$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232382e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: g7MxCuMcZcUZMViRKxMdEfGOeCRM4ZwEaqaIDOryUYY= Subject key identifier: 96:F6:6C:7B:2B:4B:F3:B5:04:E8:DB:FC:12:0A:CA:24:8B:F9:DE:B0 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 52D055E9C33661002F3A40763E034ADC53F664FE Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 12:00:01 +0000 ROA not before: Wed 21 Jan 2026 11:55:01 +0000 ROA not after: Wed 20 Jan 2027 12:00:01 +0000 asID: 38764 IP address blocks: 120.29.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:d0:55:e9:c3:36:61:00:2f:3a:40:76:3e:03:4a:dc:53:f6:64:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 11:55:01 2026 GMT Not After : Jan 20 12:00:01 2027 GMT Subject: CN=96F66C7B2B4BF3B504E8DBFC120ACA248BF9DEB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b1:37:49:1e:69:da:aa:25:1d:0d:59:df:b0: b9:62:25:8d:31:6f:4e:70:a1:3a:21:b6:10:bf:d0: cf:bd:de:8a:63:8d:fb:ee:b9:91:33:3e:bd:cc:d8: 1b:1f:dd:17:a1:2e:73:31:39:93:ec:75:53:0f:43: f9:f8:fa:b0:b2:61:3e:51:fa:94:f1:9e:d8:c5:22: cc:9e:21:23:3f:b2:58:58:d2:3e:dd:cb:33:1e:19: 72:41:36:b4:0b:dc:6b:5c:8d:1b:fa:7a:e6:c2:73: 60:58:81:ce:35:e1:70:ba:77:7b:ea:a0:03:26:b9: 04:ba:af:3a:f0:d9:32:21:9d:e0:a4:82:7d:bf:f0: bd:6d:bc:05:e6:7e:d6:b2:5b:04:d1:f2:8b:f9:72: 10:54:30:3c:e3:86:74:fd:40:8c:c5:3a:80:81:1b: aa:f1:e6:d7:51:2e:c3:5a:70:37:f3:d7:ba:ea:0c: 2a:f3:9a:2f:a7:77:f4:18:90:88:80:45:43:85:78: 44:4b:d9:b1:1c:01:8a:13:e5:de:84:2e:3b:66:01: fe:df:f7:08:8c:c8:e8:12:e2:e3:4d:6f:7f:b3:fe: ec:d7:fc:21:27:e4:96:f4:28:42:62:51:6b:ef:de: 1d:f6:80:1a:57:d1:5b:e5:3e:84:ef:6c:5d:ce:7d: 6a:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:F6:6C:7B:2B:4B:F3:B5:04:E8:DB:FC:12:0A:CA:24:8B:F9:DE:B0 X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232382e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.228.0/24 Signature Algorithm: sha256WithRSAEncryption 57:e9:95:44:8b:01:c1:29:cf:3a:07:ef:ae:c3:21:95:ee:98: 0c:40:b9:89:c4:bb:66:c0:cc:c9:2a:7d:ff:d8:c6:84:89:f2: b3:8d:b8:10:83:2d:0e:fe:3b:60:65:ef:31:ee:68:f6:ad:e7: 0a:eb:86:32:38:aa:86:11:cb:f1:49:78:5a:3e:e6:1c:31:97: 47:7d:03:03:c8:b1:1d:60:4d:dd:86:5d:03:fa:37:c9:30:13: 3a:69:b5:c4:31:44:ce:cf:a6:9a:84:bc:b2:dc:dc:d4:90:43: bf:e6:25:65:f0:52:bc:70:b1:30:9e:72:2d:09:d0:8e:fb:cb: f5:1c:4b:39:6b:2c:03:7a:e2:3c:92:1e:9d:6b:a6:e8:c1:bf: 8d:d1:5b:ef:54:7a:4e:74:ac:f5:36:b3:15:50:8d:ae:59:eb: 7d:4a:de:22:e0:cf:4c:cd:99:3d:84:fe:29:ed:97:f9:e4:97: 78:fd:30:9f:82:c8:63:88:8d:c5:6c:76:f5:e1:c5:93:90:6e: 65:ed:f6:dc:c4:c2:e3:ed:4a:36:25:2f:8e:75:2a:86:10:a9: a3:eb:07:0d:56:38:e6:6e:1b:d9:51:4f:a2:a7:00:31:76:ee: e9:a6:bf:f4:70:88:ea:7e:9f:6d:75:b6:4d:cd:32:bc:2d:f4: 56:29:b3:32 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUUtBV6cM2YQAvOkB2PgNK3FP2ZP4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMTU1MDFaFw0yNzAxMjAxMjAwMDFaMDMxMTAvBgNV BAMTKDk2RjY2QzdCMkI0QkYzQjUwNEU4REJGQzEyMEFDQTI0OEJGOURFQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmsTdJHmnaqiUdDVnfsLliJY0x b05woTohthC/0M+93opjjfvuuZEzPr3M2Bsf3RehLnMxOZPsdVMPQ/n4+rCyYT5R +pTxntjFIsyeISM/slhY0j7dyzMeGXJBNrQL3GtcjRv6eubCc2BYgc414XC6d3vq oAMmuQS6rzrw2TIhneCkgn2/8L1tvAXmftayWwTR8ov5chBUMDzjhnT9QIzFOoCB G6rx5tdRLsNacDfz17rqDCrzmi+nd/QYkIiARUOFeERL2bEcAYoT5d6ELjtmAf7f 9wiMyOgS4uNNb3+z/uzX/CEn5Jb0KEJiUWvv3h32gBpX0VvlPoTvbF3OfWqjAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUlvZseytL87UE6Nv8EgrKJIv53rAwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5DANBgkqhkiG 9w0BAQsFAAOCAQEAV+mVRIsBwSnPOgfvrsMhle6YDEC5icS7ZsDMySp9/9jGhIny s424EIMtDv47YGXvMe5o9q3nCuuGMjiqhhHL8Ul4Wj7mHDGXR30DA8ixHWBN3YZd A/o3yTATOmm1xDFEzs+mmoS8stzc1JBDv+YlZfBSvHCxMJ5yLQnQjvvL9RxLOWss A3riPJIenWum6MG/jdFb71R6TnSs9TazFVCNrlnrfUreIuDPTM2ZPYT+Ke2X+eSX eP0wn4LIY4iNxWx29eHFk5BuZe323MTC4+1KNiUvjnUqhhCpo+sHDVY45m4b2VFP oqcAMXbu6aa/9HCI6n6fbXW2Tc0yvC30VimzMg== -----END CERTIFICATE-----Generated at Mon Mar 2 13:07:02 2026 by rpki-client