$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203139393035.roa File: 3132302e32392e3232352e302f32342d3234203d3e203139393035.roa (raw, json) Hash identifier: 8oS+uko7G4J7a7YK5iDBr81dMlt64vMgKJuUKbWy4MA= Subject key identifier: B5:2E:11:FA:B6:06:20:7B:BB:87:03:60:E7:8E:25:C2:96:6E:67:3B Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 09198504B77307DAEF9E8940718029E2680927BF Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203139393035.roa Signing time: Fri 03 Apr 2026 11:06:26 +0000 ROA not before: Fri 03 Apr 2026 11:01:26 +0000 ROA not after: Fri 02 Apr 2027 11:06:26 +0000 asID: 19905 IP address blocks: 120.29.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 15:02:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:19:85:04:b7:73:07:da:ef:9e:89:40:71:80:29:e2:68:09:27:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Apr 3 11:01:26 2026 GMT Not After : Apr 2 11:06:26 2027 GMT Subject: CN=B52E11FAB606207BBB870360E78E25C2966E673B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:42:ce:15:4f:fa:2a:1f:ac:e1:e1:00:aa:4c: 88:9f:bf:c0:a6:45:60:68:cf:04:aa:0a:b4:f3:40: 4f:a6:45:6c:a8:3c:4b:63:da:fb:f7:7b:c9:39:2c: e7:07:89:99:ca:d2:d5:18:57:4f:d6:c2:85:43:bd: 61:68:44:0a:fd:8b:92:45:36:94:13:da:73:d5:cd: 4e:f7:90:4d:be:82:08:95:17:db:4d:c4:96:90:29: 89:ea:ed:0e:42:2e:6b:2c:cd:64:21:ba:57:ff:c5: e2:4a:47:20:f4:28:93:12:2e:49:82:7c:36:f5:2e: 45:96:93:42:55:f2:6b:bc:d2:a4:34:02:ce:74:6d: 8f:a3:02:1a:8a:5e:69:81:df:87:08:72:ea:4c:ed: 6f:16:1c:5f:fe:b9:ba:41:2c:fc:cf:b3:98:17:d5: 64:3f:06:48:ef:b5:f5:10:e4:0d:73:d1:bb:c1:82: 51:11:ad:f5:df:5d:8c:dc:2d:29:dc:a9:53:05:eb: b6:3d:54:73:3e:85:3f:25:61:af:b4:35:7e:6f:b6: 32:2b:78:1e:12:1a:73:c9:a6:ef:c1:ea:bd:61:19: 17:9e:73:69:56:bd:3b:5f:e8:df:88:bf:88:03:c8: 29:d6:41:11:43:db:5f:d6:17:de:cd:d7:9e:7f:e5: 02:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:2E:11:FA:B6:06:20:7B:BB:87:03:60:E7:8E:25:C2:96:6E:67:3B X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203139393035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.225.0/24 Signature Algorithm: sha256WithRSAEncryption c8:74:44:6e:82:ef:dd:5d:60:cd:c6:f1:e4:36:38:35:09:32: 85:aa:e9:3f:e0:c3:a5:f7:3f:89:0f:68:2f:49:58:b3:b9:a4: 89:b6:a8:28:86:0c:30:29:87:68:4f:37:6c:f8:b3:44:e2:2c: cb:74:30:4d:71:f7:97:04:d9:b5:11:f2:3f:c7:97:70:34:5b: bc:ec:25:6f:9d:7b:df:a4:cf:ec:be:ea:41:61:69:a5:07:e0: eb:c4:a0:9a:d0:9e:3d:e2:4b:83:ee:60:c6:dd:bf:f3:5f:e0: 86:d5:3a:1b:a0:65:cd:14:f1:38:eb:bf:0e:d0:7e:4a:ee:8f: 1e:96:87:fd:d6:6c:8c:d2:80:b7:f5:9c:bd:33:60:3a:c1:53: d0:14:fe:9e:bf:94:c9:71:84:f3:83:e2:28:ee:05:3a:8d:49: c2:59:4e:47:70:69:5a:7c:7a:72:43:af:b9:59:5f:9e:5a:d0: d2:5e:9d:c3:26:07:7d:03:95:c1:21:bb:3d:53:20:e4:20:ea: 2c:9c:5a:53:1c:d5:41:ed:9a:e3:57:67:a1:3f:c9:19:ab:21: 42:69:8d:94:78:85:31:58:aa:93:cc:a6:40:89:e6:10:61:00: df:b3:16:22:ab:9a:20:5b:18:ce:3c:a7:2b:d8:be:2b:4c:f9: fa:d0:1c:42 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUCRmFBLdzB9rvnolAcYAp4mgJJ78wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjA0MDMxMTAxMjZaFw0yNzA0MDIxMTA2MjZaMDMxMTAvBgNV BAMTKEI1MkUxMUZBQjYwNjIwN0JCQjg3MDM2MEU3OEUyNUMyOTY2RTY3M0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdQs4VT/oqH6zh4QCqTIifv8Cm RWBozwSqCrTzQE+mRWyoPEtj2vv3e8k5LOcHiZnK0tUYV0/WwoVDvWFoRAr9i5JF NpQT2nPVzU73kE2+ggiVF9tNxJaQKYnq7Q5CLmsszWQhulf/xeJKRyD0KJMSLkmC fDb1LkWWk0JV8mu80qQ0As50bY+jAhqKXmmB34cIcupM7W8WHF/+ubpBLPzPs5gX 1WQ/BkjvtfUQ5A1z0bvBglERrfXfXYzcLSncqVMF67Y9VHM+hT8lYa+0NX5vtjIr eB4SGnPJpu/B6r1hGReec2lWvTtf6N+Iv4gDyCnWQRFD21/WF97N155/5QLLAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUtS4R+rYGIHu7hwNg544lwpZuZzswHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzOTM5MzAzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4TANBgkqhkiG 9w0BAQsFAAOCAQEAyHREboLv3V1gzcbx5DY4NQkyharpP+DDpfc/iQ9oL0lYs7mk ibaoKIYMMCmHaE83bPizROIsy3QwTXH3lwTZtRHyP8eXcDRbvOwlb51736TP7L7q QWFppQfg68SgmtCePeJLg+5gxt2/81/ghtU6G6BlzRTxOOu/DtB+Su6PHpaH/dZs jNKAt/WcvTNgOsFT0BT+nr+UyXGE84PiKO4FOo1JwllOR3BpWnx6ckOvuVlfnlrQ 0l6dwyYHfQOVwSG7PVMg5CDqLJxaUxzVQe2a41dnoT/JGashQmmNlHiFMViqk8ym QInmEGEA37MWIquaIFsYzjynK9i+K0z5+tAcQg== -----END CERTIFICATE-----Generated at Fri Apr 17 20:24:58 2026 by rpki-client