:7b: 84:14:0e:87:3e:27:d9:83:37:f8:e3:fa:7e:1b:73: 39:5f:99:cb:15:a8:40:2f:0c:0c:33:e8:75:f1:fb: 74:d2:4a:c2:d7:e6:85:96:08:cf:56:fb:8a:24:24: ca:f5:56:dd:7a:2d:69:7f:fb:7a:07:4c:2a:7d:04: 41:a6:85:b5:07:41:10:4f:84:31:93:d5:23:08:22: 63:c8:6a:e9:38:c2:57:d0:ac:83:de:9a:45:1e:17: 09:35:b7:9e:b8:ba:36:69:d0:bd:18:c9:66:1b:5c: f5:4e:5b:0d:ac:8e:9d:8c:3e:d3:c5:51:73:cd:f1: c0:56:f7:8e:82:fc:de:4f:54:b6:de:d1:44:29:f2: 13:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:94:A6:82:9B:4C:9C:AD:F9:CD:E1:60:F7:70:1A:8D:4F:6A:EB:D5 X509v3 Authority Key Identifier: keyid:19:4F:6E:F6:59:F1:11:5C:06:8A:B5:90:65:D5:7F:15:0E:23:F5:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/194F6EF659F1115C068AB59065D57F150E23F5B6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/194F6EF659F1115C068AB59065D57F150E23F5B6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cfabec71-7ecb-4dbd-a421-99b9cd20903a/0/34332e3234302e3232352e302f32342d3234203d3e203633343933.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.225.0/24 Signature Algorithm: sha256WithRSAEncryption 8a:b4:84:89:0d:0e:77:59:84:1b:62:f8:dc:77:4d:8e:88:5c: 71:bb:21:eb:a5:70:46:b2:b1:de:ec:bf:6d:1a:13:c3:67:f9: 68:0a:09:52:6f:64:19:ae:29:95:4f:18:94:7f:c0:74:62:66: 2a:0e:b2:45:6b:ab:14:67:53:23:e8:41:34:3c:b3:15:4c:8b: 71:55:37:3c:7f:36:d9:67:0f:e6:3e:1d:ff:ae:ba:08:33:5b: ab:d9:e8:c0:3b:c7:99:f9:9c:d9:c7:20:6d:ad:4e:c9:39:bc: a9:e0:dc:0b:d8:24:1e:40:d2:58:e2:63:15:b8:fe:49:55:e4: 2d:32:1a:f5:6f:89:7b:e4:43:5f:18:30:4c:19:da:7d:f2:e5: dc:99:21:42:88:46:e9:b8:9b:93:66:08:f4:93:51:b8:7c:5d: ca:04:d6:59:ed:81:da:9d:47:65:24:df:cc:00:36:fc:61:f1: 7d:7c:bb:be:e9:01:88:71:62:7b:15:a2:60:88:e7:4b:4a:63: 99:23:b5:a7:2c:c4:d9:00:d4:c4:0b:ca:be:41:f9:5d:3c:ee: 2b:05:01:f2:a7:f6:7f:8e:63:08:5f:b7:f5:2a:f1:47:08:14: 47:7a:b2:55:e4:f1:b5:f6:ac:ff:c7:12:49:ed:f9:9f:26:93: 57:c6:16:e8 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUWqT9fyNF41jJbnxvDf+j+SYaRCQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTk0RjZFRjY1OUYxMTE1QzA2OEFCNTkwNjVENTdGMTUw RTIzRjVCNjAeFw0yMzExMjAwMzU1MDJaFw0yNDExMTgwNDAwMDJaMDMxMTAvBgNV BAMTKEQ3OTRBNjgyOUI0QzlDQURGOUNERTE2MEY3NzAxQThENEY2QUVCRDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL58RzZP4GC9eA/sEyGhdVnLLP Gc7BSVE+KSApPMTq4PrKkOakmJOe7xdEznBWwg6XZgieYFWogeyzhKTmV5mTXqsD lSsnb5ePSRr/ufQ1F0jPmRgFhV8Bk4Cb1bJg2HIIZYcJUSxnQGEG2MMpyeuqRcO9 +jcGe4QUDoc+J9mDN/jj+n4bczlfmcsVqEAvDAwz6HXx+3TSSsLX5oWWCM9W+4ok JMr1Vt16LWl/+3oHTCp9BEGmhbUHQRBPhDGT1SMIImPIauk4wlfQrIPemkUeFwk1 t564ujZp0L0YyWYbXPVOWw2sjp2MPtPFUXPN8cBW946C/N5PVLbe0UQp8hMdAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU15SmgptMnK35zeFg93AajU9q69UwHwYDVR0j BBgwFoAUGU9u9lnxEVwGirWQZdV/FQ4j9bYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZmFiZWM3MS03ZWNiLTRkYmQtYTQyMS05OWI5Y2QyMDkwM2EvMC8xOTRGNkVGNjU5 RjExMTVDMDY4QUI1OTA2NUQ1N0YxNTBFMjNGNUI2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTk0RjZFRjY1OUYxMTE1QzA2OEFCNTkwNjVENTdGMTUwRTIz RjVCNi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NmYWJlYzcxLTdlY2ItNGRiZC1h NDIxLTk5YjljZDIwOTAzYS8wLzM0MzMyZTMyMzQzMDJlMzIzMjM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzYzMzM0MzkzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACvw4TANBgkqhkiG 9w0BAQsFAAOCAQEAirSEiQ0Od1mEG2L43HdNjohccbsh66VwRrKx3uy/bRoTw2f5 aAoJUm9kGa4plU8YlH/AdGJmKg6yRWurFGdTI+hBNDyzFUyLcVU3PH822WcP5j4d /666CDNbq9nowDvHmfmc2ccgba1OyTm8qeDcC9gkHkDSWOJjFbj+SVXkLTIa9W+J e+RDXxgwTBnaffLl3JkhQohG6bibk2YI9JNRuHxdygTWWe2B2p1HZSTfzAA2/GHx fXy7vukBiHFiexWiYIjnS0pjmSO1pyzE2QDUxAvKvkH5XTzuKwUB8qf2f45jCF+3 9SrxRwgUR3qyVeTxtfas/8cSSe35nyaTV8YW6A== -----END CERTIFICATE-----Generated at Sun Jun 2 21:39:59 2024 by rpki-client on console-fra.rpki-client.org