$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232352e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: tMWjooLi2F7KXFCZbnIlkGyY3nB0YSrhkrZ6SMkaGL0= Subject key identifier: 86:FF:E1:F8:80:8C:F1:B4:8F:64:47:41:3E:10:84:F3:7D:C9:55:36 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 43F006CBACEFD1BC689DBC3C54D89ADDD01A293D Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 12:00:01 +0000 ROA not before: Wed 21 Jan 2026 11:55:01 +0000 ROA not after: Wed 20 Jan 2027 12:00:01 +0000 asID: 38764 IP address blocks: 120.29.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:f0:06:cb:ac:ef:d1:bc:68:9d:bc:3c:54:d8:9a:dd:d0:1a:29:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 11:55:01 2026 GMT Not After : Jan 20 12:00:01 2027 GMT Subject: CN=86FFE1F8808CF1B48F6447413E1084F37DC95536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:8c:9a:23:45:1e:b7:1f:21:d4:31:cb:c4:12: 74:fa:3b:16:22:6e:b1:69:b5:ce:91:65:6d:43:d4: 90:ce:16:af:b0:19:a0:97:be:4f:d2:82:4d:51:5f: 3d:11:5f:d4:ac:52:4a:6e:03:f9:87:33:97:cf:89: aa:bf:00:34:61:8c:93:22:6b:b1:f7:6a:3d:1e:37: 88:65:a6:23:ae:d2:29:80:cf:0d:3f:08:57:da:45: 97:ca:f3:20:4d:b1:50:88:d5:8f:33:84:7b:69:1f: e9:8c:46:37:9f:a1:0c:6d:56:a1:30:da:8b:30:81: 85:19:8a:d8:ae:18:bf:d4:f4:e9:52:13:bb:b6:8f: fb:06:f4:31:ab:3c:be:ff:a7:00:74:9b:27:1a:90: 67:fe:57:af:4e:b6:05:39:66:a2:96:b6:c2:ba:34: ac:03:61:fc:7d:95:a6:f6:3d:72:60:b8:f2:f6:6e: 93:4c:7b:d7:f1:6a:38:f8:6d:cf:84:d3:0e:aa:a6: d8:77:d4:98:2f:d4:83:f9:59:8f:9f:ea:eb:14:40: 32:13:b9:f9:1b:c0:50:b8:06:7f:1e:0e:f6:3e:52: 9d:5a:9f:18:83:32:14:d8:91:60:aa:c5:e6:e5:39: bc:38:c8:1b:09:4e:61:16:f1:ec:0d:80:60:91:ee: e4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:FF:E1:F8:80:8C:F1:B4:8F:64:47:41:3E:10:84:F3:7D:C9:55:36 X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232352e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.225.0/24 Signature Algorithm: sha256WithRSAEncryption c3:d6:23:71:ab:db:69:00:9f:a1:b0:f1:44:16:33:48:18:8f: be:80:45:9a:66:52:03:68:11:1d:1b:26:ce:7a:39:6c:0a:22: 10:5b:5c:a6:6c:04:8e:35:9b:3c:e1:4a:d3:e3:23:7c:c3:97: 84:46:ad:0d:82:17:d6:99:62:51:55:17:2e:41:02:9a:a0:c5: a6:d4:d0:c4:65:ce:b9:db:26:68:a7:9e:ce:f3:6e:81:65:17: 71:41:72:e2:b5:b4:e1:75:09:8a:d8:26:09:c9:36:b2:93:90: fb:38:4d:b6:17:7c:d0:ee:0e:0f:3a:55:48:a1:88:59:e5:d3: b7:92:5a:61:59:fe:ee:3a:05:75:72:ce:77:a9:e8:14:e3:fd: 9e:b5:ce:eb:f9:73:6a:1c:b7:70:15:6a:9d:eb:de:2a:80:27: 5d:82:fa:b4:f6:28:4f:b5:2d:b5:a5:fb:36:5f:2e:cd:5d:60: 04:4b:1c:c8:95:9b:d4:b6:83:e1:45:80:e3:75:9f:4d:4a:3d: d0:50:db:12:e8:85:db:06:2c:95:a8:b1:70:a6:90:26:08:85: 74:50:7d:a1:72:dc:9e:4a:85:dd:39:21:fb:b7:b3:39:16:f6: 48:bf:bc:9a:01:ca:96:e3:30:e5:d5:ff:b4:a2:3b:a5:f7:26: 48:8a:64:a5 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUQ/AGy6zv0bxonbw8VNia3dAaKT0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMTU1MDFaFw0yNzAxMjAxMjAwMDFaMDMxMTAvBgNV BAMTKDg2RkZFMUY4ODA4Q0YxQjQ4RjY0NDc0MTNFMTA4NEYzN0RDOTU1MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtjJojRR63HyHUMcvEEnT6OxYi brFptc6RZW1D1JDOFq+wGaCXvk/Sgk1RXz0RX9SsUkpuA/mHM5fPiaq/ADRhjJMi a7H3aj0eN4hlpiOu0imAzw0/CFfaRZfK8yBNsVCI1Y8zhHtpH+mMRjefoQxtVqEw 2oswgYUZitiuGL/U9OlSE7u2j/sG9DGrPL7/pwB0mycakGf+V69OtgU5ZqKWtsK6 NKwDYfx9lab2PXJguPL2bpNMe9fxajj4bc+E0w6qpth31Jgv1IP5WY+f6usUQDIT ufkbwFC4Bn8eDvY+Up1anxiDMhTYkWCqxeblObw4yBsJTmEW8ewNgGCR7uQjAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUhv/h+ICM8bSPZEdBPhCE833JVTYwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4TANBgkqhkiG 9w0BAQsFAAOCAQEAw9YjcavbaQCfobDxRBYzSBiPvoBFmmZSA2gRHRsmzno5bAoi EFtcpmwEjjWbPOFK0+MjfMOXhEatDYIX1pliUVUXLkECmqDFptTQxGXOudsmaKee zvNugWUXcUFy4rW04XUJitgmCck2spOQ+zhNthd80O4ODzpVSKGIWeXTt5JaYVn+ 7joFdXLOd6noFOP9nrXO6/lzahy3cBVqneveKoAnXYL6tPYoT7UttaX7Nl8uzV1g BEscyJWb1LaD4UWA43WfTUo90FDbEuiF2wYslaixcKaQJgiFdFB9oXLcnkqF3Tkh +7ezORb2SL+8mgHKluMw5dX/tKI7pfcmSIpkpQ== -----END CERTIFICATE-----Generated at Mon Mar 2 17:11:00 2026 by rpki-client