$ rpki-client -vvf repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/35382e36352e3234302e302f32312d3234203d3e203234353335.roa File: 35382e36352e3234302e302f32312d3234203d3e203234353335.roa (raw, json) Hash identifier: rPiRcVboc3keI3JDFzeJMujOJliCIhrAj1H/kJF3N9o= Subject key identifier: CA:51:2D:C3:5A:1B:A1:4C:07:9A:65:7C:AA:12:EB:BE:36:F5:95:86 Certificate issuer: /CN=47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097 Certificate serial: 4303896B70146D8FBD35E8ACB16AC33612967B9F Authority key identifier: 47:B3:FB:F3:9D:8D:FE:5B:C5:CF:D2:BE:D3:9F:0F:A1:52:61:90:97 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/35382e36352e3234302e302f32312d3234203d3e203234353335.roa Signing time: Tue 04 Mar 2025 09:00:02 +0000 ROA not before: Tue 04 Mar 2025 08:55:02 +0000 ROA not after: Tue 03 Mar 2026 09:00:02 +0000 asID: 24535 IP address blocks: 58.65.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.crl rsync://repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:03:89:6b:70:14:6d:8f:bd:35:e8:ac:b1:6a:c3:36:12:96:7b:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097 Validity Not Before: Mar 4 08:55:02 2025 GMT Not After : Mar 3 09:00:02 2026 GMT Subject: CN=CA512DC35A1BA14C079A657CAA12EBBE36F59586 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:29:a5:21:58:7e:f8:f2:75:49:3f:df:c8:f6: 67:1e:ee:fe:13:62:4a:e4:ff:b9:e5:b7:25:fe:d3: 51:56:1e:97:22:d8:5a:5c:49:30:fb:ba:91:70:28: 10:f1:85:67:2a:22:d9:6d:b9:6e:7c:e9:b1:28:15: 5d:20:a5:0d:09:54:b4:b9:91:64:17:be:48:45:17: 66:49:40:49:5c:ee:16:84:60:64:47:b4:14:58:32: fd:fc:0d:a7:ea:a1:18:be:b0:d2:ef:a2:2d:ca:7d: 9e:71:6e:f6:25:dc:fd:95:72:ac:ab:0b:c9:ec:91: ad:8a:17:82:a7:15:60:e0:03:27:5e:1b:75:1e:9e: b8:2f:f7:ac:ae:e8:59:b8:31:e8:e4:85:8f:f4:ad: b0:76:88:a3:2d:07:e1:8e:e7:32:4b:db:cb:36:72: a2:11:21:58:f3:88:60:d3:20:31:2d:01:0b:09:b9: 64:8c:71:b7:ea:62:0f:f8:8b:a0:af:f1:87:b4:f0: 5f:59:5e:65:56:d7:28:9c:8b:cc:30:a6:11:7a:71: 82:c8:bb:44:aa:73:9f:6f:7e:49:d7:00:0f:f9:5e: 82:8a:e5:3f:7f:71:ec:1d:ad:cf:30:47:09:92:59: 20:06:92:51:04:85:d5:35:42:f9:6e:62:53:45:27: ea:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:51:2D:C3:5A:1B:A1:4C:07:9A:65:7C:AA:12:EB:BE:36:F5:95:86 X509v3 Authority Key Identifier: keyid:47:B3:FB:F3:9D:8D:FE:5B:C5:CF:D2:BE:D3:9F:0F:A1:52:61:90:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47B3FBF39D8DFE5BC5CFD2BED39F0FA152619097.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2dd47f56-ec53-42eb-9b8b-fa08f874d319/0/35382e36352e3234302e302f32312d3234203d3e203234353335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 58.65.240.0/21 Signature Algorithm: sha256WithRSAEncryption 85:e6:ed:d6:56:29:7a:07:5f:35:c8:26:63:07:85:b8:91:cb: 58:cf:41:60:17:41:58:1f:52:7e:06:4a:b3:c5:ff:09:67:93: b8:d0:de:81:45:36:8b:55:b3:a8:8b:91:6d:66:26:19:f7:45: c2:f0:55:75:70:72:2f:cd:32:cd:50:53:41:d2:58:ff:ab:db: a1:f5:74:62:78:ae:c1:cf:65:04:a2:28:fe:b9:da:85:e5:22: a3:0f:19:08:c7:36:3e:3f:e7:4a:e6:98:e7:c3:f4:38:63:16: a0:41:24:8a:0c:40:89:8e:d1:b4:ce:ea:91:cd:6c:31:fb:39: 7e:e6:15:79:bf:1d:83:38:3c:76:d9:f4:3a:15:95:df:7a:32: 95:ad:e7:1c:e1:75:06:34:6c:2c:00:b0:6c:a1:80:11:d0:c7: d6:03:ca:9e:b9:be:11:98:0b:4d:e4:2d:3f:5e:84:ea:01:e2: 92:ec:6a:97:3f:d9:05:06:76:f0:c4:6a:4c:43:af:24:83:14: 33:86:7d:e7:01:fe:c3:f9:43:3b:16:4f:46:8e:75:b6:36:00: b1:e5:48:15:41:fd:9d:e8:57:33:33:1f:92:5f:e5:55:e9:65: 47:44:47:46:9f:7b:00:75:3b:30:b4:1a:30:be:fa:29:ef:f0: 2b:97:85:2a -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUQwOJa3AUbY+9NeissWrDNhKWe58wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDdCM0ZCRjM5RDhERkU1QkM1Q0ZEMkJFRDM5RjBGQTE1 MjYxOTA5NzAeFw0yNTAzMDQwODU1MDJaFw0yNjAzMDMwOTAwMDJaMDMxMTAvBgNV BAMTKENBNTEyREMzNUExQkExNEMwNzlBNjU3Q0FBMTJFQkJFMzZGNTk1ODYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyKaUhWH748nVJP9/I9mce7v4T Ykrk/7nltyX+01FWHpci2FpcSTD7upFwKBDxhWcqItltuW586bEoFV0gpQ0JVLS5 kWQXvkhFF2ZJQElc7haEYGRHtBRYMv38DafqoRi+sNLvoi3KfZ5xbvYl3P2Vcqyr C8nska2KF4KnFWDgAydeG3Uenrgv96yu6Fm4MejkhY/0rbB2iKMtB+GO5zJL28s2 cqIRIVjziGDTIDEtAQsJuWSMcbfqYg/4i6Cv8Ye08F9ZXmVW1yici8wwphF6cYLI u0Sqc59vfknXAA/5XoKK5T9/cewdrc8wRwmSWSAGklEEhdU1QvluYlNFJ+pbAgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUylEtw1oboUwHmmV8qhLrvjb1lYYwHwYDVR0j BBgwFoAUR7P7852N/lvFz9K+058PoVJhkJcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZGQ0N2Y1Ni1lYzUzLTQyZWItOWI4Yi1mYTA4Zjg3NGQzMTkvMC80N0IzRkJGMzlE OERGRTVCQzVDRkQyQkVEMzlGMEZBMTUyNjE5MDk3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDdCM0ZCRjM5RDhERkU1QkM1Q0ZEMkJFRDM5RjBGQTE1MjYx OTA5Ny5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkZDQ3ZjU2LWVjNTMtNDJlYi05 YjhiLWZhMDhmODc0ZDMxOS8wLzM1MzgyZTM2MzUyZTMyMzQzMDJlMzAyZjMyMzEy ZDMyMzQyMDNkM2UyMDMyMzQzNTMzMzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM6QfAwDQYJKoZIhvcN AQELBQADggEBAIXm7dZWKXoHXzXIJmMHhbiRy1jPQWAXQVgfUn4GSrPF/wlnk7jQ 3oFFNotVs6iLkW1mJhn3RcLwVXVwci/NMs1QU0HSWP+r26H1dGJ4rsHPZQSiKP65 2oXlIqMPGQjHNj4/50rmmOfD9DhjFqBBJIoMQImO0bTO6pHNbDH7OX7mFXm/HYM4 PHbZ9DoVld96MpWt5xzhdQY0bCwAsGyhgBHQx9YDyp65vhGYC03kLT9ehOoB4pLs apc/2QUGdvDEakxDrySDFDOGfecB/sP5QzsWT0aOdbY2ALHlSBVB/Z3oVzMzH5Jf 5VXpZUdER0afewB1OzC0GjC++inv8CuXhSo= -----END CERTIFICATE-----Generated at Fri Apr 25 00:06:28 2025 by rpki-client on console.sobornost.net