$ rpki-client -vvf repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/3136302e3139312e3130362e302f32332d3234203d3e20313533313433.roa File: 3136302e3139312e3130362e302f32332d3234203d3e20313533313433.roa (raw, json) Hash identifier: Qqyhh99wvN9qzOgai05gzAsYuhy6QSvltygf/7XId1w= Subject key identifier: 72:E8:17:FA:4D:47:4E:A2:CA:30:0D:05:60:05:D1:34:D8:D0:DF:65 Certificate issuer: /CN=DC0680824B7F80117B62C239676444B0691128B8 Certificate serial: 1ED22593125E72AACFCF329F49840A3B39C395B5 Authority key identifier: DC:06:80:82:4B:7F:80:11:7B:62:C2:39:67:64:44:B0:69:11:28:B8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DC0680824B7F80117B62C239676444B0691128B8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/3136302e3139312e3130362e302f32332d3234203d3e20313533313433.roa Signing time: Wed 22 Oct 2025 04:00:01 +0000 ROA not before: Wed 22 Oct 2025 03:55:01 +0000 ROA not after: Wed 21 Oct 2026 04:00:01 +0000 asID: 153143 IP address blocks: 160.191.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/DC0680824B7F80117B62C239676444B0691128B8.crl rsync://repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/DC0680824B7F80117B62C239676444B0691128B8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DC0680824B7F80117B62C239676444B0691128B8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 02:56:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:d2:25:93:12:5e:72:aa:cf:cf:32:9f:49:84:0a:3b:39:c3:95:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC0680824B7F80117B62C239676444B0691128B8 Validity Not Before: Oct 22 03:55:01 2025 GMT Not After : Oct 21 04:00:01 2026 GMT Subject: CN=72E817FA4D474EA2CA300D056005D134D8D0DF65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:de:b8:dd:fa:a4:2c:bf:fa:8d:95:3d:82:b7: ba:5f:72:f2:3f:62:11:66:ce:b7:12:e6:31:20:b9: c3:56:fe:47:d6:46:ad:4c:fc:17:0e:5b:20:a0:45: a9:7e:81:2e:ca:38:c3:48:5b:01:d8:05:6c:49:93: 93:c8:e6:7c:2b:12:6d:d7:e7:61:02:65:5c:27:04: f7:a5:2b:b4:90:ce:97:6a:4b:44:d2:dd:8f:01:5f: f3:4c:fc:fd:45:ba:43:18:09:8a:d3:ea:26:b5:a6: 45:42:d2:5d:06:60:51:f8:0a:cf:02:32:17:68:4f: 75:a2:aa:fa:d4:5d:87:49:6a:d5:e0:6e:fe:8c:a1: ee:a9:b1:5d:d9:2f:03:54:a5:9f:87:c0:9d:39:53: b0:7f:3d:8b:22:bb:8f:00:cd:6f:dd:f8:2b:25:93: cf:d4:e0:9b:b2:84:db:1b:2f:60:cb:f2:22:f5:25: e5:a0:98:6e:54:da:3f:6e:e0:e2:88:60:f5:3d:30: 33:45:ff:70:e1:03:87:df:c0:c2:a8:3f:02:82:15: 89:e2:eb:02:09:8e:54:25:e5:f1:d4:a2:3d:f9:92: 6c:ae:a4:39:c5:c1:78:84:86:b8:06:51:ee:a8:38: bd:50:bd:34:80:0d:83:57:b3:35:a1:66:1d:e0:b6: 39:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:E8:17:FA:4D:47:4E:A2:CA:30:0D:05:60:05:D1:34:D8:D0:DF:65 X509v3 Authority Key Identifier: keyid:DC:06:80:82:4B:7F:80:11:7B:62:C2:39:67:64:44:B0:69:11:28:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/DC0680824B7F80117B62C239676444B0691128B8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/DC0680824B7F80117B62C239676444B0691128B8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e855e8a-3ff8-47ff-aaec-48d8b380a904/0/3136302e3139312e3130362e302f32332d3234203d3e20313533313433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.106.0/23 Signature Algorithm: sha256WithRSAEncryption 56:a3:d0:48:d5:e6:db:a5:c7:92:10:5b:80:80:31:a5:c1:a8: 63:0a:2f:4b:af:14:e8:26:b3:b9:29:cd:98:6a:96:24:97:25: 40:df:15:e1:9f:86:47:1e:1b:d8:6d:2e:7f:8d:f7:c2:aa:c5: 8d:ca:f8:43:0b:c7:74:9a:6a:cb:16:4a:52:3b:cd:12:f9:da: 07:77:08:d6:c8:a5:e4:d9:11:c0:93:40:dc:c4:c7:b5:a4:a9: 58:38:6d:9d:fb:11:ba:42:3c:c0:a1:f8:ca:c0:a8:a3:b8:6f: 12:58:92:62:7c:ab:6d:83:a7:5f:2d:f6:68:c6:72:7c:ce:95: 81:a7:52:4d:76:e5:85:75:83:16:60:c4:b5:49:ec:36:dc:be: 82:a6:55:3b:ee:16:93:c1:1e:16:43:72:d2:2e:aa:0d:fb:10: 58:c9:88:25:07:36:eb:a1:8d:f8:3c:8f:f6:19:56:6a:69:e2: 66:3d:e5:04:36:50:c1:c6:57:92:f4:dc:2f:3c:da:1a:8c:3b: 13:cd:dc:bb:7e:d9:eb:8a:0c:d3:f5:62:cb:ac:68:5f:7e:38: 28:8e:f6:1c:5b:48:fd:a8:07:48:7a:fb:96:cc:cf:43:46:27: 06:36:00:4a:a5:ee:6a:4b:07:b1:71:9b:8c:64:d7:07:81:45: b4:a3:cc:d3 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUHtIlkxJecqrPzzKfSYQKOznDlbUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREMwNjgwODI0QjdGODAxMTdCNjJDMjM5Njc2NDQ0QjA2 OTExMjhCODAeFw0yNTEwMjIwMzU1MDFaFw0yNjEwMjEwNDAwMDFaMDMxMTAvBgNV BAMTKDcyRTgxN0ZBNEQ0NzRFQTJDQTMwMEQwNTYwMDVEMTM0RDhEMERGNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz3rjd+qQsv/qNlT2Ct7pfcvI/ YhFmzrcS5jEgucNW/kfWRq1M/BcOWyCgRal+gS7KOMNIWwHYBWxJk5PI5nwrEm3X 52ECZVwnBPelK7SQzpdqS0TS3Y8BX/NM/P1FukMYCYrT6ia1pkVC0l0GYFH4Cs8C MhdoT3WiqvrUXYdJatXgbv6Moe6psV3ZLwNUpZ+HwJ05U7B/PYsiu48AzW/d+Csl k8/U4JuyhNsbL2DL8iL1JeWgmG5U2j9u4OKIYPU9MDNF/3DhA4ffwMKoPwKCFYni 6wIJjlQl5fHUoj35kmyupDnFwXiEhrgGUe6oOL1QvTSADYNXszWhZh3gtjlDAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUcugX+k1HTqLKMA0FYAXRNNjQ32UwHwYDVR0j BBgwFoAU3AaAgkt/gBF7YsI5Z2REsGkRKLgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZTg1NWU4YS0zZmY4LTQ3ZmYtYWFlYy00OGQ4YjM4MGE5MDQvMC9EQzA2ODA4MjRC N0Y4MDExN0I2MkMyMzk2NzY0NDRCMDY5MTEyOEI4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvREMwNjgwODI0QjdGODAxMTdCNjJDMjM5Njc2NDQ0QjA2OTEx MjhCOC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlODU1ZThhLTNmZjgtNDdmZi1h YWVjLTQ4ZDhiMzgwYTkwNC8wLzMxMzYzMDJlMzEzOTMxMmUzMTMwMzYyZTMwMmYz MjMzMmQzMjM0MjAzZDNlMjAzMTM1MzMzMTM0MzMucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGgv2owDQYJ KoZIhvcNAQELBQADggEBAFaj0EjV5tulx5IQW4CAMaXBqGMKL0uvFOgms7kpzZhq liSXJUDfFeGfhkceG9htLn+N98KqxY3K+EMLx3SaassWSlI7zRL52gd3CNbIpeTZ EcCTQNzEx7WkqVg4bZ37EbpCPMCh+MrAqKO4bxJYkmJ8q22Dp18t9mjGcnzOlYGn Uk125YV1gxZgxLVJ7DbcvoKmVTvuFpPBHhZDctIuqg37EFjJiCUHNuuhjfg8j/YZ Vmpp4mY95QQ2UMHGV5L03C882hqMOxPN3Lt+2euKDNP1YsusaF9+OCiO9hxbSP2o B0h6+5bMz0NGJwY2AEql7mpLB7Fxm4xk1weBRbSjzNM= -----END CERTIFICATE-----Generated at Wed Nov 5 01:10:18 2025 by rpki-client