$ rpki-client -vvf repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/3136302e32352e36382e302f32342d3234203d3e20313532383430.roa File: 3136302e32352e36382e302f32342d3234203d3e20313532383430.roa (raw, json) Hash identifier: 4w2+kmxxLlJwHRO1aqXjBz7ml3HwCrINsFeyiZehHq0= Subject key identifier: 1A:9F:8E:22:E1:21:3B:50:19:DC:74:E3:4D:5F:DE:21:32:6A:FB:78 Certificate issuer: /CN=22476F90C7B08131974F5B19834906C325ABEF12 Certificate serial: 4BE7C327847F701A399BFDB0D3E5D522C0CDC08E Authority key identifier: 22:47:6F:90:C7:B0:81:31:97:4F:5B:19:83:49:06:C3:25:AB:EF:12 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/22476F90C7B08131974F5B19834906C325ABEF12.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/3136302e32352e36382e302f32342d3234203d3e20313532383430.roa Signing time: Mon 11 Aug 2025 11:54:06 +0000 ROA not before: Mon 11 Aug 2025 11:49:06 +0000 ROA not after: Mon 10 Aug 2026 11:54:06 +0000 asID: 152840 IP address blocks: 160.25.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/22476F90C7B08131974F5B19834906C325ABEF12.crl rsync://repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/22476F90C7B08131974F5B19834906C325ABEF12.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/22476F90C7B08131974F5B19834906C325ABEF12.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 13:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:e7:c3:27:84:7f:70:1a:39:9b:fd:b0:d3:e5:d5:22:c0:cd:c0:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22476F90C7B08131974F5B19834906C325ABEF12 Validity Not Before: Aug 11 11:49:06 2025 GMT Not After : Aug 10 11:54:06 2026 GMT Subject: CN=1A9F8E22E1213B5019DC74E34D5FDE21326AFB78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:57:a0:a3:ab:a5:14:02:28:6b:1b:d5:b0:d0: ef:7d:d2:f1:31:9b:19:fb:14:54:05:58:5f:2e:5d: 1b:77:f8:08:f1:08:56:c3:42:bb:6c:e0:e4:ab:68: 12:d5:2d:5c:a3:b4:76:cb:1c:89:01:6d:9d:30:6b: e4:41:b2:35:d3:5e:17:58:c1:ab:da:2e:ef:bd:a3: 8b:96:26:08:b6:fd:28:55:31:d1:32:c0:50:16:00: f6:20:ed:e7:da:0b:e2:b2:b0:09:d2:8f:44:e5:36: 8c:6b:e2:42:d3:9a:85:e0:c6:f8:c8:e8:d3:2a:d1: 88:f8:a9:20:f9:63:63:83:cd:37:d8:9b:a3:e8:2a: 8a:e4:32:55:86:4a:8e:06:57:d3:96:7b:70:04:78: 66:cc:2b:d2:59:63:cf:49:76:f7:da:77:17:86:3e: c5:b7:91:12:42:78:f0:cb:59:af:6c:6a:a4:2f:55: 94:a5:ac:f9:34:7a:cb:2d:95:35:f2:45:0a:4f:2e: 82:65:a8:9e:ce:31:cd:49:db:ac:6a:f1:67:1d:c3: 62:05:cf:31:ca:06:80:56:49:c0:2f:6a:c8:b0:10: 62:05:72:77:7b:a8:0a:88:bf:9b:99:8b:c9:a6:e1: 5a:a5:5b:ce:43:8e:8a:c6:7d:00:18:09:26:26:1b: 2f:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:9F:8E:22:E1:21:3B:50:19:DC:74:E3:4D:5F:DE:21:32:6A:FB:78 X509v3 Authority Key Identifier: keyid:22:47:6F:90:C7:B0:81:31:97:4F:5B:19:83:49:06:C3:25:AB:EF:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/22476F90C7B08131974F5B19834906C325ABEF12.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/22476F90C7B08131974F5B19834906C325ABEF12.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b2fbaafc-4db2-4fc4-a1a8-2d8e4c8b2ce0/0/3136302e32352e36382e302f32342d3234203d3e20313532383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.68.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:d3:62:76:0f:58:ee:c9:d3:79:ec:6c:5d:b2:86:32:ec:e8: 7a:83:fa:b9:39:e9:13:aa:f8:eb:b5:06:64:a9:3c:41:7c:72: 49:c9:18:18:16:a4:ab:23:30:d9:62:01:e2:84:da:91:51:23: 3f:f0:f4:35:f8:46:02:45:ed:db:ac:71:76:c8:4b:37:97:88: 94:d0:6e:e7:3a:6e:de:6f:1e:c5:8d:ee:5d:ab:20:20:b9:fa: 5c:af:70:ea:66:e8:45:31:ee:e3:9e:26:6e:a1:92:bc:2e:b2: a4:f2:d5:b1:77:a9:1e:2c:e9:96:86:96:d8:f5:7f:97:a7:09: 18:cf:80:5c:59:21:83:15:3f:8c:ac:03:9f:db:66:54:b6:83: 2f:d4:9d:7c:9e:1a:5f:99:9a:41:36:d0:21:a9:f7:9a:86:01: 16:3d:03:d9:0c:6c:01:db:19:5c:e5:f2:e4:8a:8f:99:28:c2: 1a:93:52:3e:e4:23:9d:12:a0:78:9b:ea:99:3d:b9:9d:e9:b7: 9f:39:ab:71:36:dc:df:68:9f:e3:5e:68:d2:14:15:79:3d:64: 38:d4:19:2c:23:60:34:16:e0:14:91:e1:5c:67:a7:25:45:11: 0a:d4:b3:07:69:4c:c5:6a:5f:da:b3:87:af:99:90:e4:80:24: 89:17:e0:f5 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUS+fDJ4R/cBo5m/2w0+XVIsDNwI4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjI0NzZGOTBDN0IwODEzMTk3NEY1QjE5ODM0OTA2QzMy NUFCRUYxMjAeFw0yNTA4MTExMTQ5MDZaFw0yNjA4MTAxMTU0MDZaMDMxMTAvBgNV BAMTKDFBOUY4RTIyRTEyMTNCNTAxOURDNzRFMzRENUZERTIxMzI2QUZCNzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrV6Cjq6UUAihrG9Ww0O990vEx mxn7FFQFWF8uXRt3+AjxCFbDQrts4OSraBLVLVyjtHbLHIkBbZ0wa+RBsjXTXhdY wavaLu+9o4uWJgi2/ShVMdEywFAWAPYg7efaC+KysAnSj0TlNoxr4kLTmoXgxvjI 6NMq0Yj4qSD5Y2ODzTfYm6PoKorkMlWGSo4GV9OWe3AEeGbMK9JZY89JdvfadxeG PsW3kRJCePDLWa9saqQvVZSlrPk0esstlTXyRQpPLoJlqJ7OMc1J26xq8Wcdw2IF zzHKBoBWScAvasiwEGIFcnd7qAqIv5uZi8mm4VqlW85DjorGfQAYCSYmGy8nAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUGp+OIuEhO1AZ3HTjTV/eITJq+3gwHwYDVR0j BBgwFoAUIkdvkMewgTGXT1sZg0kGwyWr7xIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MmZiYWFmYy00ZGIyLTRmYzQtYTFhOC0yZDhlNGM4YjJjZTAvMC8yMjQ3NkY5MEM3 QjA4MTMxOTc0RjVCMTk4MzQ5MDZDMzI1QUJFRjEyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjI0NzZGOTBDN0IwODEzMTk3NEY1QjE5ODM0OTA2QzMyNUFC RUYxMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IyZmJhYWZjLTRkYjItNGZjNC1h MWE4LTJkOGU0YzhiMmNlMC8wLzMxMzYzMDJlMzIzNTJlMzYzODJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzUzMjM4MzQzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKAZRDANBgkqhkiG 9w0BAQsFAAOCAQEAjtNidg9Y7snTeexsXbKGMuzoeoP6uTnpE6r467UGZKk8QXxy SckYGBakqyMw2WIB4oTakVEjP/D0NfhGAkXt26xxdshLN5eIlNBu5zpu3m8exY3u XasgILn6XK9w6mboRTHu454mbqGSvC6ypPLVsXepHizploaW2PV/l6cJGM+AXFkh gxU/jKwDn9tmVLaDL9SdfJ4aX5maQTbQIan3moYBFj0D2QxsAdsZXOXy5IqPmSjC GpNSPuQjnRKgeJvqmT25nem3nzmrcTbc32if415o0hQVeT1kONQZLCNgNBbgFJHh XGenJUURCtSzB2lMxWpf2rOHr5mQ5IAkiRfg9Q== -----END CERTIFICATE-----Generated at Wed Aug 13 14:25:14 2025 by rpki-client