$ rpki-client -vvf repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa File: 34332e3235322e3233382e302f32342d3234203d3e203535373031.roa (raw, json) Hash identifier: Nnf66JxT1+eZbCkYQn8x6cz4I9We7qQ0T90RTh7FkG0= Subject key identifier: 17:4B:B6:74:2A:38:4C:87:B3:AA:AE:E1:98:FD:9C:78:32:ED:70:75 Certificate issuer: /CN=8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A Certificate serial: 2A5FB5680D2083B0A0DDF113348DDAC044E562F6 Authority key identifier: 8F:84:D6:FE:EA:F8:C5:D3:C5:D1:3F:10:1B:C7:0B:75:8B:F5:0F:6A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa Signing time: Wed 25 Jun 2025 02:49:33 +0000 ROA not before: Wed 25 Jun 2025 02:44:33 +0000 ROA not after: Wed 24 Jun 2026 02:49:33 +0000 asID: 55701 IP address blocks: 43.252.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.crl rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 01:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:5f:b5:68:0d:20:83:b0:a0:dd:f1:13:34:8d:da:c0:44:e5:62:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A Validity Not Before: Jun 25 02:44:33 2025 GMT Not After : Jun 24 02:49:33 2026 GMT Subject: CN=174BB6742A384C87B3AAAEE198FD9C7832ED7075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:0e:44:e8:a9:98:95:fd:66:4d:6c:f5:d6:8b: 22:8e:1f:70:6a:a4:32:44:d7:49:8a:d4:78:b7:39: 74:70:43:23:6a:02:fe:c1:22:a0:fc:9b:c8:1a:f3: 77:ff:6a:e0:21:85:d1:99:fa:7b:d9:b0:2c:bc:bc: ad:3e:65:33:49:b2:81:d9:b2:4f:74:8e:67:9e:81: 9c:7d:ac:20:e9:e4:41:42:4d:fe:0f:3c:84:54:4b: b8:87:c0:39:9e:0f:c1:6f:bb:78:b3:6d:c6:41:22: d8:6a:e0:56:41:b6:5c:fb:0a:45:27:e0:1c:f0:1e: ce:c0:b4:1e:a0:67:e1:07:7c:d3:4c:22:b4:02:2c: 35:7b:44:50:4a:3c:e5:ca:87:a3:4f:ff:a7:e4:02: d5:96:57:3a:7c:cf:4c:7b:8f:47:31:bd:38:0f:a2: 56:49:ab:35:46:35:cc:ae:c0:77:a5:db:86:5e:8d: 7f:35:99:0a:58:18:01:dc:01:a0:8c:fb:9b:1b:f8: 7d:17:3c:e6:2a:4c:cc:d5:7e:72:02:68:8b:2b:65: 90:fd:5e:a5:98:ec:bb:35:c0:e2:b6:a4:4e:fb:b0: 5e:cc:e6:d9:dc:06:18:0b:9b:e7:02:ba:14:23:00: 61:e6:27:63:45:14:dd:f2:0f:c1:05:d4:2e:8e:e3: bd:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:4B:B6:74:2A:38:4C:87:B3:AA:AE:E1:98:FD:9C:78:32:ED:70:75 X509v3 Authority Key Identifier: keyid:8F:84:D6:FE:EA:F8:C5:D3:C5:D1:3F:10:1B:C7:0B:75:8B:F5:0F:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8F84D6FEEAF8C5D3C5D13F101BC70B758BF50F6A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/27d9f851-7e73-4384-950e-8be8e15fd3ee/0/34332e3235322e3233382e302f32342d3234203d3e203535373031.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.238.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:07:1d:98:d6:ab:08:73:eb:4f:7a:59:f1:e3:a5:6c:d1:af: b7:27:db:53:ab:98:46:36:bf:f0:a3:b5:15:34:db:a0:07:fb: 88:81:78:dc:29:6b:e5:ab:82:eb:a6:61:58:e7:66:b2:1b:70: 19:46:60:39:b7:e2:0c:4d:6b:c2:05:f8:c9:3b:48:90:6a:44: 45:ca:cc:6a:b4:61:b5:5d:07:83:ef:1f:c9:37:d7:6b:e4:0e: 2c:73:15:36:eb:0f:d0:0d:79:91:b0:0d:8b:c0:ba:9f:ff:41: fb:67:69:a6:9e:71:39:f5:3d:05:80:14:a4:4e:7b:95:41:20: 29:11:1c:ef:ed:76:ba:bb:26:02:08:12:3b:ee:ad:5f:3a:74: f1:e0:62:07:0e:c6:c4:ef:11:1d:a7:9a:d0:30:b8:ae:52:a3: 23:64:9c:52:b6:ad:77:51:3f:3d:84:05:21:7f:03:a0:9b:ae: 66:cf:96:23:2d:5f:cf:28:f4:cd:81:b9:49:04:f8:95:93:fc: 95:32:2a:87:44:6e:7c:db:03:9f:36:45:e1:bf:3c:81:52:df: b5:19:f2:8e:88:d9:37:c6:b0:9c:8f:b0:ba:87:dc:c0:0a:8a: 45:1e:f3:87:e5:09:ce:c4:f0:76:e1:5a:64:10:ce:be:24:94: a2:3c:4f:9d -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUKl+1aA0gg7Cg3fETNI3awETlYvYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEY4NEQ2RkVFQUY4QzVEM0M1RDEzRjEwMUJDNzBCNzU4 QkY1MEY2QTAeFw0yNTA2MjUwMjQ0MzNaFw0yNjA2MjQwMjQ5MzNaMDMxMTAvBgNV BAMTKDE3NEJCNjc0MkEzODRDODdCM0FBQUVFMTk4RkQ5Qzc4MzJFRDcwNzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEDkToqZiV/WZNbPXWiyKOH3Bq pDJE10mK1Hi3OXRwQyNqAv7BIqD8m8ga83f/auAhhdGZ+nvZsCy8vK0+ZTNJsoHZ sk90jmeegZx9rCDp5EFCTf4PPIRUS7iHwDmeD8Fvu3izbcZBIthq4FZBtlz7CkUn 4BzwHs7AtB6gZ+EHfNNMIrQCLDV7RFBKPOXKh6NP/6fkAtWWVzp8z0x7j0cxvTgP olZJqzVGNcyuwHel24ZejX81mQpYGAHcAaCM+5sb+H0XPOYqTMzVfnICaIsrZZD9 XqWY7Ls1wOK2pE77sF7M5tncBhgLm+cCuhQjAGHmJ2NFFN3yD8EF1C6O470VAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUF0u2dCo4TIezqq7hmP2ceDLtcHUwHwYDVR0j BBgwFoAUj4TW/ur4xdPF0T8QG8cLdYv1D2owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y N2Q5Zjg1MS03ZTczLTQzODQtOTUwZS04YmU4ZTE1ZmQzZWUvMC84Rjg0RDZGRUVB RjhDNUQzQzVEMTNGMTAxQkM3MEI3NThCRjUwRjZBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEY4NEQ2RkVFQUY4QzVEM0M1RDEzRjEwMUJDNzBCNzU4QkY1 MEY2QS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI3ZDlmODUxLTdlNzMtNDM4NC05 NTBlLThiZThlMTVmZDNlZS8wLzM0MzMyZTMyMzUzMjJlMzIzMzM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzUzNTM3MzAzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv87jANBgkqhkiG 9w0BAQsFAAOCAQEALgcdmNarCHPrT3pZ8eOlbNGvtyfbU6uYRja/8KO1FTTboAf7 iIF43Clr5auC66ZhWOdmshtwGUZgObfiDE1rwgX4yTtIkGpERcrMarRhtV0Hg+8f yTfXa+QOLHMVNusP0A15kbANi8C6n/9B+2dppp5xOfU9BYAUpE57lUEgKREc7+12 ursmAggSO+6tXzp08eBiBw7GxO8RHaea0DC4rlKjI2ScUratd1E/PYQFIX8DoJuu Zs+WIy1fzyj0zYG5SQT4lZP8lTIqh0RufNsDnzZF4b88gVLftRnyjojZN8awnI+w uofcwAqKRR7zh+UJzsTwduFaZBDOviSUojxPnQ== -----END CERTIFICATE-----Generated at Tue Jul 1 00:25:07 2025 by rpki-client