$ rpki-client -vvf repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa File: 3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa (raw, json) Hash identifier: qz1dXSjmkF1AA5Ei88d+aInM4zHfe9p4wjNpf+FYrqI= Subject key identifier: 3A:16:7B:F2:49:61:52:43:B5:CB:CB:51:C6:60:25:73:4E:B1:AA:9E Certificate issuer: /CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Certificate serial: 61F719A0F495D0136F5060059B27DFD9B3BF751A Authority key identifier: 41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa Signing time: Thu 22 Jan 2026 14:00:01 +0000 ROA not before: Thu 22 Jan 2026 13:55:01 +0000 ROA not after: Thu 21 Jan 2027 14:00:01 +0000 asID: 152426 IP address blocks: 157.20.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 03:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:f7:19:a0:f4:95:d0:13:6f:50:60:05:9b:27:df:d9:b3:bf:75:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4 Validity Not Before: Jan 22 13:55:01 2026 GMT Not After : Jan 21 14:00:01 2027 GMT Subject: CN=3A167BF249615243B5CBCB51C66025734EB1AA9E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2b:9b:7d:fa:34:ca:6b:7c:db:47:18:3f:94: 69:60:a9:3f:23:42:bd:78:a3:fe:9a:4f:68:30:4a: fa:59:e2:f0:eb:c8:56:e6:66:7e:6e:50:66:64:04: c1:3e:99:ab:1f:30:98:fc:ce:9f:ac:8c:f4:08:80: c2:3e:0c:15:ad:9f:67:db:95:a0:57:e9:40:f2:47: cf:8d:c5:56:84:11:2f:d8:d5:c3:9f:8b:89:71:8b: b2:22:5d:fe:2b:0b:e4:01:c6:99:f7:6e:38:2f:16: ff:a0:09:ea:f7:c0:8b:bc:75:8e:47:88:d6:56:88: 3d:cf:f2:5b:e2:67:03:19:4b:12:f9:81:57:ea:d7: ad:0c:b7:78:0b:e5:ad:1c:52:16:d3:5a:c0:86:d2: b8:de:08:9e:e0:38:9d:cd:97:04:06:57:de:45:ae: 54:66:67:20:77:0c:70:52:4b:c7:df:f5:2a:6f:37: a5:61:23:5d:47:3b:a0:4e:f1:11:d2:c1:64:56:18: fd:26:cd:f9:b4:9c:7f:1a:d7:bd:84:e2:be:62:b8: 04:e6:59:86:9c:dd:ef:5c:a0:b1:00:6c:de:4e:72: 72:13:07:ef:93:14:f7:41:b0:25:d0:d4:76:e2:ec: de:43:c9:12:40:63:e7:86:91:50:d8:f8:56:51:76: 67:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:16:7B:F2:49:61:52:43:B5:CB:CB:51:C6:60:25:73:4E:B1:AA:9E X509v3 Authority Key Identifier: keyid:41:A4:79:AD:6B:97:4B:50:B9:9A:0D:FC:BE:24:FF:8A:AC:44:18:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/41A479AD6B974B50B99A0DFCBE24FF8AAC4418D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/3135372e32302e3232302e302f32342d3234203d3e20313532343236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.220.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:c7:e7:b4:74:ee:28:78:c4:c4:8f:a7:20:b0:87:46:7b:65: 28:5c:de:63:15:80:84:04:90:0e:70:4e:a4:ed:79:79:dc:67: 62:23:15:b4:86:7d:33:62:de:02:e9:da:2f:a1:25:a2:2b:da: ec:cb:71:f7:40:2b:3f:a0:83:fe:11:8c:df:41:05:05:d5:4d: ab:cd:71:56:3c:83:2b:58:64:e2:3c:15:7f:a2:13:da:30:15: 5c:b9:0b:ee:e5:8d:c7:2c:a6:2f:90:d1:32:c3:0f:2b:63:64: 03:03:6f:61:78:81:5b:8b:b0:c2:51:7b:53:9b:96:4f:ff:30: 8f:1b:0d:bc:40:e4:ed:8d:a3:87:07:81:4f:07:6b:78:8c:69: 8f:ec:1d:3f:07:d3:31:b7:4a:b0:19:85:a8:f1:cd:70:c8:8b: 81:14:d9:e1:9e:55:b2:bb:c6:f1:46:3b:48:fa:7b:53:a4:98: 8c:53:8e:3f:32:7c:1f:14:fb:6c:cb:8d:2b:cb:8f:07:d1:02: b1:e3:32:59:6c:0b:f7:52:c7:f7:fc:df:83:bf:c2:95:af:ce: 72:a9:5c:18:d8:d3:f6:2c:a9:f5:0c:b2:34:bc:11:55:43:91: ec:17:5a:90:c0:8d:f7:7b:03:23:0c:5a:d8:d8:45:14:be:41: 4b:bd:ed:52 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYfcZoPSV0BNvUGAFmyff2bO/dRowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFB QzQ0MThENDAeFw0yNjAxMjIxMzU1MDFaFw0yNzAxMjExNDAwMDFaMDMxMTAvBgNV BAMTKDNBMTY3QkYyNDk2MTUyNDNCNUNCQ0I1MUM2NjAyNTczNEVCMUFBOUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCK5t9+jTKa3zbRxg/lGlgqT8j Qr14o/6aT2gwSvpZ4vDryFbmZn5uUGZkBME+masfMJj8zp+sjPQIgMI+DBWtn2fb laBX6UDyR8+NxVaEES/Y1cOfi4lxi7IiXf4rC+QBxpn3bjgvFv+gCer3wIu8dY5H iNZWiD3P8lviZwMZSxL5gVfq160Mt3gL5a0cUhbTWsCG0rjeCJ7gOJ3NlwQGV95F rlRmZyB3DHBSS8ff9SpvN6VhI11HO6BO8RHSwWRWGP0mzfm0nH8a172E4r5iuATm WYac3e9coLEAbN5OcnITB++TFPdBsCXQ1Hbi7N5DyRJAY+eGkVDY+FZRdmfBAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUOhZ78klhUkO1y8tRxmAlc06xqp4wHwYDVR0j BBgwFoAUQaR5rWuXS1C5mg38viT/iqxEGNQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w ZWRkNGNjYi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC80MUE0NzlBRDZC OTc0QjUwQjk5QTBERkNCRTI0RkY4QUFDNDQxOEQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNDFBNDc5QUQ2Qjk3NEI1MEI5OUEwREZDQkUyNEZGOEFBQzQ0 MThENC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlZGQ0Y2NiLTQyZTMtNGI3Mi05 MTkzLWU5MThlN2IzMDY3ZC8wLzMxMzUzNzJlMzIzMDJlMzIzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTcMA0GCSqG SIb3DQEBCwUAA4IBAQAPx+e0dO4oeMTEj6cgsIdGe2UoXN5jFYCEBJAOcE6k7Xl5 3GdiIxW0hn0zYt4C6dovoSWiK9rsy3H3QCs/oIP+EYzfQQUF1U2rzXFWPIMrWGTi PBV/ohPaMBVcuQvu5Y3HLKYvkNEyww8rY2QDA29heIFbi7DCUXtTm5ZP/zCPGw28 QOTtjaOHB4FPB2t4jGmP7B0/B9Mxt0qwGYWo8c1wyIuBFNnhnlWyu8bxRjtI+ntT pJiMU44/MnwfFPtsy40ry48H0QKx4zJZbAv3Usf3/N+Dv8KVr85yqVwY2NP2LKn1 DLI0vBFVQ5HsF1qQwI33ewMjDFrY2EUUvkFLve1S -----END CERTIFICATE-----Generated at Mon Mar 2 04:03:15 2026 by rpki-client