$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3232392e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: MIBjJ0juyARBq3pL12kDjJxTxoFUENwyQCjEpJRY2ns= Subject key identifier: 5D:9C:C3:07:97:0C:6C:CB:F1:16:04:CE:10:E3:96:39:4D:BC:2E:E5 Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 6D62948D2CA83293A640713A565CAAE1E215588D Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 12:00:02 +0000 ROA not before: Wed 21 Jan 2026 11:55:02 +0000 ROA not after: Wed 20 Jan 2027 12:00:02 +0000 asID: 38764 IP address blocks: 120.29.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:62:94:8d:2c:a8:32:93:a6:40:71:3a:56:5c:aa:e1:e2:15:58:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 11:55:02 2026 GMT Not After : Jan 20 12:00:02 2027 GMT Subject: CN=5D9CC307970C6CCBF11604CE10E396394DBC2EE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:ee:83:8e:ce:ce:ad:4b:b4:4d:38:34:f2:0e: cd:d3:94:86:1c:89:84:e4:ee:9c:e5:a7:f5:70:79: 00:6e:de:df:0d:30:ff:ef:73:fd:b6:5f:60:c2:ed: 9a:53:a3:25:83:df:70:df:c5:76:6c:8d:06:0a:06: 50:81:ea:81:f4:f6:4b:8a:17:52:7c:45:90:7e:17: 67:8a:89:2a:8d:bb:ac:85:d0:4e:83:81:84:0b:dc: 7c:58:29:09:4d:78:f4:a4:20:f0:84:05:89:31:3c: bf:6d:4e:d7:cf:c3:66:59:cd:b4:37:f8:c1:d1:f5: b3:21:7f:32:0f:aa:ea:bf:63:a8:41:d1:63:ec:28: ae:aa:81:6e:15:05:40:37:68:e1:f9:09:d1:58:50: 12:01:89:cb:b5:6d:ae:29:c8:b0:a2:0d:3a:98:2e: 65:49:ca:33:7c:d7:aa:cb:7b:ae:57:ad:98:3d:1c: 35:2c:e9:98:2b:8f:05:22:39:be:14:42:b7:25:92: a3:36:ce:84:0f:e7:8d:da:3d:67:a1:5f:54:89:55: 44:82:fa:7b:61:00:eb:c6:5e:23:47:c2:9a:25:bf: 90:ec:b9:05:cf:a0:f9:74:15:15:dd:90:17:3e:6f: 92:68:3a:f6:06:c3:32:47:d2:18:b9:1d:0c:8b:31: c3:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:9C:C3:07:97:0C:6C:CB:F1:16:04:CE:10:E3:96:39:4D:BC:2E:E5 X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3232392e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.229.0/24 Signature Algorithm: sha256WithRSAEncryption 08:ec:71:b3:4f:d9:a6:57:e6:83:0a:ee:24:ad:00:7c:4e:03: c0:37:a3:23:b2:5a:c2:bd:e7:36:42:d2:2d:7d:1d:d5:03:f2: bb:7c:fd:a6:86:68:34:40:4a:e9:ea:05:e4:97:5f:01:3a:70: e4:dd:7a:9c:8e:b9:71:c3:34:11:28:ea:36:e3:91:ea:a9:66: ab:33:c6:fe:f5:ce:f2:f2:f9:82:0a:6e:4e:68:a9:79:4c:48: 1b:c7:d0:bf:ae:f9:3b:87:e0:39:3e:de:77:f5:db:b4:d1:23: 2e:60:40:55:fe:3e:09:f3:ec:5f:bc:54:9f:c4:e9:35:19:64: f6:de:59:4b:53:b3:57:c4:3e:87:3d:b9:1b:5b:aa:cf:b2:71: 7b:8c:b2:df:de:08:72:d1:22:d9:d6:91:d3:9a:50:51:2c:3d: 9c:6a:36:e7:57:28:d7:1c:60:8e:be:3a:ff:37:a2:67:b8:c5: 2b:18:9c:96:4b:36:ed:82:ef:0d:5d:da:f3:2a:94:08:64:6b: f8:fb:bc:c1:bc:b7:a8:16:a7:dd:7b:1f:bb:af:cd:45:54:47: 91:8b:65:d4:7b:c4:ee:91:15:43:34:2a:3b:07:58:b9:85:d4: f2:95:29:0a:00:24:d0:ca:5b:b7:f7:32:37:9f:c6:90:24:4b: 51:10:89:e5 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUbWKUjSyoMpOmQHE6Vlyq4eIVWI0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMTU1MDJaFw0yNzAxMjAxMjAwMDJaMDMxMTAvBgNV BAMTKDVEOUNDMzA3OTcwQzZDQ0JGMTE2MDRDRTEwRTM5NjM5NERCQzJFRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq7oOOzs6tS7RNODTyDs3TlIYc iYTk7pzlp/VweQBu3t8NMP/vc/22X2DC7ZpToyWD33DfxXZsjQYKBlCB6oH09kuK F1J8RZB+F2eKiSqNu6yF0E6DgYQL3HxYKQlNePSkIPCEBYkxPL9tTtfPw2ZZzbQ3 +MHR9bMhfzIPquq/Y6hB0WPsKK6qgW4VBUA3aOH5CdFYUBIBicu1ba4pyLCiDTqY LmVJyjN816rLe65XrZg9HDUs6ZgrjwUiOb4UQrclkqM2zoQP543aPWehX1SJVUSC +nthAOvGXiNHwpolv5DsuQXPoPl0FRXdkBc+b5JoOvYGwzJH0hi5HQyLMcOPAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUXZzDB5cMbMvxFgTOEOOWOU28LuUwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMjM5MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5TANBgkqhkiG 9w0BAQsFAAOCAQEACOxxs0/ZplfmgwruJK0AfE4DwDejI7Jawr3nNkLSLX0d1QPy u3z9poZoNEBK6eoF5JdfATpw5N16nI65ccM0ESjqNuOR6qlmqzPG/vXO8vL5ggpu TmipeUxIG8fQv675O4fgOT7ed/XbtNEjLmBAVf4+CfPsX7xUn8TpNRlk9t5ZS1Oz V8Q+hz25G1uqz7Jxe4yy394IctEi2daR05pQUSw9nGo251co1xxgjr46/zeiZ7jF Kxiclks27YLvDV3a8yqUCGRr+Pu8wby3qBan3Xsfu6/NRVRHkYtl1HvE7pEVQzQq OwdYuYXU8pUpCgAk0Mpbt/cyN5/GkCRLURCJ5Q== -----END CERTIFICATE-----Generated at Mon Mar 2 18:28:36 2026 by rpki-client