$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3233302e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: 3exU7oFsvYUFSV8eY2HjGvJAd31licbqMiWMGxc4mP8= Subject key identifier: 0C:89:D6:47:69:1F:77:B4:1E:E9:40:41:6A:3C:70:DC:7D:A8:45:0E Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 74DD7FA3CDED3D3B44AB6541C04FC7785566CCE4 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 11:00:01 +0000 ROA not before: Wed 21 Jan 2026 10:55:01 +0000 ROA not after: Wed 20 Jan 2027 11:00:01 +0000 asID: 38764 IP address blocks: 120.29.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:dd:7f:a3:cd:ed:3d:3b:44:ab:65:41:c0:4f:c7:78:55:66:cc:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 10:55:01 2026 GMT Not After : Jan 20 11:00:01 2027 GMT Subject: CN=0C89D647691F77B41EE940416A3C70DC7DA8450E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:cc:66:f6:80:ff:bb:45:1a:7f:02:d8:ae:97: fb:9b:7d:5e:b9:88:5a:66:0b:0b:94:eb:e8:a3:fb: 5c:3d:da:7d:87:60:a9:df:e1:6f:87:7d:a8:31:fc: 7e:3a:98:b2:ad:1d:58:5d:41:69:e5:7c:a3:c6:3a: 9a:7d:38:c8:a3:d2:26:21:e7:01:ed:00:b7:3b:43: 86:7f:6d:85:5d:d1:f0:01:84:71:4c:da:dd:03:dc: 46:d6:fb:86:e7:5b:1e:68:1a:89:63:24:58:e3:58: 89:db:5a:d0:b9:18:44:68:66:2c:99:ba:fa:4a:b9: c2:ef:3e:8d:29:e1:cc:b7:aa:d0:2c:f3:f3:cc:5b: a4:ee:61:0b:33:1f:86:82:5a:64:2f:0b:88:8c:83: 95:0b:4f:e5:9d:c5:22:a2:69:11:f6:f4:83:df:6b: 88:3e:fc:ab:a4:75:19:29:e3:df:d6:4d:53:70:60: a6:4e:59:62:7b:bf:37:0d:d7:98:ae:42:a4:4a:fd: 5f:0a:4c:0c:76:67:11:63:d2:69:43:fe:bf:42:6e: 68:53:cd:61:d8:8e:a9:0a:20:f2:59:91:5d:7c:76: 9e:5c:16:0b:b4:43:a8:1e:25:f1:89:cf:1d:60:5e: 72:56:c7:ec:a1:4d:ce:3d:da:b5:70:fd:d9:f7:02: 67:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:89:D6:47:69:1F:77:B4:1E:E9:40:41:6A:3C:70:DC:7D:A8:45:0E X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233302e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.230.0/24 Signature Algorithm: sha256WithRSAEncryption 16:1c:70:1a:cf:e1:77:7e:4d:c7:89:db:ca:df:3a:ce:0e:ad: 85:32:da:7f:3b:56:5d:98:1b:36:88:4a:61:86:fb:f3:4e:b0: 4c:6b:a4:57:56:a0:cf:f6:66:dd:23:91:0d:39:c7:e6:c0:39: 89:89:65:c4:a2:31:e1:26:49:c4:9d:9f:dd:a9:af:30:3a:1d: 56:66:e4:a1:50:73:7b:75:ec:65:90:d4:a5:5b:8e:f7:26:02: 99:d9:ec:5b:81:35:0e:0a:64:31:fb:cf:5c:ee:2c:a0:e1:89: ef:e1:91:ce:68:1b:99:6c:cc:39:a4:6e:12:1c:e1:76:fe:34: a8:6c:3f:2b:24:85:e9:be:51:b0:eb:b9:ac:e9:d1:ff:d4:23: c3:14:b3:71:dd:d5:e8:84:1c:21:ac:f8:a3:37:8d:53:25:95: b9:b1:3e:63:71:44:98:65:a2:84:c4:f5:9c:58:89:4f:53:d1: 1c:84:e8:87:0b:02:dc:63:3c:88:0c:6d:27:df:94:9d:0f:85: 93:7b:2b:54:8a:d5:cc:07:fe:cf:73:00:12:24:44:d6:37:df: cc:80:da:87:55:12:6a:96:35:22:99:85:68:a9:0c:20:79:b1: b1:0c:47:74:41:9a:a1:e5:58:84:30:7d:6f:c7:8b:c4:3f:cb: c7:c3:42:1d -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUdN1/o83tPTtEq2VBwE/HeFVmzOQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMDU1MDFaFw0yNzAxMjAxMTAwMDFaMDMxMTAvBgNV BAMTKDBDODlENjQ3NjkxRjc3QjQxRUU5NDA0MTZBM0M3MERDN0RBODQ1MEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9zGb2gP+7RRp/Atiul/ubfV65 iFpmCwuU6+ij+1w92n2HYKnf4W+Hfagx/H46mLKtHVhdQWnlfKPGOpp9OMij0iYh 5wHtALc7Q4Z/bYVd0fABhHFM2t0D3EbW+4bnWx5oGoljJFjjWInbWtC5GERoZiyZ uvpKucLvPo0p4cy3qtAs8/PMW6TuYQszH4aCWmQvC4iMg5ULT+WdxSKiaRH29IPf a4g+/KukdRkp49/WTVNwYKZOWWJ7vzcN15iuQqRK/V8KTAx2ZxFj0mlD/r9CbmhT zWHYjqkKIPJZkV18dp5cFgu0Q6geJfGJzx1gXnJWx+yhTc492rVw/dn3AmcxAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUDInWR2kfd7Qe6UBBajxw3H2oRQ4wHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5jANBgkqhkiG 9w0BAQsFAAOCAQEAFhxwGs/hd35Nx4nbyt86zg6thTLafztWXZgbNohKYYb7806w TGukV1agz/Zm3SORDTnH5sA5iYllxKIx4SZJxJ2f3amvMDodVmbkoVBze3XsZZDU pVuO9yYCmdnsW4E1DgpkMfvPXO4soOGJ7+GRzmgbmWzMOaRuEhzhdv40qGw/KySF 6b5RsOu5rOnR/9QjwxSzcd3V6IQcIaz4ozeNUyWVubE+Y3FEmGWihMT1nFiJT1PR HITohwsC3GM8iAxtJ9+UnQ+Fk3srVIrVzAf+z3MAEiRE1jffzIDah1USapY1IpmF aKkMIHmxsQxHdEGaoeVYhDB9b8eLxD/Lx8NCHQ== -----END CERTIFICATE-----Generated at Mon Mar 2 13:36:38 2026 by rpki-client