$ rpki-client -vvf repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/3230322e38372e3234382e302f32312d3234203d3e203234323031.roa File: 3230322e38372e3234382e302f32312d3234203d3e203234323031.roa (raw, json) Hash identifier: YIGWj76AnaLSHaaCNOVsCHFGKespwS6XW2pML5MbQts= Subject key identifier: 1D:12:30:D1:CB:BD:E9:24:A3:71:4A:65:45:C9:84:28:5A:6A:ED:C9 Certificate issuer: /CN=8A0F7659BE6C916702994F1B653CA6335CF48F9F Certificate serial: 09DCD32669954E568E30DBCDE9C4833EAF73B6FA Authority key identifier: 8A:0F:76:59:BE:6C:91:67:02:99:4F:1B:65:3C:A6:33:5C:F4:8F:9F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A0F7659BE6C916702994F1B653CA6335CF48F9F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/3230322e38372e3234382e302f32312d3234203d3e203234323031.roa Signing time: Sat 22 Mar 2025 08:00:01 +0000 ROA not before: Sat 22 Mar 2025 07:55:01 +0000 ROA not after: Sat 21 Mar 2026 08:00:01 +0000 asID: 24201 IP address blocks: 202.87.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/8A0F7659BE6C916702994F1B653CA6335CF48F9F.crl rsync://repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/8A0F7659BE6C916702994F1B653CA6335CF48F9F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A0F7659BE6C916702994F1B653CA6335CF48F9F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 13:29:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:dc:d3:26:69:95:4e:56:8e:30:db:cd:e9:c4:83:3e:af:73:b6:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8A0F7659BE6C916702994F1B653CA6335CF48F9F Validity Not Before: Mar 22 07:55:01 2025 GMT Not After : Mar 21 08:00:01 2026 GMT Subject: CN=1D1230D1CBBDE924A3714A6545C984285A6AEDC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1e:3a:18:4d:b3:f5:74:e6:4a:46:d9:7c:0d: 51:f4:f6:b8:d0:95:eb:32:f7:8f:35:61:b6:6a:54: 90:69:63:47:5d:bb:37:a6:df:00:d3:70:7a:32:fe: 51:a9:41:16:93:e5:3f:b3:0b:7e:64:ce:67:51:1a: c0:8a:46:2a:8c:a7:77:41:a7:fd:57:b9:9f:ec:26: 7b:9d:e1:c4:06:46:f4:33:06:dc:7c:97:98:89:17: 8a:ef:e8:43:cc:40:05:04:f7:3a:96:ca:4c:cb:70: 5c:7a:0c:83:cd:1a:4c:14:56:39:99:6a:11:e5:bc: 20:5c:7e:7b:22:bc:2d:7c:bd:07:9c:94:f0:41:3b: f6:7d:d0:b2:c7:5b:16:a7:4f:c9:95:f8:0a:9e:e1: b5:6a:a7:1a:96:55:bd:34:51:f7:47:9e:62:76:81: 01:b9:c9:c0:ad:18:f5:8e:84:cd:e6:37:c4:f2:f9: 20:f2:5a:79:f7:c3:e6:9e:ad:87:7e:92:82:14:a3: a0:c8:b5:99:a1:f8:76:5d:59:f6:f5:b4:ae:c7:6b: cc:14:12:1c:12:ec:b7:a5:0f:4e:9e:1b:0c:59:e9: 00:26:11:02:2a:af:26:97:27:58:55:79:16:1a:fa: 71:1f:96:b2:de:1f:9e:c9:11:5c:d3:8c:70:8f:5c: 5b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:12:30:D1:CB:BD:E9:24:A3:71:4A:65:45:C9:84:28:5A:6A:ED:C9 X509v3 Authority Key Identifier: keyid:8A:0F:76:59:BE:6C:91:67:02:99:4F:1B:65:3C:A6:33:5C:F4:8F:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/8A0F7659BE6C916702994F1B653CA6335CF48F9F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A0F7659BE6C916702994F1B653CA6335CF48F9F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f0a929c6-1e25-494a-b0f9-55fc4fc94fbc/0/3230322e38372e3234382e302f32312d3234203d3e203234323031.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.87.248.0/21 Signature Algorithm: sha256WithRSAEncryption 63:91:77:98:0d:ab:16:59:47:d5:a4:e4:e8:0d:bb:12:62:37: 04:73:dd:39:15:29:69:92:a0:f6:e9:b1:a7:58:3a:9e:90:e8: 7b:d2:e0:07:3f:fe:3e:58:23:d7:9c:cd:ce:36:55:4e:7c:93: 1f:14:60:eb:94:9a:35:5d:84:ae:a0:9e:7c:0b:15:43:2f:14: 4f:e4:f3:c2:cc:58:ba:41:65:c2:2b:fb:f4:9f:76:96:d6:84: 23:d5:29:82:51:43:67:d1:90:9e:da:51:1e:69:8d:8f:13:c9: c6:99:cb:0e:41:b0:ef:e4:e8:93:e8:9d:26:f2:c5:90:f5:e8: 89:5c:06:8e:89:be:df:e1:6d:5d:e5:41:cd:28:62:10:4b:22: 7b:37:f7:ee:39:a5:99:f2:54:ce:d9:b9:bc:d9:7c:f3:9f:50: c5:a1:81:cf:19:4b:4a:a4:af:65:44:0f:55:dc:a2:4b:95:04: 0c:21:c9:32:04:a4:84:82:86:6f:f0:c0:b4:40:3f:3a:4c:aa: 39:03:2d:7b:56:1a:6d:45:99:ce:d4:fb:26:0c:0e:2e:9f:a8: 5f:15:71:05:44:95:88:3f:fa:90:4e:6d:3a:fe:a6:35:9f:e5: fa:94:3e:e8:81:8d:e7:b2:ed:8d:19:7a:a4:3e:92:4d:3a:74: 07:1d:41:57 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUCdzTJmmVTlaOMNvN6cSDPq9ztvowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEEwRjc2NTlCRTZDOTE2NzAyOTk0RjFCNjUzQ0E2MzM1 Q0Y0OEY5RjAeFw0yNTAzMjIwNzU1MDFaFw0yNjAzMjEwODAwMDFaMDMxMTAvBgNV BAMTKDFEMTIzMEQxQ0JCREU5MjRBMzcxNEE2NTQ1Qzk4NDI4NUE2QUVEQzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HjoYTbP1dOZKRtl8DVH09rjQ lesy9481YbZqVJBpY0dduzem3wDTcHoy/lGpQRaT5T+zC35kzmdRGsCKRiqMp3dB p/1XuZ/sJnud4cQGRvQzBtx8l5iJF4rv6EPMQAUE9zqWykzLcFx6DIPNGkwUVjmZ ahHlvCBcfnsivC18vQeclPBBO/Z90LLHWxanT8mV+Aqe4bVqpxqWVb00UfdHnmJ2 gQG5ycCtGPWOhM3mN8Ty+SDyWnn3w+aerYd+koIUo6DItZmh+HZdWfb1tK7Ha8wU EhwS7LelD06eGwxZ6QAmEQIqryaXJ1hVeRYa+nEflrLeH57JEVzTjHCPXFsjAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUHRIw0cu96SSjcUplRcmEKFpq7ckwHwYDVR0j BBgwFoAUig92Wb5skWcCmU8bZTymM1z0j58wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MGE5MjljNi0xZTI1LTQ5NGEtYjBmOS01NWZjNGZjOTRmYmMvMC84QTBGNzY1OUJF NkM5MTY3MDI5OTRGMUI2NTNDQTYzMzVDRjQ4RjlGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEEwRjc2NTlCRTZDOTE2NzAyOTk0RjFCNjUzQ0E2MzM1Q0Y0 OEY5Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YwYTkyOWM2LTFlMjUtNDk0YS1i MGY5LTU1ZmM0ZmM5NGZiYy8wLzMyMzAzMjJlMzgzNzJlMzIzNDM4MmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzIzNDMyMzAzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8pX+DANBgkqhkiG 9w0BAQsFAAOCAQEAY5F3mA2rFllH1aTk6A27EmI3BHPdORUpaZKg9umxp1g6npDo e9LgBz/+Plgj15zNzjZVTnyTHxRg65SaNV2ErqCefAsVQy8UT+TzwsxYukFlwiv7 9J92ltaEI9UpglFDZ9GQntpRHmmNjxPJxpnLDkGw7+Tok+idJvLFkPXoiVwGjom+ 3+FtXeVBzShiEEsiezf37jmlmfJUztm5vNl8859QxaGBzxlLSqSvZUQPVdyiS5UE DCHJMgSkhIKGb/DAtEA/OkyqOQMte1YabUWZztT7JgwOLp+oXxVxBUSViD/6kE5t Ov6mNZ/l+pQ+6IGN57LtjRl6pD6STTp0Bx1BVw== -----END CERTIFICATE-----Generated at Sun Apr 6 14:04:58 2025 by rpki-client