$ rpki-client -vvf repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa File: 3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa (raw, json) Hash identifier: wbDj2qVwWojdiwUQq1leoVbmSXtniu4/S6z44a48QLw= Subject key identifier: 93:25:F5:23:EF:86:94:4F:3F:87:62:F8:79:86:96:B9:84:00:98:5C Certificate issuer: /CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Certificate serial: 2519348069C5C041D28A10F6D20117DD99D0DF80 Authority key identifier: D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject info access: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa Signing time: Sun 01 Dec 2024 23:57:28 +0000 ROA not before: Sun 01 Dec 2024 23:52:28 +0000 ROA not after: Sun 30 Nov 2025 23:57:28 +0000 asID: 142365 IP address blocks: 103.170.186.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 12:43:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:19:34:80:69:c5:c0:41:d2:8a:10:f6:d2:01:17:dd:99:d0:df:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D4DD8244BC2EB2B187B4181226714505DF8F4452 Validity Not Before: Dec 1 23:52:28 2024 GMT Not After : Nov 30 23:57:28 2025 GMT Subject: CN=9325F523EF86944F3F8762F8798696B98400985C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:89:45:6f:be:0a:4c:62:24:ef:73:1e:51:17: e0:8f:1d:cc:d4:0f:12:1d:49:b4:35:48:43:4d:6e: 2d:6a:d3:1d:c6:44:d1:80:40:14:04:ba:8e:77:8e: 13:2f:c4:8d:6c:ba:97:4e:7a:13:d0:58:e1:0f:70: b6:b0:7c:65:c4:ac:ef:40:af:3d:aa:5b:e6:d6:9e: f9:47:34:21:49:10:27:34:5f:02:e8:16:4c:ac:1c: 12:be:e1:23:f1:ff:2e:a8:6b:26:5e:54:46:8e:45: 73:bd:f2:f6:53:6d:f7:b2:70:fd:dd:d4:1b:74:50: e8:24:15:1b:3d:11:d2:15:89:dd:ea:55:61:4a:a9: 17:41:b8:a8:e5:53:ed:63:3c:fe:a5:65:fa:90:86: b8:9b:b1:9f:57:38:70:29:61:d6:c9:b1:7f:01:cc: 9f:da:93:43:fe:37:c8:0f:ca:6c:2d:75:9c:5e:13: eb:f0:5e:f1:f2:02:aa:9f:4c:b6:27:60:75:9c:33: ca:6d:dc:62:05:9a:87:0a:29:97:3e:b3:2a:69:7f: 3a:02:d2:54:f0:c5:77:b2:c2:5d:c9:4f:d1:76:7c: 2a:15:3d:a9:bd:2d:dd:0d:d6:34:f1:e4:55:21:ef: 90:95:14:d8:3b:92:90:b8:d4:c3:6f:12:04:d9:0b: ba:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:25:F5:23:EF:86:94:4F:3F:87:62:F8:79:86:96:B9:84:00:98:5C X509v3 Authority Key Identifier: keyid:D4:DD:82:44:BC:2E:B2:B1:87:B4:18:12:26:71:45:05:DF:8F:44:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/D4DD8244BC2EB2B187B4181226714505DF8F4452.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D4DD8244BC2EB2B187B4181226714505DF8F4452.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/eaf0f423-3bed-4938-9f89-15e6269bddca/0/3130332e3137302e3138362e302f32332d3234203d3e20313432333635.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.170.186.0/23 Signature Algorithm: sha256WithRSAEncryption 8b:90:28:f1:ff:b1:f6:c2:e4:5e:94:d3:6f:e6:63:89:11:74: 1a:9a:d5:15:1f:b9:de:b0:03:f6:b1:52:6f:2a:42:bb:61:e6: ef:c5:ee:d3:cf:46:fd:b6:ba:5a:47:b8:5a:7f:a6:9c:15:90: 11:45:4a:f7:7a:24:8e:1f:90:3b:cd:93:26:cd:ac:60:1b:97: 1f:fa:0e:3e:80:19:4c:54:33:f4:51:b6:90:c4:6a:fd:a1:b1: d8:a6:90:9a:39:a8:af:ed:db:fe:a4:0d:e9:b0:0d:11:ff:f3: e3:6b:10:07:18:ae:8c:b5:98:36:b2:e1:3f:bf:5f:14:ce:2e: ec:e7:4c:39:2a:5d:1a:05:2b:03:3b:fe:e5:1a:c8:d0:62:08: d2:d2:34:99:7f:c2:de:fa:00:d7:e0:28:43:a6:b9:76:55:35: 14:36:c8:1e:7e:c5:bc:e0:94:00:94:7d:2f:4e:e4:46:b4:7c: e2:41:63:85:02:f6:c1:92:cb:31:cb:94:20:a1:70:e3:e1:3e: 4b:7e:e7:4d:88:cc:d4:e3:db:c0:7d:fb:51:d5:67:a4:08:9d: a1:a7:d3:ba:5b:6b:bb:b3:f0:8b:62:c0:20:66:b1:b5:2a:e9: d5:6a:47:f5:dc:4c:db:31:c3:58:12:85:64:5a:ca:78:b7:27: 7e:eb:4c:ec -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUJRk0gGnFwEHSihD20gEX3ZnQ34AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVE RjhGNDQ1MjAeFw0yNDEyMDEyMzUyMjhaFw0yNTExMzAyMzU3MjhaMDMxMTAvBgNV BAMTKDkzMjVGNTIzRUY4Njk0NEYzRjg3NjJGODc5ODY5NkI5ODQwMDk4NUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDliUVvvgpMYiTvcx5RF+CPHczU DxIdSbQ1SENNbi1q0x3GRNGAQBQEuo53jhMvxI1supdOehPQWOEPcLawfGXErO9A rz2qW+bWnvlHNCFJECc0XwLoFkysHBK+4SPx/y6oayZeVEaORXO98vZTbfeycP3d 1Bt0UOgkFRs9EdIVid3qVWFKqRdBuKjlU+1jPP6lZfqQhribsZ9XOHApYdbJsX8B zJ/ak0P+N8gPymwtdZxeE+vwXvHyAqqfTLYnYHWcM8pt3GIFmocKKZc+syppfzoC 0lTwxXeywl3JT9F2fCoVPam9Ld0N1jTx5FUh75CVFNg7kpC41MNvEgTZC7qzAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUkyX1I++GlE8/h2L4eYaWuYQAmFwwHwYDVR0j BBgwFoAU1N2CRLwusrGHtBgSJnFFBd+PRFIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l YWYwZjQyMy0zYmVkLTQ5MzgtOWY4OS0xNWU2MjY5YmRkY2EvMC9ENEREODI0NEJD MkVCMkIxODdCNDE4MTIyNjcxNDUwNURGOEY0NDUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDRERDgyNDRCQzJFQjJCMTg3QjQxODEyMjY3MTQ1MDVERjhG NDQ1Mi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VhZjBmNDIzLTNiZWQtNDkzOC05 Zjg5LTE1ZTYyNjliZGRjYS8wLzMxMzAzMzJlMzEzNzMwMmUzMTM4MzYyZTMwMmYz MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzIzMzM2MzUucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnqrowDQYJ KoZIhvcNAQELBQADggEBAIuQKPH/sfbC5F6U02/mY4kRdBqa1RUfud6wA/axUm8q Qrth5u/F7tPPRv22ulpHuFp/ppwVkBFFSvd6JI4fkDvNkybNrGAblx/6Dj6AGUxU M/RRtpDEav2hsdimkJo5qK/t2/6kDemwDRH/8+NrEAcYroy1mDay4T+/XxTOLuzn TDkqXRoFKwM7/uUayNBiCNLSNJl/wt76ANfgKEOmuXZVNRQ2yB5+xbzglACUfS9O 5Ea0fOJBY4UC9sGSyzHLlCChcOPhPkt+502IzNTj28B9+1HVZ6QInaGn07pba7uz 8ItiwCBmsbUq6dVqR/XcTNsxw1gShWRayni3J37rTOw= -----END CERTIFICATE-----Generated at Fri Feb 21 10:58:31 2025 by rpki-client