$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3233312e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: o/hW8qZTONTOAc20EcYPM6z7EK54AM3nJtkiYTqdmzw= Subject key identifier: 2B:CD:74:1F:60:F2:4F:9F:CA:D9:FB:12:9D:96:5D:50:17:4C:EA:3D Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 0666722FA2F2B92266DCC65D35F788AC59D8A1D6 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa Signing time: Wed 21 Jan 2026 11:00:01 +0000 ROA not before: Wed 21 Jan 2026 10:55:01 +0000 ROA not after: Wed 20 Jan 2027 11:00:01 +0000 asID: 38764 IP address blocks: 120.29.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 00:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:66:72:2f:a2:f2:b9:22:66:dc:c6:5d:35:f7:88:ac:59:d8:a1:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Jan 21 10:55:01 2026 GMT Not After : Jan 20 11:00:01 2027 GMT Subject: CN=2BCD741F60F24F9FCAD9FB129D965D50174CEA3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fd:ac:cf:a6:78:c1:7b:a5:4a:39:97:8a:12: b2:be:c6:bf:64:65:8c:46:ad:2a:fa:bf:75:2a:5a: 77:a1:94:54:99:8b:44:b9:5f:35:02:66:d3:66:1d: c8:64:f5:c3:73:b4:51:01:63:16:e6:1d:f7:bf:4d: fc:e7:7c:d0:dc:7b:fe:b3:0c:65:d7:a6:06:0b:b2: 58:08:2e:2f:6d:15:62:22:d4:95:1a:2c:3e:3b:cc: 4b:c0:df:86:59:c0:80:61:d0:91:1c:da:a9:aa:6f: a6:50:64:91:c4:23:ac:e9:e9:bf:fd:7a:82:ee:54: 51:3a:05:1a:29:aa:25:46:36:56:74:85:04:da:9c: 57:86:dc:2c:32:cd:cf:c8:6f:90:f8:cd:54:09:47: e9:d8:1e:26:07:fb:4b:93:3d:f2:77:08:c7:f7:7e: a3:72:8d:46:16:2f:a6:7b:b4:7d:12:66:30:b3:36: 7f:76:4d:d1:d1:64:9f:37:78:28:11:e3:60:fc:aa: 7c:e4:c7:b6:7c:4d:18:23:64:e9:ca:a4:03:d4:51: a8:f2:c2:90:d3:24:a7:82:a6:4d:6d:d2:41:57:54: e7:12:0b:05:f2:e8:11:45:68:42:f1:e5:c8:3d:f3: 58:af:b9:ad:56:70:f5:11:58:0c:7f:8d:52:6f:ab: e5:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:CD:74:1F:60:F2:4F:9F:CA:D9:FB:12:9D:96:5D:50:17:4C:EA:3D X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.231.0/24 Signature Algorithm: sha256WithRSAEncryption 40:8b:a0:cb:9b:e4:53:56:09:7e:2c:80:71:c5:39:b3:2f:f7: cd:40:4b:78:fc:99:2c:7c:92:6d:22:6c:10:69:e7:8b:14:a2: 31:9c:0c:61:6d:df:d3:96:81:98:ae:76:c9:87:be:c0:5a:36: e7:20:6e:9c:fe:b8:1a:8d:7f:1d:13:2f:29:ab:d8:5a:cd:1e: 10:44:f9:f4:83:b2:2c:d7:1a:5b:10:60:27:bb:8c:b5:ee:c5: 07:8f:c0:16:70:02:3d:84:c7:01:12:0e:ae:a3:44:19:53:22: bd:ce:57:a8:87:83:4e:9d:94:74:18:bf:be:f3:e3:18:99:e3: c4:75:9d:cc:39:21:2e:61:64:76:56:ae:25:6b:8b:45:8d:56: 7a:2c:ce:1f:53:75:d9:19:b6:94:d1:62:22:38:e4:1a:20:de: b1:40:5b:1f:0c:ab:ff:a2:b5:02:06:80:e5:06:ab:6e:72:76: a3:df:b5:55:11:3d:9a:98:c8:d2:58:48:47:2b:ed:7d:16:d9: 7f:fd:ab:7e:be:63:3f:78:99:69:4f:b0:01:96:33:96:0f:7e: 69:f4:a9:2d:25:a8:8e:b1:21:b7:18:a0:d6:1a:d8:7c:c9:6c: b5:77:8c:ca:4d:26:89:d4:03:a3:a6:d2:1e:25:3e:5e:21:c9: 27:45:c0:f6 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUBmZyL6LyuSJm3MZdNfeIrFnYodYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNjAxMjExMDU1MDFaFw0yNzAxMjAxMTAwMDFaMDMxMTAvBgNV BAMTKDJCQ0Q3NDFGNjBGMjRGOUZDQUQ5RkIxMjlEOTY1RDUwMTc0Q0VBM0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp/azPpnjBe6VKOZeKErK+xr9k ZYxGrSr6v3UqWnehlFSZi0S5XzUCZtNmHchk9cNztFEBYxbmHfe/TfznfNDce/6z DGXXpgYLslgILi9tFWIi1JUaLD47zEvA34ZZwIBh0JEc2qmqb6ZQZJHEI6zp6b/9 eoLuVFE6BRopqiVGNlZ0hQTanFeG3Cwyzc/Ib5D4zVQJR+nYHiYH+0uTPfJ3CMf3 fqNyjUYWL6Z7tH0SZjCzNn92TdHRZJ83eCgR42D8qnzkx7Z8TRgjZOnKpAPUUajy wpDTJKeCpk1t0kFXVOcSCwXy6BFFaELx5cg981ivua1WcPURWAx/jVJvq+UrAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUK810H2DyT5/K2fsSnZZdUBdM6j0wHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5zANBgkqhkiG 9w0BAQsFAAOCAQEAQIugy5vkU1YJfiyAccU5sy/3zUBLePyZLHySbSJsEGnnixSi MZwMYW3f05aBmK52yYe+wFo25yBunP64Go1/HRMvKavYWs0eEET59IOyLNcaWxBg J7uMte7FB4/AFnACPYTHARIOrqNEGVMivc5XqIeDTp2UdBi/vvPjGJnjxHWdzDkh LmFkdlauJWuLRY1WeizOH1N12Rm2lNFiIjjkGiDesUBbHwyr/6K1AgaA5QarbnJ2 o9+1VRE9mpjI0lhIRyvtfRbZf/2rfr5jP3iZaU+wAZYzlg9+afSpLSWojrEhtxig 1hrYfMlstXeMyk0midQDo6bSHiU+XiHJJ0XA9g== -----END CERTIFICATE-----Generated at Mon Mar 2 11:25:39 2026 by rpki-client