$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3234203d3e203233393531.roa File: 3230322e36352e3131322e302f32312d3234203d3e203233393531.roa (raw, json) Hash identifier: 42OUxulwbAB1CTRXrAGVc4itTg6RD7nCc12Z/wbxKk0= Subject key identifier: 8B:57:10:6A:C3:7F:9D:00:CC:A7:AA:06:2A:1E:34:53:B4:06:F4:13 Certificate issuer: /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Certificate serial: 25B0C699F27D132D0F5EF76F08F2CE4E7E9F2FB5 Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3234203d3e203233393531.roa Signing time: Tue 22 Jul 2025 06:00:00 +0000 ROA not before: Tue 22 Jul 2025 05:55:00 +0000 ROA not after: Tue 21 Jul 2026 06:00:00 +0000 asID: 23951 IP address blocks: 202.65.112.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 02:21:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b0:c6:99:f2:7d:13:2d:0f:5e:f7:6f:08:f2:ce:4e:7e:9f:2f:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F Validity Not Before: Jul 22 05:55:00 2025 GMT Not After : Jul 21 06:00:00 2026 GMT Subject: CN=8B57106AC37F9D00CCA7AA062A1E3453B406F413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c1:78:b4:da:80:39:c5:44:07:5e:54:de:0c: 8d:d1:75:db:53:a5:bf:2d:47:11:a8:f9:e2:b2:59: 15:60:51:a5:d7:6f:1f:2e:59:7c:67:80:c4:f6:90: 37:7e:88:46:c4:a5:25:b0:75:70:f5:57:47:29:8d: 0c:2b:93:ee:08:9b:13:78:b8:60:a9:49:c9:39:d9: 1c:f3:a6:d2:09:cf:5c:9e:9a:06:e5:80:79:76:4a: 7a:9b:bd:ae:4b:1b:c9:07:2b:65:ab:4f:fc:0e:32: 72:1f:00:8b:a6:85:fd:ea:1f:6a:dd:c9:50:aa:26: 22:28:ed:c9:25:7b:76:07:6c:ca:b4:1a:c5:93:b1: 7b:8a:7a:67:47:88:5a:ea:dd:a1:fd:0e:62:74:2a: 6f:bf:19:1e:95:fa:c3:ab:4c:f8:00:d4:07:86:7c: 6d:db:b4:88:b6:cf:81:3e:8b:77:b2:18:c4:7d:93: 43:c9:f1:12:7f:2a:68:6c:86:3a:72:53:8c:65:9d: f8:20:03:e3:bf:50:ec:15:bf:4a:05:e6:4b:a8:6c: 99:af:30:a8:61:69:1b:1e:71:27:71:e2:3c:64:d4: 8e:21:55:e4:6d:9c:64:05:6d:6c:bb:c9:12:98:80: 40:8a:0f:7c:81:f0:1e:eb:4a:8c:29:f3:ff:4d:f9: b4:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:57:10:6A:C3:7F:9D:00:CC:A7:AA:06:2A:1E:34:53:B4:06:F4:13 X509v3 Authority Key Identifier: keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3131322e302f32312d3234203d3e203233393531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.65.112.0/21 Signature Algorithm: sha256WithRSAEncryption 42:22:49:13:0d:37:59:8b:5f:c7:0a:31:3c:dd:30:08:67:04: fc:6c:5c:f9:87:8e:3a:6b:32:bc:a5:d9:78:28:ba:e4:c3:ac: 95:0f:56:61:03:79:83:02:90:30:c6:fc:b7:6b:d2:23:1a:6d: f1:52:66:78:cf:96:04:71:13:7f:f0:cf:71:32:1e:84:ff:7f: f8:e3:50:19:ad:c2:3f:ee:7c:0c:97:ea:f3:99:4d:fc:24:d3: a7:bb:73:45:e7:45:74:1c:7a:32:eb:5d:96:60:39:47:1c:0a: 6e:7c:f5:de:e5:55:73:07:00:c3:87:ae:87:4c:4a:f2:59:70: f6:de:b4:ce:59:5f:c2:13:82:c7:17:7b:13:40:a2:c6:5f:18: 4a:26:d6:0a:4f:8f:92:94:a0:43:40:42:ff:52:e4:29:68:c5: 25:ca:e3:f0:ba:37:8b:b8:4d:d8:ed:25:1d:a6:63:83:20:72: fd:40:fa:d1:ea:59:15:e0:73:41:61:1b:e5:d1:e2:55:17:23: 3a:0f:28:9c:1c:69:6a:2f:01:67:6a:c7:a8:75:58:e9:b7:aa: d7:01:1d:c5:d5:72:e0:c6:c7:9a:6a:54:ad:28:7e:66:38:ac: 44:d3:9f:ae:59:d8:8d:1f:b2:af:62:f1:44:ee:1e:dd:83:b6: c0:f8:50:7c -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUJbDGmfJ9Ey0PXvdvCPLOTn6fL7UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx NDNDOEU4RjAeFw0yNTA3MjIwNTU1MDBaFw0yNjA3MjEwNjAwMDBaMDMxMTAvBgNV BAMTKDhCNTcxMDZBQzM3RjlEMDBDQ0E3QUEwNjJBMUUzNDUzQjQwNkY0MTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYwXi02oA5xUQHXlTeDI3RddtT pb8tRxGo+eKyWRVgUaXXbx8uWXxngMT2kDd+iEbEpSWwdXD1V0cpjQwrk+4ImxN4 uGCpSck52RzzptIJz1yemgblgHl2Snqbva5LG8kHK2WrT/wOMnIfAIumhf3qH2rd yVCqJiIo7ckle3YHbMq0GsWTsXuKemdHiFrq3aH9DmJ0Km+/GR6V+sOrTPgA1AeG fG3btIi2z4E+i3eyGMR9k0PJ8RJ/KmhshjpyU4xlnfggA+O/UOwVv0oF5kuobJmv MKhhaRsecSdx4jxk1I4hVeRtnGQFbWy7yRKYgECKD3yB8B7rSowp8/9N+bSRAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUi1cQasN/nQDMp6oGKh40U7QG9BMwHwYDVR0j BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0 MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND OEU4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i OTMwLTFhYjBiZjAyZGQ1ZC8wLzMyMzAzMjJlMzYzNTJlMzEzMTMyMmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzIzMzM5MzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8pBcDANBgkqhkiG 9w0BAQsFAAOCAQEAQiJJEw03WYtfxwoxPN0wCGcE/Gxc+YeOOmsyvKXZeCi65MOs lQ9WYQN5gwKQMMb8t2vSIxpt8VJmeM+WBHETf/DPcTIehP9/+ONQGa3CP+58DJfq 85lN/CTTp7tzRedFdBx6MutdlmA5RxwKbnz13uVVcwcAw4euh0xK8llw9t60zllf whOCxxd7E0Cixl8YSibWCk+PkpSgQ0BC/1LkKWjFJcrj8Lo3i7hN2O0lHaZjgyBy /UD60epZFeBzQWEb5dHiVRcjOg8onBxpai8BZ2rHqHVY6beq1wEdxdVy4MbHmmpU rSh+ZjisRNOfrlnYjR+yr2LxRO4e3YO2wPhQfA== -----END CERTIFICATE-----Generated at Thu Aug 7 23:56:35 2025 by rpki-client