$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203139393035.roa File: 3132302e32392e3232392e302f32342d3234203d3e203139393035.roa (raw, json) Hash identifier: VUbT8SHEyKOKmASLTaMwWEhd8ggbwmzz2pEnc4bB2PQ= Subject key identifier: 6C:B2:C9:1F:71:10:44:99:2C:19:D2:F9:D0:E1:6C:F9:74:AA:67:0B Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 6A4AFEB6E5046E7F79E38926452166A797B3416C Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203139393035.roa Signing time: Wed 25 Jun 2025 06:52:21 +0000 ROA not before: Wed 25 Jun 2025 06:47:21 +0000 ROA not after: Wed 24 Jun 2026 06:52:21 +0000 asID: 19905 IP address blocks: 120.29.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:4a:fe:b6:e5:04:6e:7f:79:e3:89:26:45:21:66:a7:97:b3:41:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jun 25 06:47:21 2025 GMT Not After : Jun 24 06:52:21 2026 GMT Subject: CN=6CB2C91F711044992C19D2F9D0E16CF974AA670B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e1:3c:f4:ce:52:f7:42:f7:e8:12:a5:d6:92: d9:9e:01:5f:8c:68:17:2b:ea:cb:14:bd:66:86:a5: cd:d0:3e:c4:8e:26:51:a7:29:0e:77:2d:94:33:4e: 5c:48:f8:cb:0d:9f:88:32:cc:35:5f:27:51:a5:87: 6d:6e:12:ea:06:8b:9b:d7:ac:75:df:d4:26:3f:de: d1:56:51:59:03:4b:c5:b1:31:ff:c0:42:9c:14:a3: ae:55:d2:6a:85:45:58:7a:bc:9b:5d:00:2d:3e:17: ab:a1:56:15:3e:e8:07:f6:85:db:27:4c:6d:98:fd: 12:3d:66:96:c4:99:8c:17:4f:fc:35:c5:ab:7c:94: 24:4f:cc:08:97:62:bb:51:95:99:ac:03:27:71:ae: 11:bc:3d:df:86:ae:23:7f:44:31:00:de:c5:d2:d9: cb:79:ec:bd:b3:00:5e:07:ce:de:72:c7:37:ef:90: f7:4d:9b:94:46:0b:3d:c3:1f:1a:e8:43:30:cf:b8: 61:99:5b:39:d8:20:70:53:38:d9:c5:38:b2:f0:6e: ca:28:37:c3:fb:cc:8c:2c:da:d4:c4:ee:64:eb:e2: 7e:c2:57:61:d3:cb:af:4f:0c:69:f6:70:6a:57:9f: 14:d4:87:c7:02:09:b6:0b:66:ac:7c:76:23:eb:05: 4a:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:B2:C9:1F:71:10:44:99:2C:19:D2:F9:D0:E1:6C:F9:74:AA:67:0B X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203139393035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.229.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:99:04:6d:e6:c4:80:a5:a6:0f:98:53:a8:4a:eb:bb:a7:8f: 89:52:56:d5:84:b3:33:85:7d:b4:11:94:d4:4f:14:1e:6c:3c: 41:95:9a:8f:2b:1a:1b:d9:db:e3:f5:70:44:df:c6:bc:e5:8e: 8d:26:88:13:ce:00:d8:c6:9f:b7:b9:df:de:50:40:72:aa:0d: b7:de:28:63:07:11:3a:32:7b:11:9a:d2:b6:ab:c7:09:6b:ea: 7a:13:22:28:b2:b1:ed:5f:d3:03:32:4c:fc:22:f6:17:37:23: e3:74:b7:01:f2:e8:5b:ae:f9:28:9c:f0:85:83:8e:b5:f5:d7: d7:e5:cc:bb:2a:b3:c8:5a:e7:5e:df:47:6f:b9:d2:79:47:19: 72:ac:b7:a1:da:f0:0a:8d:f0:33:a2:d2:4b:1c:ea:1d:5a:f4: b6:2f:d0:e2:b2:8f:d6:fe:7c:0d:a2:93:1e:7f:b1:06:3d:76: 98:1a:ae:f7:c9:c3:8f:b4:d1:3e:b2:fa:fd:d6:3c:63:2c:6c: 00:3c:59:c5:b7:65:53:51:1f:cb:65:24:2b:f0:f0:25:bf:8f: 77:50:26:e2:27:00:b0:24:82:78:ef:65:0d:68:ad:43:02:44: fe:c8:64:af:5d:a2:9a:cd:51:2d:7a:20:0c:87:f8:e0:dd:52: f2:69:9a:d8 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUakr+tuUEbn9544kmRSFmp5ezQWwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNTA2MjUwNjQ3MjFaFw0yNjA2MjQwNjUyMjFaMDMxMTAvBgNV BAMTKDZDQjJDOTFGNzExMDQ0OTkyQzE5RDJGOUQwRTE2Q0Y5NzRBQTY3MEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr4Tz0zlL3QvfoEqXWktmeAV+M aBcr6ssUvWaGpc3QPsSOJlGnKQ53LZQzTlxI+MsNn4gyzDVfJ1Glh21uEuoGi5vX rHXf1CY/3tFWUVkDS8WxMf/AQpwUo65V0mqFRVh6vJtdAC0+F6uhVhU+6Af2hdsn TG2Y/RI9ZpbEmYwXT/w1xat8lCRPzAiXYrtRlZmsAydxrhG8Pd+GriN/RDEA3sXS 2ct57L2zAF4Hzt5yxzfvkPdNm5RGCz3DHxroQzDPuGGZWznYIHBTONnFOLLwbsoo N8P7zIws2tTE7mTr4n7CV2HTy69PDGn2cGpXnxTUh8cCCbYLZqx8diPrBUpRAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUbLLJH3EQRJksGdL50OFs+XSqZwswHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM5MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzOTM5MzAzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5TANBgkqhkiG 9w0BAQsFAAOCAQEAa5kEbebEgKWmD5hTqErru6ePiVJW1YSzM4V9tBGU1E8UHmw8 QZWajysaG9nb4/VwRN/GvOWOjSaIE84A2Maft7nf3lBAcqoNt94oYwcROjJ7EZrS tqvHCWvqehMiKLKx7V/TAzJM/CL2Fzcj43S3AfLoW675KJzwhYOOtfXX1+XMuyqz yFrnXt9Hb7nSeUcZcqy3odrwCo3wM6LSSxzqHVr0ti/Q4rKP1v58DaKTHn+xBj12 mBqu98nDj7TRPrL6/dY8YyxsADxZxbdlU1Efy2UkK/DwJb+Pd1Am4icAsCSCeO9l DWitQwJE/shkr12ims1RLXogDIf44N1S8mma2A== -----END CERTIFICATE-----Generated at Mon Jun 30 00:24:50 2025 by rpki-client