$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232362e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232362e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: KmsUdHDk3KWG6ZVcZIyi7cy4EBKg+PkfE62y9MOD+Qk= Subject key identifier: AC:69:01:67:4A:70:1D:B9:92:E5:25:79:3B:A9:3C:44:AB:5C:E5:5D Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 05779998F00AB133ABC3A5E9EC13279856AE00F2 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232362e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 12:00:02 +0000 ROA not before: Wed 21 Jan 2026 11:55:02 +0000 ROA not after: Wed 20 Jan 2027 12:00:02 +0000 asID: 38764 IP address blocks: 120.29.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:77:99:98:f0:0a:b1:33:ab:c3:a5:e9:ec:13:27:98:56:ae:00:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 11:55:02 2026 GMT Not After : Jan 20 12:00:02 2027 GMT Subject: CN=AC6901674A701DB992E525793BA93C44AB5CE55D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:39:8a:0c:4f:55:f0:b0:78:63:23:37:11:dc: 75:d6:74:f7:19:11:e6:9a:d8:a4:c2:c5:b0:34:f5: d3:0d:49:37:c8:4c:01:c8:c3:f8:b8:d1:97:b8:89: a3:df:72:db:b3:b2:99:7b:4a:05:c5:27:f6:80:76: 12:d4:b6:9f:2f:6d:f4:02:0b:9c:02:5b:83:a8:27: 79:77:b6:2b:1d:25:42:3e:3b:4e:3b:01:9a:b6:b5: b4:32:70:f0:fa:c9:6d:5e:6f:31:ad:ea:ce:27:3e: 28:04:30:88:ce:63:7c:b0:e8:eb:bd:e1:cf:a8:39: dc:d9:36:52:f0:97:15:1f:a3:7f:50:6e:5f:c3:37: 22:be:73:ea:bc:91:8b:7f:f1:2b:2f:35:2b:b3:5b: 46:5a:1f:42:f4:a5:74:94:8a:54:fc:cd:e7:2b:77: 52:0c:eb:d5:9e:d4:0d:4a:8b:7e:20:60:b4:52:22: a4:8c:64:55:9d:1b:1a:fe:3f:53:87:1d:41:aa:f4: 72:b1:1c:c0:2e:a1:f3:d4:1b:59:18:a0:89:07:d5: b9:16:bf:7c:5d:9f:e8:17:d7:87:19:38:da:c5:95: f0:44:48:e9:3c:f8:83:52:67:da:4d:34:72:15:b2: a5:e4:49:fb:b6:ef:48:7a:01:db:fe:68:e9:90:15: 52:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:69:01:67:4A:70:1D:B9:92:E5:25:79:3B:A9:3C:44:AB:5C:E5:5D X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232362e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.226.0/24 Signature Algorithm: sha256WithRSAEncryption 17:8a:28:cf:d8:d6:06:5c:ab:af:25:3e:58:29:44:de:10:ef: 44:41:b9:d5:b2:e5:3a:a1:66:1f:4f:19:1f:e4:4b:06:4b:06: 00:a7:c9:6a:b2:56:13:75:90:94:74:f1:30:ba:c0:59:c7:39: 80:a5:67:ce:07:4e:c2:15:80:47:dc:31:fb:13:38:68:13:f4: 2d:e4:2d:c7:a7:9f:9c:16:91:dc:da:1c:69:74:44:a3:d8:d5: af:8a:d8:cd:2d:3f:5f:df:a7:48:a6:9c:78:91:71:90:57:92: 3d:c7:ca:77:c9:84:c3:f1:56:ae:4f:8a:28:67:cb:21:54:98: 00:c0:13:b9:40:ee:75:58:6f:37:2a:59:a0:0f:fd:cb:77:da: 5a:71:8b:e4:8c:85:03:39:f5:2f:05:78:50:eb:35:01:19:73: 61:15:d6:eb:bd:87:92:de:d9:18:98:48:6a:8d:36:a4:a8:34: f1:e8:1e:f6:e7:09:e5:f0:23:24:9d:6e:69:dc:8c:03:56:10: 9f:2b:6f:69:3b:ea:f9:0d:c5:4a:08:c1:64:0c:23:42:a7:1a: 97:9b:1e:82:49:aa:80:ec:89:05:fc:cc:1d:28:94:2f:c9:82: 39:33:b1:a8:45:92:5e:7b:2e:1f:b6:2b:a1:0e:05:50:07:ff: e2:b5:b6:52 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUBXeZmPAKsTOrw6Xp7BMnmFauAPIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMTU1MDJaFw0yNzAxMjAxMjAwMDJaMDMxMTAvBgNV BAMTKEFDNjkwMTY3NEE3MDFEQjk5MkU1MjU3OTNCQTkzQzQ0QUI1Q0U1NUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSOYoMT1XwsHhjIzcR3HXWdPcZ Eeaa2KTCxbA09dMNSTfITAHIw/i40Ze4iaPfctuzspl7SgXFJ/aAdhLUtp8vbfQC C5wCW4OoJ3l3tisdJUI+O047AZq2tbQycPD6yW1ebzGt6s4nPigEMIjOY3yw6Ou9 4c+oOdzZNlLwlxUfo39Qbl/DNyK+c+q8kYt/8SsvNSuzW0ZaH0L0pXSUilT8zecr d1IM69We1A1Ki34gYLRSIqSMZFWdGxr+P1OHHUGq9HKxHMAuofPUG1kYoIkH1bkW v3xdn+gX14cZONrFlfBESOk8+INSZ9pNNHIVsqXkSfu270h6Adv+aOmQFVIbAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUrGkBZ0pwHbmS5SV5O6k8RKtc5V0wHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM2MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd4jANBgkqhkiG 9w0BAQsFAAOCAQEAF4ooz9jWBlyrryU+WClE3hDvREG51bLlOqFmH08ZH+RLBksG AKfJarJWE3WQlHTxMLrAWcc5gKVnzgdOwhWAR9wx+xM4aBP0LeQtx6efnBaR3Noc aXREo9jVr4rYzS0/X9+nSKaceJFxkFeSPcfKd8mEw/FWrk+KKGfLIVSYAMATuUDu dVhvNypZoA/9y3faWnGL5IyFAzn1LwV4UOs1ARlzYRXW672Hkt7ZGJhIao02pKg0 8ege9ucJ5fAjJJ1uadyMA1YQnytvaTvq+Q3FSgjBZAwjQqcal5segkmqgOyJBfzM HSiUL8mCOTOxqEWSXnsuH7YroQ4FUAf/4rW2Ug== -----END CERTIFICATE-----Generated at Mon Mar 2 13:25:12 2026 by rpki-client