$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203139393035.roa File: 3132302e32392e3233312e302f32342d3234203d3e203139393035.roa (raw, json) Hash identifier: r2yKO3KrSmkrfjQ84qnMxwLYCnCinVawrYAR52ueF/A= Subject key identifier: D2:36:3F:2F:E4:20:9A:93:49:59:62:AD:35:EE:87:23:6F:3B:6F:AD Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 09B25C2630AF9C6A708446C4B38C31E116994029 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203139393035.roa Signing time: Wed 25 Jun 2025 07:12:46 +0000 ROA not before: Wed 25 Jun 2025 07:07:46 +0000 ROA not after: Wed 24 Jun 2026 07:12:46 +0000 asID: 19905 IP address blocks: 120.29.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 30 Jun 2025 17:25:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:b2:5c:26:30:af:9c:6a:70:84:46:c4:b3:8c:31:e1:16:99:40:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jun 25 07:07:46 2025 GMT Not After : Jun 24 07:12:46 2026 GMT Subject: CN=D2363F2FE4209A93495962AD35EE87236F3B6FAD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:57:55:b8:9f:e6:c7:7f:f5:1d:17:f6:e5:a6: b9:0a:2d:76:4c:db:e0:81:7a:e7:32:3c:be:df:26: 00:a0:17:6e:a0:05:ab:62:8d:7e:17:85:a6:81:1e: 94:1c:d9:8f:a4:a0:c5:5f:53:0a:56:8f:b2:ec:d5: 9e:b2:a3:24:ec:b2:ab:a1:22:af:67:cf:dd:a9:18: 6d:0f:0e:40:38:ad:71:0e:2a:44:2c:e0:82:52:a2: ee:18:40:c2:ed:34:40:31:3d:9a:d0:d7:74:bd:61: 5e:cc:85:03:17:0e:54:d9:2c:28:f4:8f:2f:cc:7b: b5:8e:f2:e5:93:71:03:97:ea:74:74:f3:98:62:9c: 83:76:24:c7:70:d7:e1:bb:7e:e5:b4:45:24:bb:6f: 42:e8:d6:7c:38:86:1b:97:06:49:ce:73:c1:cf:d2: 85:64:c8:ee:e9:b0:0d:de:3e:44:38:bc:cf:43:36: 83:70:a5:22:cc:8a:f3:a5:db:44:44:0c:00:9a:4c: 75:da:f5:b8:dd:03:86:79:6e:46:7b:d6:e5:18:10: 52:a5:0c:f6:32:d0:b7:78:c4:8b:13:3d:8c:23:96: 99:f1:a6:06:2b:7f:f7:49:5f:fa:8c:16:01:f6:56: 22:4c:fd:31:57:7b:e7:c4:d3:1f:42:d9:54:c6:cf: 3b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:36:3F:2F:E4:20:9A:93:49:59:62:AD:35:EE:87:23:6F:3B:6F:AD X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203139393035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.231.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:4a:cb:c0:7a:8c:78:fb:52:cd:b6:ac:57:ad:27:2e:64:75: c0:ee:eb:58:5f:c2:0a:a6:40:9f:29:61:03:d3:87:ef:aa:16: 40:33:bd:00:b1:ce:66:30:95:9d:49:0b:78:1b:2f:bf:20:da: 52:25:85:ef:ee:d2:28:40:82:c5:c5:a1:50:7d:7a:c7:1e:15: e0:4f:5a:93:28:75:06:28:3e:70:81:c3:03:83:3a:c1:3b:36: 30:9a:24:fe:33:20:21:3f:79:00:f2:ba:12:63:75:4d:bf:48: a2:42:af:84:de:54:2b:aa:f1:5b:85:ed:d1:48:92:e3:2d:54: 14:fe:f8:01:b0:72:fb:84:9f:ad:7c:86:d6:78:98:d5:b6:e4: 60:68:b1:e4:00:fe:97:eb:98:9d:ff:be:1e:38:36:52:ae:d0: f4:d8:d8:f9:26:3e:3a:d6:96:c4:ec:79:18:c8:7b:6e:4b:62: 7e:3d:16:d3:cf:53:56:33:d1:ae:56:79:30:8d:6b:6e:c3:e0: c0:5f:43:7d:fc:c7:3e:d7:56:68:91:c8:6a:c6:db:bf:f6:ec: 1e:91:82:40:18:25:88:1d:c2:10:2f:29:02:d1:66:3d:72:08: a4:bf:be:29:c3:a4:83:64:9e:07:d4:11:30:81:63:0f:7f:de: aa:fa:24:f9 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUCbJcJjCvnGpwhEbEs4wx4RaZQCkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNTA2MjUwNzA3NDZaFw0yNjA2MjQwNzEyNDZaMDMxMTAvBgNV BAMTKEQyMzYzRjJGRTQyMDlBOTM0OTU5NjJBRDM1RUU4NzIzNkYzQjZGQUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDV1W4n+bHf/UdF/blprkKLXZM 2+CBeucyPL7fJgCgF26gBatijX4XhaaBHpQc2Y+koMVfUwpWj7Ls1Z6yoyTssquh Iq9nz92pGG0PDkA4rXEOKkQs4IJSou4YQMLtNEAxPZrQ13S9YV7MhQMXDlTZLCj0 jy/Me7WO8uWTcQOX6nR085hinIN2JMdw1+G7fuW0RSS7b0Lo1nw4hhuXBknOc8HP 0oVkyO7psA3ePkQ4vM9DNoNwpSLMivOl20REDACaTHXa9bjdA4Z5bkZ71uUYEFKl DPYy0Ld4xIsTPYwjlpnxpgYrf/dJX/qMFgH2ViJM/TFXe+fE0x9C2VTGzzsLAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU0jY/L+QgmpNJWWKtNe6HI287b60wHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzOTM5MzAzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5zANBgkqhkiG 9w0BAQsFAAOCAQEAekrLwHqMePtSzbasV60nLmR1wO7rWF/CCqZAnylhA9OH76oW QDO9ALHOZjCVnUkLeBsvvyDaUiWF7+7SKECCxcWhUH16xx4V4E9akyh1Big+cIHD A4M6wTs2MJok/jMgIT95APK6EmN1Tb9IokKvhN5UK6rxW4Xt0UiS4y1UFP74AbBy +4SfrXyG1niY1bbkYGix5AD+l+uYnf++Hjg2Uq7Q9NjY+SY+OtaWxOx5GMh7bkti fj0W089TVjPRrlZ5MI1rbsPgwF9DffzHPtdWaJHIasbbv/bsHpGCQBgliB3CEC8p AtFmPXIIpL++KcOkg2SeB9QRMIFjD3/eqvok+Q== -----END CERTIFICATE-----Generated at Sun Jun 29 17:12:29 2025 by rpki-client