$ rpki-client -vvf repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39302e302f32342d3234203d3e20313532303836.roa File: 3135372e31302e39302e302f32342d3234203d3e20313532303836.roa (raw, json) Hash identifier: G+zk6B4j6LBv4VXf/ZrduIBLIatUxzNWyMHjZfotW/M= Subject key identifier: 48:77:ED:98:B7:4D:FC:A0:6A:3B:90:7C:25:53:80:8A:4E:91:C8:D9 Certificate issuer: /CN=5EC928AFD73AFC70F10C468E21482031920DF521 Certificate serial: 7B1D1271CACF388B866667D6E4CE79451B1371CB Authority key identifier: 5E:C9:28:AF:D7:3A:FC:70:F1:0C:46:8E:21:48:20:31:92:0D:F5:21 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5EC928AFD73AFC70F10C468E21482031920DF521.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39302e302f32342d3234203d3e20313532303836.roa Signing time: Sun 19 Jan 2025 16:00:36 +0000 ROA not before: Sun 19 Jan 2025 15:55:36 +0000 ROA not after: Sun 18 Jan 2026 16:00:36 +0000 asID: 152086 IP address blocks: 157.10.90.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/5EC928AFD73AFC70F10C468E21482031920DF521.crl rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/5EC928AFD73AFC70F10C468E21482031920DF521.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5EC928AFD73AFC70F10C468E21482031920DF521.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 03:08:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:1d:12:71:ca:cf:38:8b:86:66:67:d6:e4:ce:79:45:1b:13:71:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5EC928AFD73AFC70F10C468E21482031920DF521 Validity Not Before: Jan 19 15:55:36 2025 GMT Not After : Jan 18 16:00:36 2026 GMT Subject: CN=4877ED98B74DFCA06A3B907C2553808A4E91C8D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c8:49:42:9b:1d:bf:97:a8:04:2b:ca:c1:07: 51:e2:8e:9a:66:3b:bd:dd:82:2d:00:27:88:a2:13: 7e:ff:b6:9c:00:e0:87:48:42:e3:60:09:b8:a2:77: 1f:ee:a4:21:2f:89:51:2c:c6:0a:4b:65:9e:a5:62: 92:70:64:05:39:37:4b:52:f7:c6:92:12:c1:bc:f8: 53:c8:1e:85:35:3a:69:a7:67:e4:cf:d0:97:2b:2c: 5e:c5:08:70:1a:53:b5:07:f9:f0:2b:45:0b:ad:40: 54:72:9b:d0:f6:9e:66:19:bb:78:b1:d7:d7:fd:f0: b7:8e:92:e1:3a:26:5d:83:3a:17:dd:d3:34:dd:2b: 2a:69:5c:49:69:c3:a6:1a:a4:4d:07:90:44:36:b3: c9:ed:d3:b0:ad:3b:6c:0d:39:bd:81:fa:2f:ac:df: 8e:ca:ce:fc:f7:cc:0f:45:ce:f2:94:e4:c7:37:15: 03:1f:17:a9:50:17:2a:e9:36:03:4a:64:fa:f7:ea: c7:3d:1e:1c:10:1c:c2:13:e1:f3:0c:03:47:0c:fc: d8:f8:8f:61:cb:3a:08:73:74:6c:b6:ef:f8:a7:17: 70:09:7a:69:6c:b0:95:83:dc:a0:8e:bb:f6:bb:2e: b4:f4:42:f8:4b:1a:41:06:5b:48:0c:f8:ba:d5:7e: 14:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:77:ED:98:B7:4D:FC:A0:6A:3B:90:7C:25:53:80:8A:4E:91:C8:D9 X509v3 Authority Key Identifier: keyid:5E:C9:28:AF:D7:3A:FC:70:F1:0C:46:8E:21:48:20:31:92:0D:F5:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/5EC928AFD73AFC70F10C468E21482031920DF521.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5EC928AFD73AFC70F10C468E21482031920DF521.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ecf3f8c8-0406-4b38-a7a8-dcb15e41f2b7/0/3135372e31302e39302e302f32342d3234203d3e20313532303836.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.90.0/24 Signature Algorithm: sha256WithRSAEncryption 59:66:5a:1a:82:49:39:2f:8b:9f:f8:9d:ad:bd:59:16:6f:c9: 51:29:0b:c2:77:12:9a:dd:d2:70:4f:d8:54:de:39:42:57:ba: da:cc:77:ca:ad:63:3e:0b:7f:7e:87:d9:9b:0b:c7:6b:dd:e6: 70:b5:85:fd:cd:4b:32:38:0f:b1:4e:89:8b:68:ad:7b:73:7a: 37:d0:b0:99:d5:b4:91:a8:2f:db:5c:4d:26:d0:b0:22:33:6e: 53:0e:1f:2b:35:9f:40:60:87:03:d3:7f:0f:92:ae:95:af:a1: 90:25:2c:79:36:ab:0e:a5:e3:9d:99:fc:2e:40:6c:46:b5:f9: a8:76:d3:88:e6:1f:f6:7f:e2:78:e5:f9:99:1d:20:fd:29:15: 86:f3:b7:78:c4:79:08:ea:f9:7b:1b:58:99:07:55:16:42:e4: 05:37:94:e0:cb:98:e4:e2:bd:79:ff:60:c1:be:c7:1a:ec:05: 72:33:47:fe:ae:62:d6:3d:7e:16:4a:30:46:24:1b:b5:3c:f1: 19:c2:83:4a:d9:4f:8e:33:30:b8:e0:84:ed:9b:49:4b:6f:4a: 00:52:39:c4:bf:0b:33:2b:a1:75:83:d2:ff:ed:9f:18:44:40: c9:67:f3:8d:21:8e:c3:08:26:4e:c4:1d:6b:2e:f0:45:23:c6: 3e:af:01:8f -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUex0SccrPOIuGZmfW5M55RRsTccswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUVDOTI4QUZENzNBRkM3MEYxMEM0NjhFMjE0ODIwMzE5 MjBERjUyMTAeFw0yNTAxMTkxNTU1MzZaFw0yNjAxMTgxNjAwMzZaMDMxMTAvBgNV BAMTKDQ4NzdFRDk4Qjc0REZDQTA2QTNCOTA3QzI1NTM4MDhBNEU5MUM4RDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsyElCmx2/l6gEK8rBB1Hijppm O73dgi0AJ4iiE37/tpwA4IdIQuNgCbiidx/upCEviVEsxgpLZZ6lYpJwZAU5N0tS 98aSEsG8+FPIHoU1OmmnZ+TP0JcrLF7FCHAaU7UH+fArRQutQFRym9D2nmYZu3ix 19f98LeOkuE6Jl2DOhfd0zTdKyppXElpw6YapE0HkEQ2s8nt07CtO2wNOb2B+i+s 347Kzvz3zA9FzvKU5Mc3FQMfF6lQFyrpNgNKZPr36sc9HhwQHMIT4fMMA0cM/Nj4 j2HLOghzdGy27/inF3AJemlssJWD3KCOu/a7LrT0QvhLGkEGW0gM+LrVfhQbAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUSHftmLdN/KBqO5B8JVOAik6RyNkwHwYDVR0j BBgwFoAUXskor9c6/HDxDEaOIUggMZIN9SEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l Y2YzZjhjOC0wNDA2LTRiMzgtYTdhOC1kY2IxNWU0MWYyYjcvMC81RUM5MjhBRkQ3 M0FGQzcwRjEwQzQ2OEUyMTQ4MjAzMTkyMERGNTIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNUVDOTI4QUZENzNBRkM3MEYxMEM0NjhFMjE0ODIwMzE5MjBE RjUyMS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VjZjNmOGM4LTA0MDYtNGIzOC1h N2E4LWRjYjE1ZTQxZjJiNy8wLzMxMzUzNzJlMzEzMDJlMzkzMDJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0KWjANBgkqhkiG 9w0BAQsFAAOCAQEAWWZaGoJJOS+Ln/idrb1ZFm/JUSkLwncSmt3ScE/YVN45Qle6 2sx3yq1jPgt/fofZmwvHa93mcLWF/c1LMjgPsU6Ji2ite3N6N9CwmdW0kagv21xN JtCwIjNuUw4fKzWfQGCHA9N/D5Kula+hkCUseTarDqXjnZn8LkBsRrX5qHbTiOYf 9n/ieOX5mR0g/SkVhvO3eMR5COr5extYmQdVFkLkBTeU4MuY5OK9ef9gwb7HGuwF cjNH/q5i1j1+FkowRiQbtTzxGcKDStlPjjMwuOCE7ZtJS29KAFI5xL8LMyuhdYPS /+2fGERAyWfzjSGOwwgmTsQday7wRSPGPq8Bjw== -----END CERTIFICATE-----Generated at Sun Apr 6 19:05:09 2025 by rpki-client