$ rpki-client -vvf repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/3135372e32302e3138382e302f32332d3234203d3e20313532343232.roa File: 3135372e32302e3138382e302f32332d3234203d3e20313532343232.roa (raw, json) Hash identifier: M0SX+vBa40WoWqrVHk7qnsi+9OoTYdUJpRbnZC9ESb0= Subject key identifier: 8F:C5:28:76:2D:AB:DE:02:1C:86:CD:AA:10:05:A4:E6:EF:73:E0:7A Certificate issuer: /CN=260881823F2804BCA7A65AC93BD3DC9A7EE1730A Certificate serial: 76E0004D8435B0C9192B09D3E0F4E04D3E98E08B Authority key identifier: 26:08:81:82:3F:28:04:BC:A7:A6:5A:C9:3B:D3:DC:9A:7E:E1:73:0A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/3135372e32302e3138382e302f32332d3234203d3e20313532343232.roa Signing time: Tue 18 Mar 2025 12:00:02 +0000 ROA not before: Tue 18 Mar 2025 11:55:02 +0000 ROA not after: Tue 17 Mar 2026 12:00:02 +0000 asID: 152422 IP address blocks: 157.20.188.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.crl rsync://repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 21:50:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e0:00:4d:84:35:b0:c9:19:2b:09:d3:e0:f4:e0:4d:3e:98:e0:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=260881823F2804BCA7A65AC93BD3DC9A7EE1730A Validity Not Before: Mar 18 11:55:02 2025 GMT Not After : Mar 17 12:00:02 2026 GMT Subject: CN=8FC528762DABDE021C86CDAA1005A4E6EF73E07A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:0b:3a:8f:f0:0b:42:fd:3e:7f:5a:e8:e8:80: 0d:14:40:66:34:f4:54:10:e2:a5:e6:dc:a5:ed:01: 1e:ce:17:ff:5d:cd:7a:80:ec:32:76:20:7f:e3:15: 76:27:e3:84:3a:2a:2e:3e:88:0f:7f:45:2d:bc:6a: 01:77:60:00:9e:e1:2a:2b:e9:fb:85:7c:de:37:6b: 13:7e:59:51:0e:6e:7d:d8:54:54:2c:ab:36:76:78: a2:d4:45:43:68:61:67:a9:33:7f:ee:25:14:bf:11: a7:1d:66:ea:e6:e6:33:04:39:2e:c1:a9:a3:f7:6d: 5c:82:a0:9f:7f:78:44:b2:33:2a:15:fb:9b:5f:87: 06:3f:e9:55:ba:82:7c:fc:fb:13:2b:b5:71:16:6e: 24:fc:47:e5:68:08:bf:df:3e:99:6f:50:af:9a:1c: eb:19:5f:94:fb:84:0f:3d:3c:e0:5c:ff:5d:e7:2e: 48:f9:62:85:e4:c4:85:d9:ca:bc:6f:2c:dc:72:19: 9b:45:85:a2:4a:c7:78:e8:c6:31:34:21:06:02:fb: c8:41:ff:0a:3e:8b:32:8f:dc:95:a6:c1:60:ca:2e: 82:45:bd:97:35:fb:44:d9:94:17:ea:92:21:08:63: de:34:48:da:c2:71:5e:5a:6a:36:52:c2:3b:63:90: ee:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:C5:28:76:2D:AB:DE:02:1C:86:CD:AA:10:05:A4:E6:EF:73:E0:7A X509v3 Authority Key Identifier: keyid:26:08:81:82:3F:28:04:BC:A7:A6:5A:C9:3B:D3:DC:9A:7E:E1:73:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/260881823F2804BCA7A65AC93BD3DC9A7EE1730A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/3135372e32302e3138382e302f32332d3234203d3e20313532343232.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.188.0/23 Signature Algorithm: sha256WithRSAEncryption 43:18:eb:6f:58:34:4d:5f:15:27:4c:02:c8:f1:1b:d7:06:dd: 54:38:56:76:ee:a8:55:75:f6:64:76:f3:64:40:91:a4:fd:83: 74:d9:de:b6:a4:15:55:f7:cd:ea:42:e3:c6:8b:20:8c:f5:55: c2:97:41:f3:6a:ed:84:b4:3c:6e:cd:86:f3:e9:da:0d:91:86: 7c:ae:b9:9f:2c:8f:36:9a:1b:5b:25:45:b9:54:79:10:51:1e: 52:28:ce:d4:9b:ae:d7:ef:b3:35:7b:c9:ae:e2:4e:6e:83:5d: 33:de:16:2a:e5:5f:a5:aa:9f:da:86:ac:bd:43:72:61:da:c7: 56:df:80:4b:eb:aa:1a:ae:f0:ce:83:ce:3b:c4:79:b0:88:23: b3:53:3b:51:bc:14:48:d2:7e:dc:5d:ce:03:64:e9:f3:35:3e: 86:c7:84:c5:93:5c:81:42:49:54:69:a6:d1:c9:e6:c8:79:1d: 2b:c3:fc:a9:d1:78:fd:b0:13:28:9e:6f:a3:57:c2:87:5c:69: 3f:59:fa:ea:e2:f7:9b:ca:36:10:4a:a0:1b:f0:9c:a1:67:f5: 73:5c:e8:fe:a8:6f:56:c7:51:c1:d4:05:cf:84:2a:98:b8:d1: c9:16:32:ec:8c:46:74:20:3e:26:24:78:d9:a6:6e:7d:aa:0c: 65:20:d0:ca -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUduAATYQ1sMkZKwnT4PTgTT6Y4IswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjYwODgxODIzRjI4MDRCQ0E3QTY1QUM5M0JEM0RDOUE3 RUUxNzMwQTAeFw0yNTAzMTgxMTU1MDJaFw0yNjAzMTcxMjAwMDJaMDMxMTAvBgNV BAMTKDhGQzUyODc2MkRBQkRFMDIxQzg2Q0RBQTEwMDVBNEU2RUY3M0UwN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/CzqP8AtC/T5/WujogA0UQGY0 9FQQ4qXm3KXtAR7OF/9dzXqA7DJ2IH/jFXYn44Q6Ki4+iA9/RS28agF3YACe4Sor 6fuFfN43axN+WVEObn3YVFQsqzZ2eKLURUNoYWepM3/uJRS/EacdZurm5jMEOS7B qaP3bVyCoJ9/eESyMyoV+5tfhwY/6VW6gnz8+xMrtXEWbiT8R+VoCL/fPplvUK+a HOsZX5T7hA89POBc/13nLkj5YoXkxIXZyrxvLNxyGZtFhaJKx3joxjE0IQYC+8hB /wo+izKP3JWmwWDKLoJFvZc1+0TZlBfqkiEIY940SNrCcV5aajZSwjtjkO5HAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUj8Uodi2r3gIchs2qEAWk5u9z4HowHwYDVR0j BBgwFoAUJgiBgj8oBLynplrJO9Pcmn7hcwowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTM2OGFlMy1kZDEyLTRhYTMtODk0OC01NDZkZTA0YzUxZTQvMC8yNjA4ODE4MjNG MjgwNEJDQTdBNjVBQzkzQkQzREM5QTdFRTE3MzBBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjYwODgxODIzRjI4MDRCQ0E3QTY1QUM5M0JEM0RDOUE3RUUx NzMwQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAxMzY4YWUzLWRkMTItNGFhMy04 OTQ4LTU0NmRlMDRjNTFlNC8wLzMxMzUzNzJlMzIzMDJlMzEzODM4MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRS8MA0GCSqG SIb3DQEBCwUAA4IBAQBDGOtvWDRNXxUnTALI8RvXBt1UOFZ27qhVdfZkdvNkQJGk /YN02d62pBVV983qQuPGiyCM9VXCl0Hzau2EtDxuzYbz6doNkYZ8rrmfLI82mhtb JUW5VHkQUR5SKM7Um67X77M1e8mu4k5ug10z3hYq5V+lqp/ahqy9Q3Jh2sdW34BL 66oarvDOg847xHmwiCOzUztRvBRI0n7cXc4DZOnzNT6Gx4TFk1yBQklUaabRyebI eR0rw/yp0Xj9sBMonm+jV8KHXGk/Wfrq4vebyjYQSqAb8JyhZ/VzXOj+qG9Wx1HB 1AXPhCqYuNHJFjLsjEZ0ID4mJHjZpm59qgxlINDK -----END CERTIFICATE-----Generated at Wed Nov 5 17:49:56 2025 by rpki-client