$ rpki-client -vvf repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa File: 3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa (raw, json) Hash identifier: gqhY4MmYkqOg6e+mCklnZjdLAja245uGxhjbsLKfTo4= Subject key identifier: B1:AA:93:92:CB:BE:4F:44:F3:F8:3E:EB:AC:BA:E2:88:CA:07:F7:54 Certificate issuer: /CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Certificate serial: 56E56C7C453F0901B75E17C4AD9AA2FE23CD42FC Authority key identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa Signing time: Thu 02 Apr 2026 13:01:29 +0000 ROA not before: Thu 02 Apr 2026 12:56:29 +0000 ROA not after: Thu 01 Apr 2027 13:01:29 +0000 asID: 59149 IP address blocks: 103.254.168.0/22 maxlen: 22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 00:04:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:e5:6c:7c:45:3f:09:01:b7:5e:17:c4:ad:9a:a2:fe:23:cd:42:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Validity Not Before: Apr 2 12:56:29 2026 GMT Not After : Apr 1 13:01:29 2027 GMT Subject: CN=B1AA9392CBBE4F44F3F83EEBACBAE288CA07F754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:30:69:63:8f:75:d2:e9:ce:b2:73:1f:8e:b5: 13:55:bc:b5:6c:60:cf:93:e7:6e:dd:0b:7e:f5:0f: 74:df:4c:e9:6f:3a:37:f9:2d:0a:63:d7:1c:b9:ce: cd:1d:cf:b5:64:9a:25:da:51:c3:1c:11:56:01:14: 6d:6f:c6:a6:c1:c1:26:49:00:24:12:81:f8:4b:d0: a0:fa:31:95:1f:45:ca:bb:b0:59:ca:ef:9a:29:8d: df:49:53:24:f0:8d:31:cd:e9:ff:4d:ca:c9:d3:1f: f3:a5:19:57:1b:1f:b7:25:ed:9e:cf:f8:b2:1b:6a: fb:e6:50:7c:57:49:00:e0:87:c5:dd:e3:ee:48:2d: 25:26:6c:39:2f:33:72:a4:8f:ed:d8:5b:76:0d:a5: ea:d2:f1:ad:58:c1:03:63:28:14:3e:11:bd:7c:c5: 05:68:18:1f:31:33:84:b8:df:a9:85:ef:97:dc:61: 20:f1:dd:68:79:de:5c:e0:60:ba:70:42:c2:fc:d2: 65:72:1c:c8:46:cd:7e:0f:b5:ea:32:9a:2a:83:03: e1:b1:bf:14:4b:6d:f8:2a:2f:2e:57:df:24:2b:cd: 97:ce:f4:08:73:31:45:25:b6:44:aa:b3:ea:ce:be: 23:3d:b8:84:f9:ac:c9:b2:93:83:c4:b9:c5:7e:3f: 7d:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:AA:93:92:CB:BE:4F:44:F3:F8:3E:EB:AC:BA:E2:88:CA:07:F7:54 X509v3 Authority Key Identifier: keyid:3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3130332e3235342e3136382e302f32322d3232203d3e203539313439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.254.168.0/22 Signature Algorithm: sha256WithRSAEncryption 2e:33:87:72:5f:90:5c:fb:03:86:51:4b:4c:ed:79:21:a0:13: c1:8a:bb:f0:69:b5:0b:4c:ff:7b:d3:78:76:51:f9:24:ee:59: 11:75:8a:27:1d:6d:85:18:d0:3c:23:f3:7a:89:61:02:3e:c8: 80:03:dc:05:6f:e8:b4:90:67:a7:95:3e:40:91:df:6c:2f:5a: d3:42:fa:70:ce:a6:42:4b:d5:5d:b8:49:32:ef:f4:10:d5:5f: a3:80:ca:b7:93:36:67:5d:1d:12:ff:76:d4:0e:67:d0:52:90: 7d:b6:94:f6:32:69:af:fe:ec:56:fa:ba:b1:b7:8d:7e:4a:71: 9f:e2:7e:61:ab:29:51:9a:d6:a4:b9:a6:b7:f8:a8:df:48:1b: 1b:04:03:d6:e0:0b:3f:11:c7:3a:c7:90:d6:0f:72:98:9a:ec: 75:74:0c:0d:03:1a:22:a7:80:7c:ce:b6:3f:40:e5:85:8f:0f: 71:91:e0:34:b4:80:33:48:95:65:5e:35:bd:3d:fb:e1:c9:51: da:56:0f:90:c8:04:0f:52:45:f9:f1:d0:30:ba:0e:1a:78:b0: a4:6b:f5:af:85:c5:d2:c5:fa:b3:8b:74:d0:78:5d:16:8f:fc: 78:b9:0f:6d:9c:b8:1e:01:e7:14:82:ff:0c:a3:7a:43:72:d8: 07:3a:45:cf -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUVuVsfEU/CQG3XhfErZqi/iPNQvwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5 RTE4MjA3NDAeFw0yNjA0MDIxMjU2MjlaFw0yNzA0MDExMzAxMjlaMDMxMTAvBgNV BAMTKEIxQUE5MzkyQ0JCRTRGNDRGM0Y4M0VFQkFDQkFFMjg4Q0EwN0Y3NTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6MGljj3XS6c6ycx+OtRNVvLVs YM+T527dC371D3TfTOlvOjf5LQpj1xy5zs0dz7VkmiXaUcMcEVYBFG1vxqbBwSZJ ACQSgfhL0KD6MZUfRcq7sFnK75opjd9JUyTwjTHN6f9NysnTH/OlGVcbH7cl7Z7P +LIbavvmUHxXSQDgh8Xd4+5ILSUmbDkvM3Kkj+3YW3YNperS8a1YwQNjKBQ+Eb18 xQVoGB8xM4S436mF75fcYSDx3Wh53lzgYLpwQsL80mVyHMhGzX4PteoymiqDA+Gx vxRLbfgqLy5X3yQrzZfO9AhzMUUltkSqs+rOviM9uIT5rMmyk4PEucV+P325AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUsaqTksu+T0Tz+D7rrLriiMoH91QwHwYDVR0j BBgwFoAUOyup6NU1er13a27EyvfBxZ4YIHQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YWU3ZDQ2MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMC8zQjJCQTlFOEQ1 MzU3QUJENzc2QjZFQzRDQUY3QzFDNTlFMTgyMDc0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0IyQkE5RThENTM1N0FCRDc3NkI2RUM0Q0FGN0MxQzU5RTE4 MjA3NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJhZTdkNDYxLTBlMzItNGU2NS1i Yjg4LWQ3MjQwNWIyNDQ1MS8wLzMxMzAzMzJlMzIzNTM0MmUzMTM2MzgyZTMwMmYz MjMyMmQzMjMyMjAzZDNlMjAzNTM5MzEzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ/6oMA0GCSqG SIb3DQEBCwUAA4IBAQAuM4dyX5Bc+wOGUUtM7XkhoBPBirvwabULTP9703h2Ufkk 7lkRdYonHW2FGNA8I/N6iWECPsiAA9wFb+i0kGenlT5Akd9sL1rTQvpwzqZCS9Vd uEky7/QQ1V+jgMq3kzZnXR0S/3bUDmfQUpB9tpT2Mmmv/uxW+rqxt41+SnGf4n5h qylRmtakuaa3+KjfSBsbBAPW4As/Ecc6x5DWD3KYmux1dAwNAxoip4B8zrY/QOWF jw9xkeA0tIAzSJVlXjW9PfvhyVHaVg+QyAQPUkX58dAwug4aeLCka/WvhcXSxfqz i3TQeF0Wj/x4uQ9tnLgeAecUgv8Mo3pDctgHOkXP -----END CERTIFICATE-----Generated at Fri Apr 17 21:27:23 2026 by rpki-client