$ rpki-client -vvf repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/3135372e36362e342e302f32342d3234203d3e20313336383633.roa File: 3135372e36362e342e302f32342d3234203d3e20313336383633.roa (raw, json) Hash identifier: aR3Z66Gksl8aWzzmV5EgX+Fsc4Zsdk7wCOxsP02PzAU= Subject key identifier: 91:98:80:E1:83:37:0D:18:4A:D3:0E:93:DB:7D:25:61:EF:9D:52:2F Certificate issuer: /CN=676E12EDA912B67493E88316A428CFDBCAB51941 Certificate serial: 1F5F7EBB6283255E15E1638D69FFD0E24E095C64 Authority key identifier: 67:6E:12:ED:A9:12:B6:74:93:E8:83:16:A4:28:CF:DB:CA:B5:19:41 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/676E12EDA912B67493E88316A428CFDBCAB51941.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/3135372e36362e342e302f32342d3234203d3e20313336383633.roa Signing time: Sat 03 May 2025 04:00:02 +0000 ROA not before: Sat 03 May 2025 03:55:02 +0000 ROA not after: Sat 02 May 2026 04:00:02 +0000 asID: 136863 IP address blocks: 157.66.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/676E12EDA912B67493E88316A428CFDBCAB51941.crl rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/676E12EDA912B67493E88316A428CFDBCAB51941.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/676E12EDA912B67493E88316A428CFDBCAB51941.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 11:26:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:5f:7e:bb:62:83:25:5e:15:e1:63:8d:69:ff:d0:e2:4e:09:5c:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=676E12EDA912B67493E88316A428CFDBCAB51941 Validity Not Before: May 3 03:55:02 2025 GMT Not After : May 2 04:00:02 2026 GMT Subject: CN=919880E183370D184AD30E93DB7D2561EF9D522F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:69:bf:90:65:6d:df:8f:0b:1b:f5:19:59:05: 74:66:91:66:21:da:22:3c:be:aa:d6:24:39:38:cc: bb:c9:4b:4b:99:ce:b7:0a:4a:56:b9:9c:b5:57:a4: 25:81:2b:3c:fb:21:b1:16:68:fb:b8:f2:2e:14:f0: 8b:10:71:2b:c8:89:b2:48:79:e3:16:57:1d:a0:38: 30:94:ac:cb:f2:bc:dd:47:37:0b:ad:01:95:a6:b7: a8:86:5a:36:bc:bb:f8:4a:02:e2:ad:b2:ef:2e:3b: e0:1b:0a:dd:92:95:1c:e2:7b:06:f7:ba:d9:41:06: 37:99:e7:6a:2b:2d:30:ee:20:03:63:cf:59:7b:b8: b9:37:74:f4:b1:68:f9:9b:b0:63:82:04:73:92:56: 44:f3:d8:db:6c:ac:a2:28:09:fd:4b:27:e9:3b:e5: 46:e4:e6:46:48:54:f4:da:e7:68:70:ba:31:31:de: 1f:7d:8b:93:39:e2:57:87:98:4f:bc:bb:b0:e8:07: b3:7b:bb:11:76:ff:7c:29:cc:fd:65:b1:85:68:89: 86:ca:6f:fe:3b:d3:44:87:11:53:2b:83:84:ee:19: 39:ca:b1:26:18:08:62:c4:43:3f:d9:e8:fa:7e:da: 50:17:9d:9b:81:a4:3d:92:64:76:37:98:1e:5b:00: e1:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:98:80:E1:83:37:0D:18:4A:D3:0E:93:DB:7D:25:61:EF:9D:52:2F X509v3 Authority Key Identifier: keyid:67:6E:12:ED:A9:12:B6:74:93:E8:83:16:A4:28:CF:DB:CA:B5:19:41 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/676E12EDA912B67493E88316A428CFDBCAB51941.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/676E12EDA912B67493E88316A428CFDBCAB51941.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/3135372e36362e342e302f32342d3234203d3e20313336383633.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.4.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:d2:52:b5:2c:65:dc:b1:14:4f:6f:2e:64:d5:64:87:7c:9e: 67:93:34:ca:a2:28:8b:1a:b5:f8:3d:8e:6b:58:2e:3f:16:1b: 9c:f0:3c:d2:bb:fc:bc:8d:51:4d:ee:5a:30:13:63:d9:61:ba: e5:f4:a6:98:f6:da:b4:7b:74:ea:a3:7f:7e:1f:67:f3:83:a6: ef:9e:1c:51:1d:a5:1c:73:7e:66:79:0e:5b:1d:36:53:6b:53: a3:1d:e5:dc:63:70:aa:c4:38:4a:27:11:f9:ca:17:d0:44:f7: ca:ad:3a:ac:a3:b0:79:d7:e9:13:0e:15:69:b5:4d:ea:aa:de: 05:e4:9e:11:e8:87:4e:14:e0:09:b3:71:53:ec:a0:bd:45:e5: 74:8c:e1:ef:40:0e:c4:3c:98:62:de:ba:2c:3f:2b:30:2d:49: ca:84:f9:a4:6a:43:e4:5d:5e:3f:8d:58:1a:d3:16:6d:49:9d: e6:fb:2b:73:76:01:f4:a5:ea:35:4e:c3:21:32:d4:a5:03:f0: 35:4b:f5:68:36:7b:34:7d:a8:bd:e2:39:14:5c:3b:ab:b1:3b: 3a:10:fc:86:00:33:d3:a8:d0:53:7a:13:ac:b5:51:83:6d:72: 43:5d:3e:25:76:93:31:78:35:43:9d:51:ab:12:23:73:7f:11: 6b:c1:de:59 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUH19+u2KDJV4V4WONaf/Q4k4JXGQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjc2RTEyRURBOTEyQjY3NDkzRTg4MzE2QTQyOENGREJD QUI1MTk0MTAeFw0yNTA1MDMwMzU1MDJaFw0yNjA1MDIwNDAwMDJaMDMxMTAvBgNV BAMTKDkxOTg4MEUxODMzNzBEMTg0QUQzMEU5M0RCN0QyNTYxRUY5RDUyMkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ab+QZW3fjwsb9RlZBXRmkWYh 2iI8vqrWJDk4zLvJS0uZzrcKSla5nLVXpCWBKzz7IbEWaPu48i4U8IsQcSvIibJI eeMWVx2gODCUrMvyvN1HNwutAZWmt6iGWja8u/hKAuKtsu8uO+AbCt2SlRziewb3 utlBBjeZ52orLTDuIANjz1l7uLk3dPSxaPmbsGOCBHOSVkTz2NtsrKIoCf1LJ+k7 5Ubk5kZIVPTa52hwujEx3h99i5M54leHmE+8u7DoB7N7uxF2/3wpzP1lsYVoiYbK b/4700SHEVMrg4TuGTnKsSYYCGLEQz/Z6Pp+2lAXnZuBpD2SZHY3mB5bAOFVAgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUkZiA4YM3DRhK0w6T230lYe+dUi8wHwYDVR0j BBgwFoAUZ24S7akStnST6IMWpCjP28q1GUEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MjY0YmZiMi1kNDFkLTQzMTctYjkyZC1iYjk0NDFmZDBkY2YvMC82NzZFMTJFREE5 MTJCNjc0OTNFODgzMTZBNDI4Q0ZEQkNBQjUxOTQxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNjc2RTEyRURBOTEyQjY3NDkzRTg4MzE2QTQyOENGREJDQUI1 MTk0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IyNjRiZmIyLWQ0MWQtNDMxNy1i OTJkLWJiOTQ0MWZkMGRjZi8wLzMxMzUzNzJlMzYzNjJlMzQyZTMwMmYzMjM0MmQz MjM0MjAzZDNlMjAzMTMzMzYzODM2MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdQgQwDQYJKoZIhvcN AQELBQADggEBAC7SUrUsZdyxFE9vLmTVZId8nmeTNMqiKIsatfg9jmtYLj8WG5zw PNK7/LyNUU3uWjATY9lhuuX0ppj22rR7dOqjf34fZ/ODpu+eHFEdpRxzfmZ5Dlsd NlNrU6Md5dxjcKrEOEonEfnKF9BE98qtOqyjsHnX6RMOFWm1Teqq3gXknhHoh04U 4AmzcVPsoL1F5XSM4e9ADsQ8mGLeuiw/KzAtScqE+aRqQ+RdXj+NWBrTFm1Jneb7 K3N2AfSl6jVOwyEy1KUD8DVL9Wg2ezR9qL3iORRcO6uxOzoQ/IYAM9Oo0FN6E6y1 UYNtckNdPiV2kzF4NUOdUasSI3N/EWvB3lk= -----END CERTIFICATE-----Generated at Sat May 10 13:52:44 2025 by rpki-client