$ rpki-client -vvf repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa File: 3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa (raw, json) Hash identifier: foPeH94YxJOh2Wqv5gS26d6PmcQkpAdiKm2Z3R4p/G4= Subject key identifier: DD:69:61:E5:85:9C:0C:C5:BD:90:AD:A3:71:47:BF:36:4D:8C:9D:20 Certificate issuer: /CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Certificate serial: 20267A644E6013917CC23EC8BE2225617BD883D0 Authority key identifier: BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa Signing time: Thu 02 Apr 2026 13:00:01 +0000 ROA not before: Thu 02 Apr 2026 12:55:01 +0000 ROA not after: Thu 01 Apr 2027 13:00:01 +0000 asID: 152418 IP address blocks: 157.20.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 04:34:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:26:7a:64:4e:60:13:91:7c:c2:3e:c8:be:22:25:61:7b:d8:83:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BD9B7A89C85E0DF6786F5BD51D4B7D963618231A Validity Not Before: Apr 2 12:55:01 2026 GMT Not After : Apr 1 13:00:01 2027 GMT Subject: CN=DD6961E5859C0CC5BD90ADA37147BF364D8C9D20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e4:1e:26:48:c7:cb:30:5f:cd:d4:d5:3e:75: 4d:d1:54:fb:e7:90:67:2e:8c:fb:70:f5:dd:a3:12: 05:1c:51:a0:f8:0f:be:e1:af:78:30:b7:80:bd:6b: fe:95:10:14:05:5a:f6:21:09:5b:41:f1:eb:23:f7: 41:cc:eb:d2:06:db:97:7b:35:29:8a:9f:e6:43:5c: 24:08:a3:15:81:07:71:13:02:87:f9:6f:a0:99:db: 72:c2:54:71:64:ab:26:b3:6f:63:6b:ec:f8:d2:a1: 65:82:44:47:0d:9a:7b:c9:b6:95:b9:72:53:66:f6: 14:cf:63:58:e6:b3:46:4d:7e:a2:e7:93:0c:82:ff: 7f:bb:2d:27:94:8e:04:29:52:4b:a2:b8:99:5c:78: 47:1c:2b:84:d1:bf:65:cf:f4:cc:8a:34:85:33:bd: a3:3b:7b:4d:c8:88:e7:a8:19:22:f1:c3:d9:9c:00: 49:d9:99:51:10:e4:5d:b4:14:7d:bf:66:60:6f:99: d8:f2:85:48:20:38:20:1d:a9:36:72:c9:c7:fb:e8: b5:c4:03:51:a5:8b:1a:d9:62:56:22:c8:56:13:d4: 77:35:0d:f2:c6:c8:0a:19:0f:c7:d4:3c:5b:63:00: e0:d0:10:99:c6:79:82:71:8c:12:91:be:c3:7f:84: 36:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:69:61:E5:85:9C:0C:C5:BD:90:AD:A3:71:47:BF:36:4D:8C:9D:20 X509v3 Authority Key Identifier: keyid:BD:9B:7A:89:C8:5E:0D:F6:78:6F:5B:D5:1D:4B:7D:96:36:18:23:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/BD9B7A89C85E0DF6786F5BD51D4B7D963618231A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b36066e8-8e19-4de7-947b-94ee3cd09f85/0/3135372e32302e3137382e302f32342d3234203d3e20313532343138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.178.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:d7:a8:c2:ad:2c:c0:3e:37:88:ce:1b:64:0e:4b:a4:e3:fb: 80:ac:2b:43:07:86:46:32:38:42:9b:cd:9c:76:39:58:97:ae: dc:27:be:73:93:19:db:41:c5:fc:28:8d:65:d5:be:22:4b:7c: 4a:c3:40:77:17:f3:5d:36:d4:88:46:98:72:13:5d:5c:74:9a: a0:dc:64:bd:90:40:9f:a5:6e:6b:bd:a6:df:a4:c9:41:f4:32: 5a:f0:3c:95:db:77:d7:ac:8d:b8:cf:f1:65:56:25:75:ab:96: 74:f3:3e:0a:9d:e6:f6:5d:26:6b:ba:43:4d:be:4a:5b:50:94: 9f:2a:b4:cd:7e:d6:cf:5d:cc:3a:59:97:19:91:3f:c6:f2:d8: ce:18:f9:69:b5:e2:3c:60:d2:40:1e:5e:d3:c0:13:60:78:01: db:e8:e6:ec:a5:b9:71:2d:2e:2f:df:21:fb:cc:d8:cf:49:a2: 25:b0:8f:b4:32:d9:44:7a:aa:a8:6d:7a:50:e3:ee:97:b9:a6: 1b:d8:52:e5:6b:ac:2c:05:34:44:57:f6:ad:7e:dd:b4:ef:59: ae:b4:b6:9c:ff:3a:c1:c5:25:02:10:59:8a:9d:56:cc:08:c8: ab:4e:18:56:63:07:80:80:b4:42:12:48:c8:3e:b5:a1:70:1c: 24:33:84:f5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUICZ6ZE5gE5F8wj7IviIlYXvYg9AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYz NjE4MjMxQTAeFw0yNjA0MDIxMjU1MDFaFw0yNzA0MDExMzAwMDFaMDMxMTAvBgNV BAMTKERENjk2MUU1ODU5QzBDQzVCRDkwQURBMzcxNDdCRjM2NEQ4QzlEMjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP5B4mSMfLMF/N1NU+dU3RVPvn kGcujPtw9d2jEgUcUaD4D77hr3gwt4C9a/6VEBQFWvYhCVtB8esj90HM69IG25d7 NSmKn+ZDXCQIoxWBB3ETAof5b6CZ23LCVHFkqyazb2Nr7PjSoWWCREcNmnvJtpW5 clNm9hTPY1jms0ZNfqLnkwyC/3+7LSeUjgQpUkuiuJlceEccK4TRv2XP9MyKNIUz vaM7e03IiOeoGSLxw9mcAEnZmVEQ5F20FH2/ZmBvmdjyhUggOCAdqTZyycf76LXE A1GlixrZYlYiyFYT1Hc1DfLGyAoZD8fUPFtjAODQEJnGeYJxjBKRvsN/hDapAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU3Wlh5YWcDMW9kK2jcUe/Nk2MnSAwHwYDVR0j BBgwFoAUvZt6icheDfZ4b1vVHUt9ljYYIxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MzYwNjZlOC04ZTE5LTRkZTctOTQ3Yi05NGVlM2NkMDlmODUvMC9CRDlCN0E4OUM4 NUUwREY2Nzg2RjVCRDUxRDRCN0Q5NjM2MTgyMzFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQkQ5QjdBODlDODVFMERGNjc4NkY1QkQ1MUQ0QjdEOTYzNjE4 MjMxQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IzNjA2NmU4LThlMTktNGRlNy05 NDdiLTk0ZWUzY2QwOWY4NS8wLzMxMzUzNzJlMzIzMDJlMzEzNzM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRSyMA0GCSqG SIb3DQEBCwUAA4IBAQAP16jCrSzAPjeIzhtkDkuk4/uArCtDB4ZGMjhCm82cdjlY l67cJ75zkxnbQcX8KI1l1b4iS3xKw0B3F/NdNtSIRphyE11cdJqg3GS9kECfpW5r vabfpMlB9DJa8DyV23fXrI24z/FlViV1q5Z08z4Kneb2XSZrukNNvkpbUJSfKrTN ftbPXcw6WZcZkT/G8tjOGPlpteI8YNJAHl7TwBNgeAHb6ObspblxLS4v3yH7zNjP SaIlsI+0MtlEeqqobXpQ4+6XuaYb2FLla6wsBTREV/atft2071mutLac/zrBxSUC EFmKnVbMCMirThhWYweAgLRCEkjIPrWhcBwkM4T1 -----END CERTIFICATE-----Generated at Sat Apr 18 00:04:23 2026 by rpki-client