$ rpki-client -vvf repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/3135372e32302e3231392e302f32342d3234203d3e20313532343233.roa File: 3135372e32302e3231392e302f32342d3234203d3e20313532343233.roa (raw, json) Hash identifier: lEKQqCDUmBCxPybh1zwAuhAJa6FoeEwr4Hftj79+ZXw= Subject key identifier: F7:7A:46:6B:49:E9:94:C9:05:B7:D0:EC:3F:1B:1C:C8:79:60:58:FD Certificate issuer: /CN=46F8E3AC44B2F2208037674979268378CA60B901 Certificate serial: 68018759EB2F51205A50183B790C298B640C9C9A Authority key identifier: 46:F8:E3:AC:44:B2:F2:20:80:37:67:49:79:26:83:78:CA:60:B9:01 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/46F8E3AC44B2F2208037674979268378CA60B901.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/3135372e32302e3231392e302f32342d3234203d3e20313532343233.roa Signing time: Fri 11 Apr 2025 16:33:18 +0000 ROA not before: Fri 11 Apr 2025 16:28:18 +0000 ROA not after: Fri 10 Apr 2026 16:33:18 +0000 asID: 152423 IP address blocks: 157.20.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/46F8E3AC44B2F2208037674979268378CA60B901.crl rsync://repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/46F8E3AC44B2F2208037674979268378CA60B901.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/46F8E3AC44B2F2208037674979268378CA60B901.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 01:19:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:01:87:59:eb:2f:51:20:5a:50:18:3b:79:0c:29:8b:64:0c:9c:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46F8E3AC44B2F2208037674979268378CA60B901 Validity Not Before: Apr 11 16:28:18 2025 GMT Not After : Apr 10 16:33:18 2026 GMT Subject: CN=F77A466B49E994C905B7D0EC3F1B1CC8796058FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:38:e5:af:40:3e:90:b7:03:2f:0d:12:8e:e6: 70:73:90:65:af:19:33:65:37:ed:22:4e:7e:f3:a6: d1:58:81:fa:7a:5d:01:74:35:75:d9:51:22:68:bd: 47:5b:fc:0e:dc:51:aa:0f:00:8b:ae:af:e7:b0:a3: 2e:43:34:ae:a7:07:c9:aa:a8:25:f4:92:40:41:43: 36:eb:f6:d2:3e:8b:1e:32:83:3e:8c:98:75:78:0a: cc:9b:0a:4b:9f:6b:1e:d3:85:d7:9b:c2:ca:10:bb: db:f7:d1:70:9c:17:cc:92:6a:7c:da:8a:f2:0f:25: 5e:92:0f:1e:3e:60:10:c0:80:5c:54:63:9b:70:d2: 05:28:22:89:81:b0:71:b2:8a:98:04:d9:34:9d:04: 6a:6c:f6:33:59:80:a0:6d:ce:20:bc:8a:f1:15:91: cf:9c:29:8a:ce:6b:98:f7:01:4c:4a:56:ac:98:08: 64:f7:5a:4f:be:a7:20:43:3d:f7:b2:35:97:c4:2c: b7:5e:43:61:0f:9a:4e:a1:7b:98:5a:7e:e1:3c:0c: ce:5f:46:3a:47:86:b8:4d:45:57:e2:06:0e:67:88: 05:d8:50:2a:c4:d8:99:6f:5f:a2:c2:48:71:7b:73: ea:e5:d1:66:58:8d:7f:b9:ac:28:9f:ed:d1:94:cb: c8:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:7A:46:6B:49:E9:94:C9:05:B7:D0:EC:3F:1B:1C:C8:79:60:58:FD X509v3 Authority Key Identifier: keyid:46:F8:E3:AC:44:B2:F2:20:80:37:67:49:79:26:83:78:CA:60:B9:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/46F8E3AC44B2F2208037674979268378CA60B901.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/46F8E3AC44B2F2208037674979268378CA60B901.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e2e83afe-3bdc-44b2-a702-b4555daa65ea/0/3135372e32302e3231392e302f32342d3234203d3e20313532343233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.219.0/24 Signature Algorithm: sha256WithRSAEncryption 81:7f:fa:a2:45:bb:49:6d:e3:f1:64:77:17:74:33:e7:59:5d: 07:a0:d4:00:b4:d8:fe:05:50:ff:dd:b0:b0:5e:a3:02:4f:43: 50:d1:f8:37:96:fd:17:25:f5:5f:44:3a:c9:51:8f:27:0b:b9: 65:60:fe:c1:bf:6d:c6:03:26:8d:2b:3c:e7:5b:4b:7e:c4:07: 41:29:81:e5:c8:ce:59:8e:92:e9:02:1b:e8:9f:e9:c8:b6:c2: b8:73:9a:34:6a:40:1e:0c:f2:6e:14:e1:84:a6:87:a9:dd:cc: 08:e9:7a:26:a0:95:56:27:a1:0a:f8:31:06:b6:4c:f0:b6:e0: 2f:d6:93:dc:e2:37:69:69:68:d3:32:08:2e:49:f2:01:4f:ce: da:8e:32:cd:81:54:1e:1e:f8:a6:bd:34:b3:3f:7c:db:0b:15: d0:f7:d1:46:3b:df:58:8f:26:e9:b4:0b:87:15:73:54:cf:ce: c0:73:ef:7f:b6:04:41:74:8e:11:21:cf:e2:21:57:01:1a:3d: 92:31:de:bd:b7:ae:cb:a5:42:10:20:80:cd:c0:99:ed:69:74: c1:ef:ae:77:35:11:11:7a:d5:6b:69:57:76:fd:df:d3:aa:62: d2:73:eb:ca:67:ec:b2:6f:c0:7e:99:e3:b9:73:44:96:b7:78: 5f:b4:86:c7 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUaAGHWesvUSBaUBg7eQwpi2QMnJowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDZGOEUzQUM0NEIyRjIyMDgwMzc2NzQ5NzkyNjgzNzhD QTYwQjkwMTAeFw0yNTA0MTExNjI4MThaFw0yNjA0MTAxNjMzMThaMDMxMTAvBgNV BAMTKEY3N0E0NjZCNDlFOTk0QzkwNUI3RDBFQzNGMUIxQ0M4Nzk2MDU4RkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOOWvQD6QtwMvDRKO5nBzkGWv GTNlN+0iTn7zptFYgfp6XQF0NXXZUSJovUdb/A7cUaoPAIuur+ewoy5DNK6nB8mq qCX0kkBBQzbr9tI+ix4ygz6MmHV4CsybCkufax7ThdebwsoQu9v30XCcF8ySanza ivIPJV6SDx4+YBDAgFxUY5tw0gUoIomBsHGyipgE2TSdBGps9jNZgKBtziC8ivEV kc+cKYrOa5j3AUxKVqyYCGT3Wk++pyBDPfeyNZfELLdeQ2EPmk6he5hafuE8DM5f RjpHhrhNRVfiBg5niAXYUCrE2JlvX6LCSHF7c+rl0WZYjX+5rCif7dGUy8jnAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU93pGa0nplMkFt9DsPxscyHlgWP0wHwYDVR0j BBgwFoAURvjjrESy8iCAN2dJeSaDeMpguQEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l MmU4M2FmZS0zYmRjLTQ0YjItYTcwMi1iNDU1NWRhYTY1ZWEvMC80NkY4RTNBQzQ0 QjJGMjIwODAzNzY3NDk3OTI2ODM3OENBNjBCOTAxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDZGOEUzQUM0NEIyRjIyMDgwMzc2NzQ5NzkyNjgzNzhDQTYw QjkwMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2UyZTgzYWZlLTNiZGMtNDRiMi1h NzAyLWI0NTU1ZGFhNjVlYS8wLzMxMzUzNzJlMzIzMDJlMzIzMTM5MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTbMA0GCSqG SIb3DQEBCwUAA4IBAQCBf/qiRbtJbePxZHcXdDPnWV0HoNQAtNj+BVD/3bCwXqMC T0NQ0fg3lv0XJfVfRDrJUY8nC7llYP7Bv23GAyaNKzznW0t+xAdBKYHlyM5ZjpLp Ahvon+nItsK4c5o0akAeDPJuFOGEpoep3cwI6XomoJVWJ6EK+DEGtkzwtuAv1pPc 4jdpaWjTMgguSfIBT87ajjLNgVQeHvimvTSzP3zbCxXQ99FGO99YjybptAuHFXNU z87Ac+9/tgRBdI4RIc/iIVcBGj2SMd69t67LpUIQIIDNwJntaXTB7653NRERetVr aVd2/d/TqmLSc+vKZ+yyb8B+meO5c0SWt3hftIbH -----END CERTIFICATE-----Generated at Mon Apr 28 00:54:59 2025 by rpki-client