$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24203.roa File: AS24203.roa (raw, json) Hash identifier: YIns/MRlQOVlUiJ6bSzacgQncTzXxVSefzcYa6EXyPw= Subject key identifier: A0:06:6F:7E:DE:61:85:BE:F8:72:E9:2D:CE:3A:58:36:8A:47:3D:9F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 483802153EFC002D92DF97375FA76B1ACB98A40D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24203.roa Signing time: Wed 10 Sep 2025 03:24:42 +0000 ROA not before: Wed 10 Sep 2025 03:19:42 +0000 ROA not after: Wed 09 Sep 2026 03:24:42 +0000 asID: 24203 IP address blocks: 203.33.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:38:02:15:3e:fc:00:2d:92:df:97:37:5f:a7:6b:1a:cb:98:a4:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 10 03:19:42 2025 GMT Not After : Sep 9 03:24:42 2026 GMT Subject: CN=A0066F7EDE6185BEF872E92DCE3A58368A473D9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:08:a3:2b:c5:98:e7:40:f6:9d:7f:72:33:bc: 4b:d3:8e:ed:93:0a:32:d8:9b:dd:2a:07:d8:9d:9d: e1:f1:2e:23:39:d1:46:0e:f6:3b:1b:75:1a:5b:f4: 38:4c:b9:2a:d0:85:34:94:7e:25:fa:e3:d8:ef:fc: 18:e1:86:7c:9d:49:1d:3d:84:eb:37:49:1e:e7:45: 28:b0:6e:fc:75:34:ff:e4:fd:3a:2a:33:28:63:9a: e8:26:99:c2:d7:c8:30:09:75:90:1d:c7:c7:04:cf: 06:b5:56:d1:97:8f:ad:e3:ab:89:53:20:58:33:50: cf:2c:61:39:5e:e6:ea:d6:45:af:82:cf:00:23:08: 49:8f:71:e2:a0:7b:3c:32:d4:1c:02:96:cf:65:e1: 3d:9b:80:86:88:99:6c:84:72:05:b5:f1:cf:e6:89: 0a:63:1a:43:02:6a:05:98:f2:58:10:87:6c:3a:02: d8:2f:a8:1e:49:64:be:22:79:8e:c8:49:98:b4:e8: a1:92:ab:78:31:97:19:c9:9e:09:df:b9:16:ac:9c: e1:22:a8:1f:58:d3:50:55:3d:01:0e:8b:08:ec:26: 6b:dd:00:f3:8a:b0:1d:69:5b:56:cd:0f:bf:8f:81: 05:93:0a:60:ed:69:bc:ec:59:18:21:6a:5f:62:92: 12:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:06:6F:7E:DE:61:85:BE:F8:72:E9:2D:CE:3A:58:36:8A:47:3D:9F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24203.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.33.35.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:ba:fd:0f:73:84:6b:ec:db:58:d7:2b:29:9a:56:03:5b:0d: 7f:22:e8:dc:d2:36:3b:b2:5c:ea:d9:4d:e4:dd:ff:29:68:cc: 9c:2f:18:92:ca:9d:d6:3b:d7:a8:1f:2c:94:25:09:bd:ee:60: 3a:fc:21:69:e4:d9:04:96:7f:8d:6c:42:04:a1:cb:8c:53:6c: e6:94:b0:a9:ac:fa:52:29:92:1f:38:f5:d3:c6:41:73:0e:79: f7:61:e0:b9:0c:05:8d:84:93:ab:ce:41:5c:25:b0:e1:16:f4: 20:37:37:a0:71:d8:0e:0e:c0:8a:71:71:64:83:53:0d:8f:c6: 86:01:dd:32:d0:a3:76:9e:9b:eb:f9:03:fb:a5:72:32:c9:13: ed:4a:04:50:6a:a6:b8:4f:7f:30:81:ea:4e:55:45:78:08:74: ca:7e:c2:94:e6:aa:f8:14:9e:be:ed:df:a2:c6:c4:0e:c8:20: 2e:f1:79:ad:e4:71:37:13:90:49:e3:f7:5f:7b:3f:c1:8c:1e: 9d:86:00:6a:c8:2b:4c:53:a1:e5:a4:70:6e:09:e6:9f:d5:16: 6d:c5:70:e4:0e:17:33:5c:30:a0:b4:4e:f7:49:0a:7a:89:a8: e8:2c:36:18:19:4a:f0:9a:5f:c4:9c:82:bb:da:e9:0a:92:f7: c1:78:34:85 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUSDgCFT78AC2S35c3X6drGsuYpA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxMDAzMTk0MloX DTI2MDkwOTAzMjQ0MlowMzExMC8GA1UEAxMoQTAwNjZGN0VERTYxODVCRUY4NzJF OTJEQ0UzQTU4MzY4QTQ3M0Q5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALkIoyvFmOdA9p1/cjO8S9OO7ZMKMtib3SoH2J2d4fEuIznRRg72Oxt1Glv0 OEy5KtCFNJR+Jfrj2O/8GOGGfJ1JHT2E6zdJHudFKLBu/HU0/+T9OiozKGOa6CaZ wtfIMAl1kB3HxwTPBrVW0ZePreOriVMgWDNQzyxhOV7m6tZFr4LPACMISY9x4qB7 PDLUHAKWz2XhPZuAhoiZbIRyBbXxz+aJCmMaQwJqBZjyWBCHbDoC2C+oHklkviJ5 jshJmLTooZKreDGXGcmeCd+5Fqyc4SKoH1jTUFU9AQ6LCOwma90A84qwHWlbVs0P v4+BBZMKYO1pvOxZGCFqX2KSElMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSgBm9+ 3mGFvvhy6S3OOlg2ikc9nzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0MjAzLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAyyEjMA0GCSqGSIb3DQEBCwUAA4IBAQALuv0Pc4Rr7NtY1yspmlYD Ww1/Iujc0jY7slzq2U3k3f8paMycLxiSyp3WO9eoHyyUJQm97mA6/CFp5NkEln+N bEIEocuMU2zmlLCprPpSKZIfOPXTxkFzDnn3YeC5DAWNhJOrzkFcJbDhFvQgNzeg cdgODsCKcXFkg1MNj8aGAd0y0KN2npvr+QP7pXIyyRPtSgRQaqa4T38wgepOVUV4 CHTKfsKU5qr4FJ6+7d+ixsQOyCAu8Xmt5HE3E5BJ4/dfez/BjB6dhgBqyCtMU6Hl pHBuCeaf1RZtxXDkDhczXDCgtE73SQp6iajoLDYYGUrwml/EnIK72ukKkvfBeDSF -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:26 2025 by rpki-client