$ rpki-client -vvf repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/3135372e32302e3233332e302f32342d3234203d3e20313532343339.roa File: 3135372e32302e3233332e302f32342d3234203d3e20313532343339.roa (raw, json) Hash identifier: 7TI4pzLcqyxuF39YuyeEo0KkPf4qVThK/j4OGDR/rss= Subject key identifier: D5:7A:84:01:80:77:38:59:51:06:EC:48:2A:05:94:D1:53:40:55:36 Certificate issuer: /CN=08683ED5C748B79A346EF705A2DCF809A31C75DF Certificate serial: 41C52F23E8EA3E106420529F77B5F0F44FA0386B Authority key identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/3135372e32302e3233332e302f32342d3234203d3e20313532343339.roa Signing time: Wed 09 Apr 2025 10:00:00 +0000 ROA not before: Wed 09 Apr 2025 09:55:00 +0000 ROA not after: Wed 08 Apr 2026 10:00:00 +0000 asID: 152439 IP address blocks: 157.20.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.crl rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Apr 2025 09:51:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:c5:2f:23:e8:ea:3e:10:64:20:52:9f:77:b5:f0:f4:4f:a0:38:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08683ED5C748B79A346EF705A2DCF809A31C75DF Validity Not Before: Apr 9 09:55:00 2025 GMT Not After : Apr 8 10:00:00 2026 GMT Subject: CN=D57A8401807738595106EC482A0594D153405536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:53:ec:df:8b:34:37:ee:78:71:bc:df:98:80: 7b:c2:be:18:0a:23:80:fd:60:a4:12:22:60:cc:05: ad:1b:33:49:b0:5d:ab:9c:da:c4:f3:4c:e7:d2:10: 15:90:39:ac:87:2e:37:e1:52:d5:08:bc:70:c7:52: 9b:79:a8:a4:64:00:1d:ac:15:95:63:4c:87:9f:ef: 63:3c:2a:d3:3c:e2:4d:0a:77:9e:7b:21:b3:c5:83: 79:10:76:51:39:f3:7f:3e:d5:d7:2f:41:e1:b9:33: 16:62:2e:db:a7:11:bc:07:44:ed:82:8a:0a:1a:92: 60:8c:83:63:13:fc:43:f3:22:46:aa:77:0c:17:56: c1:24:76:cf:2d:1f:dc:02:22:70:61:74:0b:d3:d9: 72:0a:68:fe:60:c8:01:42:c5:6c:46:0b:f0:f9:a7: b4:6e:82:c7:e2:2f:17:f7:a3:80:c1:c1:e5:2d:8d: d2:56:dd:33:93:de:1c:f6:69:01:6d:f5:63:dc:21: 4f:58:c9:45:4e:ec:ca:65:07:ee:c1:57:fd:c2:52: 17:03:0c:02:36:05:6c:57:25:d6:f8:b5:6a:c3:c4: 59:4f:88:41:d6:d3:f1:64:2b:3c:7c:7e:71:3c:0c: 38:c7:62:83:76:92:f4:a3:5d:bf:66:a5:59:70:ce: 41:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:7A:84:01:80:77:38:59:51:06:EC:48:2A:05:94:D1:53:40:55:36 X509v3 Authority Key Identifier: keyid:08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/3135372e32302e3233332e302f32342d3234203d3e20313532343339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.233.0/24 Signature Algorithm: sha256WithRSAEncryption d0:1a:49:32:05:dc:fa:19:66:f2:83:a2:bc:32:ee:fa:3a:96: 1a:6c:dc:eb:22:e2:d4:15:7f:a9:11:19:85:a8:22:29:bd:13: b9:6e:ec:16:c0:f9:37:dc:f4:40:07:22:48:9f:2f:29:4f:aa: 03:c9:c5:ed:1f:93:a1:75:63:a2:26:f4:7e:bb:70:94:09:1e: c6:c8:84:6c:44:49:3a:ed:e4:ec:24:70:ad:b1:56:65:f6:7a: 00:6a:0f:e3:c8:54:c1:59:c8:9a:2f:68:33:df:28:ca:69:f6: 96:fa:cd:14:f4:c7:80:1d:c4:5e:1e:d3:f1:19:27:31:1a:f0: 5c:7a:3e:ad:fd:06:4d:c2:16:74:62:d2:b9:ea:f1:b3:08:2d: 65:74:75:6b:4d:e9:a9:85:74:a4:e4:33:5a:5c:e4:6d:1f:00: 3f:62:4f:d1:6f:ff:fb:f1:3d:8c:b2:a7:80:6d:14:0d:a3:59: f3:1e:86:9a:71:b5:1f:fb:c3:a8:a6:ee:f4:fd:54:90:f0:fc: 50:25:ac:81:9e:8e:20:ca:9b:31:69:25:ed:a7:5f:08:2a:05: 2a:02:73:48:9b:6f:aa:10:cd:58:76:bd:7c:37:9f:0c:6a:c5: 27:93:4e:51:ae:4b:52:2a:55:2a:13:2e:0d:63:e0:08:2e:5e: 4f:36:50:ae -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQcUvI+jqPhBkIFKfd7Xw9E+gOGswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg2ODNFRDVDNzQ4Qjc5QTM0NkVGNzA1QTJEQ0Y4MDlB MzFDNzVERjAeFw0yNTA0MDkwOTU1MDBaFw0yNjA0MDgxMDAwMDBaMDMxMTAvBgNV BAMTKEQ1N0E4NDAxODA3NzM4NTk1MTA2RUM0ODJBMDU5NEQxNTM0MDU1MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwU+zfizQ37nhxvN+YgHvCvhgK I4D9YKQSImDMBa0bM0mwXauc2sTzTOfSEBWQOayHLjfhUtUIvHDHUpt5qKRkAB2s FZVjTIef72M8KtM84k0Kd557IbPFg3kQdlE5838+1dcvQeG5MxZiLtunEbwHRO2C igoakmCMg2MT/EPzIkaqdwwXVsEkds8tH9wCInBhdAvT2XIKaP5gyAFCxWxGC/D5 p7RugsfiLxf3o4DBweUtjdJW3TOT3hz2aQFt9WPcIU9YyUVO7MplB+7BV/3CUhcD DAI2BWxXJdb4tWrDxFlPiEHW0/FkKzx8fnE8DDjHYoN2kvSjXb9mpVlwzkHdAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU1XqEAYB3OFlRBuxIKgWU0VNAVTYwHwYDVR0j BBgwFoAUCGg+1cdIt5o0bvcFotz4CaMcdd8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l OGNlZDE4ZC1hN2NjLTRiNDQtYWY0YS04NWYzMDRmOWViNmMvMC8wODY4M0VENUM3 NDhCNzlBMzQ2RUY3MDVBMkRDRjgwOUEzMUM3NURGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMDg2ODNFRDVDNzQ4Qjc5QTM0NkVGNzA1QTJEQ0Y4MDlBMzFD NzVERi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4Y2VkMThkLWE3Y2MtNGI0NC1h ZjRhLTg1ZjMwNGY5ZWI2Yy8wLzMxMzUzNzJlMzIzMDJlMzIzMzMzMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMzM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTpMA0GCSqG SIb3DQEBCwUAA4IBAQDQGkkyBdz6GWbyg6K8Mu76OpYabNzrIuLUFX+pERmFqCIp vRO5buwWwPk33PRAByJIny8pT6oDycXtH5OhdWOiJvR+u3CUCR7GyIRsREk67eTs JHCtsVZl9noAag/jyFTBWciaL2gz3yjKafaW+s0U9MeAHcReHtPxGScxGvBcej6t /QZNwhZ0YtK56vGzCC1ldHVrTemphXSk5DNaXORtHwA/Yk/Rb//78T2MsqeAbRQN o1nzHoaacbUf+8Oopu70/VSQ8PxQJayBno4gypsxaSXtp18IKgUqAnNIm2+qEM1Y dr18N58MasUnk05RrktSKlUqEy4NY+AILl5PNlCu -----END CERTIFICATE-----Generated at Sun Apr 27 23:51:29 2025 by rpki-client