$ rpki-client -vvf repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/3136302e32302e33362e302f32332d3234203d3e20313532373631.roa File: 3136302e32302e33362e302f32332d3234203d3e20313532373631.roa (raw, json) Hash identifier: e3Ye+8KBt0e+GgLTg5uGXR8hoI4RqWYobVVv7ZziGMY= Subject key identifier: 44:96:38:BA:25:15:E5:8B:70:49:73:3D:D4:6F:4C:94:40:27:CD:89 Certificate issuer: /CN=A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB Certificate serial: 40B9B87C56F3E66A26A6DC1A033E5637A501D198 Authority key identifier: A7:1B:AA:66:62:38:47:B7:BD:9E:A7:C4:0B:CB:CA:85:5E:52:E8:EB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/3136302e32302e33362e302f32332d3234203d3e20313532373631.roa Signing time: Fri 18 Jul 2025 11:00:01 +0000 ROA not before: Fri 18 Jul 2025 10:55:01 +0000 ROA not after: Fri 17 Jul 2026 11:00:01 +0000 asID: 152761 IP address blocks: 160.20.36.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.crl rsync://repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 10 Aug 2025 08:19:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:b9:b8:7c:56:f3:e6:6a:26:a6:dc:1a:03:3e:56:37:a5:01:d1:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB Validity Not Before: Jul 18 10:55:01 2025 GMT Not After : Jul 17 11:00:01 2026 GMT Subject: CN=449638BA2515E58B7049733DD46F4C944027CD89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b8:7d:fc:94:72:1a:b9:3c:ca:e5:04:9a:51: 99:98:ca:4f:79:76:ce:dc:73:48:c1:d0:c1:39:8d: 17:e3:ea:0d:d8:c1:99:d8:37:b1:2c:0e:84:f8:86: 7c:83:74:ee:21:e1:6a:91:e2:68:88:2e:4e:17:3e: 1f:58:69:ca:dd:7e:db:ed:22:b8:e2:a0:30:dd:b0: 46:d3:fc:2f:d6:4b:e8:53:08:67:9f:57:49:6a:1e: 7e:cf:a9:5c:b0:fd:9f:e7:41:b9:0f:ea:d8:91:ec: 4d:ae:f6:b9:45:5e:3d:e0:ae:17:de:b7:f4:9d:1d: cf:69:78:2a:d5:78:05:30:0e:e9:25:c0:e3:55:9a: 46:24:20:c0:6f:74:bf:fc:a9:77:7b:99:5b:d5:08: 21:b8:96:5b:32:c7:76:5a:b3:bd:f3:29:18:ff:a5: e7:8f:00:1d:ab:e1:71:a4:e4:4d:01:d4:1d:86:36: 1a:87:fb:2a:da:97:98:24:02:97:d6:6e:82:27:4a: cf:e2:74:c2:52:49:ef:d4:a0:32:a8:ed:f0:4e:77: 8d:ff:33:e1:8b:27:6f:2b:4d:a6:ed:b2:fc:6a:74: 96:38:92:e5:15:22:ed:a6:f8:fd:ec:b2:ce:7b:4d: b3:54:69:fc:39:2a:9c:17:cc:1e:ea:2a:74:a7:31: e2:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:96:38:BA:25:15:E5:8B:70:49:73:3D:D4:6F:4C:94:40:27:CD:89 X509v3 Authority Key Identifier: keyid:A7:1B:AA:66:62:38:47:B7:BD:9E:A7:C4:0B:CB:CA:85:5E:52:E8:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/A71BAA66623847B7BD9EA7C40BCBCA855E52E8EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/281ef440-5a5f-4a4f-b509-b103245c5cf1/0/3136302e32302e33362e302f32332d3234203d3e20313532373631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.36.0/23 Signature Algorithm: sha256WithRSAEncryption 77:27:46:49:6c:fb:91:0a:7b:b0:bd:08:f9:d5:90:29:26:3b: 56:a7:2d:5c:bc:79:39:2a:9e:3a:86:36:b6:e9:c0:03:fa:73: 83:66:95:49:bc:49:c5:fb:7d:88:1f:f8:6b:7f:ab:ea:19:37: 33:43:e4:58:bf:b8:e6:b2:b7:77:59:f2:fc:de:70:b8:d5:cb: a0:d6:08:7e:df:65:91:08:dd:e4:04:c8:bd:09:54:bc:e5:14: 27:94:62:6f:46:5e:c3:74:af:3b:14:9b:27:c0:27:39:68:b0: 13:40:90:65:72:b8:dc:a3:cb:71:5c:38:c4:bc:f5:f4:f8:3b: 8f:97:27:bf:e1:e0:83:6c:8b:2e:7e:c0:dc:ab:ca:19:0a:e5: 45:f8:5b:52:ca:4f:5e:7a:2e:8c:9e:27:26:62:c1:eb:6b:a2: 35:6e:01:e1:c4:a4:18:ef:22:49:98:4b:cf:eb:35:3f:6b:08: 9c:2f:dd:52:37:af:9c:4c:1a:31:44:d2:a9:05:3c:56:92:81: 57:80:11:03:e3:a9:3c:12:1a:9e:ae:93:80:79:4d:17:41:7c: a2:b2:84:b7:b0:cd:20:34:50:16:ed:4c:fb:8c:42:c2:d4:fd: d2:ec:47:74:ff:d8:cd:16:ef:3f:c8:34:13:b1:93:99:12:38: c4:4c:02:d7 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUQLm4fFbz5momptwaAz5WN6UB0ZgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTcxQkFBNjY2MjM4NDdCN0JEOUVBN0M0MEJDQkNBODU1 RTUyRThFQjAeFw0yNTA3MTgxMDU1MDFaFw0yNjA3MTcxMTAwMDFaMDMxMTAvBgNV BAMTKDQ0OTYzOEJBMjUxNUU1OEI3MDQ5NzMzREQ0NkY0Qzk0NDAyN0NEODkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUuH38lHIauTzK5QSaUZmYyk95 ds7cc0jB0ME5jRfj6g3YwZnYN7EsDoT4hnyDdO4h4WqR4miILk4XPh9Yacrdftvt IrjioDDdsEbT/C/WS+hTCGefV0lqHn7PqVyw/Z/nQbkP6tiR7E2u9rlFXj3grhfe t/SdHc9peCrVeAUwDuklwONVmkYkIMBvdL/8qXd7mVvVCCG4llsyx3Zas73zKRj/ peePAB2r4XGk5E0B1B2GNhqH+yral5gkApfWboInSs/idMJSSe/UoDKo7fBOd43/ M+GLJ28rTabtsvxqdJY4kuUVIu2m+P3sss57TbNUafw5KpwXzB7qKnSnMeLpAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQURJY4uiUV5YtwSXM91G9MlEAnzYkwHwYDVR0j BBgwFoAUpxuqZmI4R7e9nqfEC8vKhV5S6OswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODFlZjQ0MC01YTVmLTRhNGYtYjUwOS1iMTAzMjQ1YzVjZjEvMC9BNzFCQUE2NjYy Mzg0N0I3QkQ5RUE3QzQwQkNCQ0E4NTVFNTJFOEVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQTcxQkFBNjY2MjM4NDdCN0JEOUVBN0M0MEJDQkNBODU1RTUy RThFQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI4MWVmNDQwLTVhNWYtNGE0Zi1i NTA5LWIxMDMyNDVjNWNmMS8wLzMxMzYzMDJlMzIzMDJlMzMzNjJlMzAyZjMyMzMy ZDMyMzQyMDNkM2UyMDMxMzUzMjM3MzYzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaAUJDANBgkqhkiG 9w0BAQsFAAOCAQEAdydGSWz7kQp7sL0I+dWQKSY7VqctXLx5OSqeOoY2tunAA/pz g2aVSbxJxft9iB/4a3+r6hk3M0PkWL+45rK3d1ny/N5wuNXLoNYIft9lkQjd5ATI vQlUvOUUJ5Rib0Zew3SvOxSbJ8AnOWiwE0CQZXK43KPLcVw4xLz19Pg7j5cnv+Hg g2yLLn7A3KvKGQrlRfhbUspPXnoujJ4nJmLB62uiNW4B4cSkGO8iSZhLz+s1P2sI nC/dUjevnEwaMUTSqQU8VpKBV4ARA+OpPBIanq6TgHlNF0F8orKEt7DNIDRQFu1M +4xCwtT90uxHdP/YzRbvP8g0E7GTmRI4xEwC1w== -----END CERTIFICATE-----Generated at Thu Aug 7 20:19:08 2025 by rpki-client