$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130362e302f32342d3234203d3e20313336383733.roa File: 3232332e32352e3130362e302f32342d3234203d3e20313336383733.roa (raw, json) Hash identifier: S8lyObQBOuPDRueBj8YjzK0Yqke0dcnMl7Vcc48vuVs= Subject key identifier: CD:C2:43:E8:5E:2A:CB:6E:42:B9:7D:48:D3:18:A6:C3:4C:54:E2:6C Certificate issuer: /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Certificate serial: 65284EC42CCBD4DF97C59898832C7C36235D5AA6 Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130362e302f32342d3234203d3e20313336383733.roa Signing time: Wed 11 Jun 2025 01:02:22 +0000 ROA not before: Wed 11 Jun 2025 00:57:22 +0000 ROA not after: Wed 10 Jun 2026 01:02:22 +0000 asID: 136873 IP address blocks: 223.25.106.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 02:35:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:28:4e:c4:2c:cb:d4:df:97:c5:98:98:83:2c:7c:36:23:5d:5a:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Validity Not Before: Jun 11 00:57:22 2025 GMT Not After : Jun 10 01:02:22 2026 GMT Subject: CN=CDC243E85E2ACB6E42B97D48D318A6C34C54E26C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ee:24:2e:a6:2b:6e:47:08:64:d7:63:47:95: 24:ae:fd:6c:d7:b1:81:74:09:f7:10:7f:b0:f0:ed: 57:76:6d:e6:87:26:fd:e5:aa:0a:33:ac:c5:03:39: 68:28:f1:74:fd:6f:da:fb:fa:97:12:1e:9a:1d:88: 16:4f:76:61:fb:6a:b6:a3:ca:0a:b2:38:88:b8:e0: 3a:f8:26:f5:57:22:9f:4f:a5:1b:e4:39:48:bb:94: 85:e1:17:07:35:94:44:a8:6b:3b:5c:46:5a:ee:92: 2e:b1:00:a4:7d:fb:fb:ea:31:f1:07:0b:4a:f6:27: 69:46:49:e9:ee:4d:29:20:d6:6b:f2:6b:88:64:01: 5e:e4:ac:c2:c1:61:02:82:b0:5e:3e:f4:de:f2:e1: ae:e1:71:45:55:52:d9:ca:05:e5:6f:3c:54:76:0b: f2:2b:89:96:68:50:03:96:e4:7c:cf:d1:9a:50:78: cc:b9:6f:17:d3:04:ad:c9:ba:5d:83:e9:c6:17:a5: 79:15:df:48:54:c9:6c:93:09:78:62:65:2f:3b:bd: ca:4a:73:00:0b:97:ba:c9:83:92:b9:0f:e2:8f:72: 66:4b:88:9d:98:b6:86:e6:8f:aa:29:45:27:77:c0: c0:dd:66:71:36:c2:0d:9d:ab:38:bf:e4:d0:72:1a: ee:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:C2:43:E8:5E:2A:CB:6E:42:B9:7D:48:D3:18:A6:C3:4C:54:E2:6C X509v3 Authority Key Identifier: keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130362e302f32342d3234203d3e20313336383733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.106.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:33:63:6f:e4:1e:20:20:54:ee:cc:e9:79:f9:0c:0c:43:44: 56:bd:b6:55:85:25:ed:6a:cc:05:84:ce:ca:01:20:21:11:73: 5a:fc:1d:4d:12:01:5f:35:18:a7:a1:d4:5e:82:4b:ff:76:ec: 20:08:8f:87:41:a4:2f:a2:ae:94:69:18:ef:c4:21:b8:8b:78: 29:02:a6:67:c1:5e:91:9c:d2:b5:6c:f3:e2:43:94:8c:f1:15: 51:18:fc:77:15:e1:5d:2f:71:34:cd:f7:ea:0f:cc:cc:fa:f9: 05:ee:20:17:69:58:02:3b:4f:55:0d:8f:41:c7:10:fd:58:ed: f5:95:05:39:b3:ac:43:09:67:cf:60:a3:3b:6e:4b:a9:de:c9: 64:23:91:d2:c8:e8:ee:a5:85:d3:31:5d:aa:bc:ef:12:cc:5d: fa:45:9a:6c:dd:05:64:79:a2:58:0c:6c:a6:ef:8e:e0:ce:6c: ea:a9:71:9f:87:93:e1:9d:6d:69:79:e0:4a:33:ea:36:fb:84: d5:da:85:46:50:1a:78:ed:37:e9:75:4d:e9:6e:ef:8e:0d:77: 01:af:b1:6e:ed:53:58:d0:02:ab:bd:01:97:8c:1d:a4:ba:61: 21:d5:5e:4f:33:72:d9:b0:bd:dc:d2:bd:02:8a:08:ff:c6:fb: b6:a0:0e:9a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUZShOxCzL1N+XxZiYgyx8NiNdWqYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3 RkMzODc4NzAeFw0yNTA2MTEwMDU3MjJaFw0yNjA2MTAwMTAyMjJaMDMxMTAvBgNV BAMTKENEQzI0M0U4NUUyQUNCNkU0MkI5N0Q0OEQzMThBNkMzNEM1NEUyNkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv7iQupituRwhk12NHlSSu/WzX sYF0CfcQf7Dw7Vd2beaHJv3lqgozrMUDOWgo8XT9b9r7+pcSHpodiBZPdmH7araj ygqyOIi44Dr4JvVXIp9PpRvkOUi7lIXhFwc1lESoaztcRlruki6xAKR9+/vqMfEH C0r2J2lGSenuTSkg1mvya4hkAV7krMLBYQKCsF4+9N7y4a7hcUVVUtnKBeVvPFR2 C/IriZZoUAOW5HzP0ZpQeMy5bxfTBK3Jul2D6cYXpXkV30hUyWyTCXhiZS87vcpK cwALl7rJg5K5D+KPcmZLiJ2Ytobmj6opRSd3wMDdZnE2wg2dqzi/5NByGu7vAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUzcJD6F4qy25CuX1I0ximw0xU4mwwHwYDVR0j BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz ODc4Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM2MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xlqMA0GCSqG SIb3DQEBCwUAA4IBAQAdM2Nv5B4gIFTuzOl5+QwMQ0RWvbZVhSXtaswFhM7KASAh EXNa/B1NEgFfNRinodRegkv/duwgCI+HQaQvoq6UaRjvxCG4i3gpAqZnwV6RnNK1 bPPiQ5SM8RVRGPx3FeFdL3E0zffqD8zM+vkF7iAXaVgCO09VDY9BxxD9WO31lQU5 s6xDCWfPYKM7bkup3slkI5HSyOjupYXTMV2qvO8SzF36RZps3QVkeaJYDGym747g zmzqqXGfh5PhnW1peeBKM+o2+4TV2oVGUBp47TfpdU3pbu+ODXcBr7Fu7VNY0AKr vQGXjB2kumEh1V5PM3LZsL3c0r0Cigj/xvu2oA6a -----END CERTIFICATE-----Generated at Tue Jun 17 11:29:13 2025 by rpki-client