$ rpki-client -vvf repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa File: 3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa (raw, json) Hash identifier: okMulqCwmQrHdU+kO0nYzAvF/vvi8wTCEKi+VdDT9lQ= Subject key identifier: AA:68:1D:6D:1F:5E:89:7F:42:C2:52:05:C8:C4:CD:11:A4:0B:A9:7E Certificate issuer: /CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Certificate serial: 3CAEA3ABBC2CF39FAFD7AA01A5D7DC225C32110C Authority key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject info access: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa Signing time: Wed 16 Jul 2025 12:00:01 +0000 ROA not before: Wed 16 Jul 2025 11:55:01 +0000 ROA not after: Wed 15 Jul 2026 12:00:01 +0000 asID: 153101 IP address blocks: 160.25.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:ae:a3:ab:bc:2c:f3:9f:af:d7:aa:01:a5:d7:dc:22:5c:32:11:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Validity Not Before: Jul 16 11:55:01 2025 GMT Not After : Jul 15 12:00:01 2026 GMT Subject: CN=AA681D6D1F5E897F42C25205C8C4CD11A40BA97E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:72:bf:4e:96:68:3f:61:27:85:3a:f9:50:08: 4c:fd:60:37:02:4f:ab:03:8b:2b:33:3c:3d:13:0f: 37:fb:bb:b1:69:2c:4d:3d:36:65:d5:a0:b4:26:b6: a4:20:d3:72:bc:f5:d5:9d:c9:1b:39:fa:40:2b:39: c0:55:ce:3e:37:2e:bc:d4:cb:00:e3:fd:ff:14:a7: b7:13:15:67:6e:ab:e1:2c:88:c3:cd:69:ef:dc:e9: 85:ee:49:ed:65:4c:82:66:3a:f3:6f:2d:79:c9:1b: e3:34:e9:11:df:e7:fe:f7:3b:9d:37:52:c0:97:bb: 07:b1:a2:8d:c3:5f:3c:af:c5:7d:53:da:a9:d0:50: fc:f5:f8:ee:6d:ad:61:32:d9:99:16:13:6f:35:94: 87:4c:a7:35:47:53:60:cf:1d:37:ff:7e:89:e2:a7: 25:23:6f:d0:db:91:b7:9f:4f:81:88:40:1d:be:41: a0:e2:6a:55:d0:8e:8c:7e:dc:b9:99:51:ca:44:f6: ed:a6:cc:00:1a:c0:c7:e5:92:70:23:48:1f:19:75: 35:30:01:5a:f5:83:66:5a:06:e3:ad:63:54:df:a4: a0:a5:d8:ab:15:ee:b4:3e:ae:a3:5c:c7:3e:f4:ed: 63:5b:c2:dd:ff:31:86:53:9a:cb:9a:c9:95:3e:01: 12:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:68:1D:6D:1F:5E:89:7F:42:C2:52:05:C8:C4:CD:11:A4:0B:A9:7E X509v3 Authority Key Identifier: keyid:AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/3136302e32352e3135322e302f32342d3234203d3e20313533313031.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.152.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:55:6f:b9:d6:7f:02:1a:3e:b8:a5:8d:f2:36:e9:05:db:0f: 14:1e:0d:19:10:19:bd:a6:7b:b0:ae:e8:b5:e6:4c:fb:1b:c1: 77:63:a2:c4:0b:94:e1:b7:ce:9f:42:37:e3:ef:be:d4:df:c4: 20:4a:ca:51:19:45:51:bd:67:3a:a6:6e:3e:09:b5:8b:ba:ce: a8:f1:58:94:64:87:7c:79:4e:4a:a8:ee:ad:61:91:70:5b:0c: 2d:ff:8e:e4:81:b5:51:50:0e:a0:a1:ef:4e:d8:b7:ee:66:0a: 49:00:7d:4a:6b:2f:d2:e2:dd:f6:ab:a8:84:dc:10:9d:55:67: 6d:ec:c1:19:1b:62:3c:b0:fb:3a:aa:e9:1a:e8:7d:e4:50:3d: f1:55:1d:1e:dc:d6:3d:16:df:52:a1:a9:06:37:50:b8:fa:7f: a8:0a:a2:81:46:5d:e4:0d:28:52:27:a7:13:46:62:62:ea:78: 0d:a1:9b:2c:a5:51:13:26:e9:7c:fa:78:48:5e:b1:ca:55:a3: 4f:a5:e5:d5:5e:09:0e:d8:15:0d:2a:15:c4:25:15:13:02:df: 6c:a1:bd:86:3b:89:0d:5f:af:e0:8b:29:9b:b5:c2:7d:f2:5d: 9e:57:d2:c6:e0:94:5f:c9:68:ff:7f:65:b3:c3:36:81:eb:4e: 4b:18:2c:72 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUPK6jq7ws85+v16oBpdfcIlwyEQwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQw MkQ2QUYyMTAeFw0yNTA3MTYxMTU1MDFaFw0yNjA3MTUxMjAwMDFaMDMxMTAvBgNV BAMTKEFBNjgxRDZEMUY1RTg5N0Y0MkMyNTIwNUM4QzRDRDExQTQwQkE5N0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYcr9Olmg/YSeFOvlQCEz9YDcC T6sDiyszPD0TDzf7u7FpLE09NmXVoLQmtqQg03K89dWdyRs5+kArOcBVzj43LrzU ywDj/f8Up7cTFWduq+EsiMPNae/c6YXuSe1lTIJmOvNvLXnJG+M06RHf5/73O503 UsCXuwexoo3DXzyvxX1T2qnQUPz1+O5trWEy2ZkWE281lIdMpzVHU2DPHTf/foni pyUjb9DbkbefT4GIQB2+QaDialXQjox+3LmZUcpE9u2mzAAawMflknAjSB8ZdTUw AVr1g2ZaBuOtY1TfpKCl2KsV7rQ+rqNcxz707WNbwt3/MYZTmsuayZU+ARJbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUqmgdbR9eiX9CwlIFyMTNEaQLqX4wHwYDVR0j BBgwFoAUqj1/UDyZwKtjDVTFKDg8NALWryEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMC9BQTNEN0Y1MDND OTlDMEFCNjMwRDU0QzUyODM4M0MzNDAyRDZBRjIxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUEzRDdGNTAzQzk5QzBBQjYzMEQ1NEM1MjgzODNDMzQwMkQ2 QUYyMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2Y2QwMzI1LTMxYWYtNGZmZS04 YmViLWU3Nzk5N2U2YzNlMS8wLzMxMzYzMDJlMzIzNTJlMzEzNTMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzEzMDMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBmYMA0GCSqG SIb3DQEBCwUAA4IBAQAtVW+51n8CGj64pY3yNukF2w8UHg0ZEBm9pnuwrui15kz7 G8F3Y6LEC5Tht86fQjfj777U38QgSspRGUVRvWc6pm4+CbWLus6o8ViUZId8eU5K qO6tYZFwWwwt/47kgbVRUA6goe9O2LfuZgpJAH1Kay/S4t32q6iE3BCdVWdt7MEZ G2I8sPs6quka6H3kUD3xVR0e3NY9Ft9SoakGN1C4+n+oCqKBRl3kDShSJ6cTRmJi 6ngNoZsspVETJul8+nhIXrHKVaNPpeXVXgkO2BUNKhXEJRUTAt9sob2GO4kNX6/g iymbtcJ98l2eV9LG4JRfyWj/f2WzwzaB605LGCxy -----END CERTIFICATE-----Generated at Wed Nov 5 03:52:14 2025 by rpki-client