$ rpki-client -vvf repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/3135372e31302e3138312e302f32342d3234203d3e20313532333439.roa File: 3135372e31302e3138312e302f32342d3234203d3e20313532333439.roa (raw, json) Hash identifier: 4ND3+gZBeIoT6g+JB8RrxRMPJN0D54r28ZhCohuiwZ0= Subject key identifier: DD:20:F9:C2:ED:88:87:DC:B2:75:DA:5D:CB:F7:35:AC:A0:11:87:AC Certificate issuer: /CN=AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3 Certificate serial: 214F00A5CFD0A95000BFBCAD38905DE9199AB865 Authority key identifier: AF:A7:AE:3D:79:0A:1F:0C:91:4B:83:99:E4:69:5F:4D:63:42:B4:C3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/3135372e31302e3138312e302f32342d3234203d3e20313532333439.roa Signing time: Mon 19 Jan 2026 11:14:50 +0000 ROA not before: Mon 19 Jan 2026 11:09:50 +0000 ROA not after: Mon 18 Jan 2027 11:14:50 +0000 asID: 152349 IP address blocks: 157.10.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.crl rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Mar 2026 11:36:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:4f:00:a5:cf:d0:a9:50:00:bf:bc:ad:38:90:5d:e9:19:9a:b8:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3 Validity Not Before: Jan 19 11:09:50 2026 GMT Not After : Jan 18 11:14:50 2027 GMT Subject: CN=DD20F9C2ED8887DCB275DA5DCBF735ACA01187AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:be:36:1f:28:de:47:e1:ab:ac:bf:59:ab:05: 09:2f:12:6d:0e:5a:8d:f3:69:12:22:47:59:6d:16: ed:0c:0f:d5:c6:c8:52:34:e4:2a:ea:cc:3d:87:ca: b1:a5:86:03:69:fa:d8:98:f9:90:fb:17:4b:78:05: 56:8d:0f:ed:f6:ff:c6:7d:4f:18:4b:85:14:d7:02: 28:27:1a:85:08:36:f3:2e:ad:bb:a2:f5:bd:e6:57: 78:19:4d:5f:61:46:22:aa:03:41:01:7e:ea:df:6a: 77:c2:d2:d7:a1:01:01:71:99:9c:15:80:5e:d5:e0: 2f:e1:d4:b3:71:e6:0c:8d:0e:2a:4e:26:44:96:7b: 17:43:40:bb:9b:4e:b5:9e:8a:d0:bc:7f:e4:ca:24: ba:47:fe:d1:5e:f6:22:ae:03:1b:e6:5a:b9:84:31: 85:b7:04:4a:77:18:18:09:b7:b6:77:f1:63:86:f0: f0:fb:ed:6a:49:bd:a2:95:cc:13:f1:4c:47:41:c2: 02:e0:3f:26:02:32:af:2c:b8:23:dc:b8:2e:c2:77: b7:ab:5c:0f:ee:ee:5f:66:77:f4:05:c1:2a:bc:01: 66:82:46:87:1b:55:52:31:16:26:20:1e:5d:e3:34: 2a:23:ab:d1:ac:23:9f:a9:6e:aa:b9:82:6d:c4:b2: 6c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:20:F9:C2:ED:88:87:DC:B2:75:DA:5D:CB:F7:35:AC:A0:11:87:AC X509v3 Authority Key Identifier: keyid:AF:A7:AE:3D:79:0A:1F:0C:91:4B:83:99:E4:69:5F:4D:63:42:B4:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/3135372e31302e3138312e302f32342d3234203d3e20313532333439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.181.0/24 Signature Algorithm: sha256WithRSAEncryption 84:f3:e1:71:ad:2e:62:ed:3f:53:8d:68:11:b0:18:91:f9:f8: 9e:20:03:f8:0e:45:de:89:f4:e7:11:64:93:65:28:0e:34:33: f1:40:5d:59:9a:f9:13:5b:07:c7:11:84:3c:03:d0:b4:30:3e: bd:6d:4d:c4:fc:fd:68:32:18:9b:02:2f:34:30:e0:f5:57:99: 1c:47:b4:0c:b4:2a:a2:ea:50:2b:6c:f2:d5:f1:35:1e:1f:e2: 2e:2e:14:70:46:31:a7:1b:19:9f:8c:a0:61:31:c2:31:76:f3: 4c:30:fd:79:48:2c:a9:d9:1d:8b:6b:a7:13:de:25:05:c4:97: c3:2f:ea:fe:43:a5:b1:2e:bb:98:97:43:2d:92:dc:2a:8b:83: d2:95:39:f2:b8:5e:14:0e:c4:2a:71:2f:7d:64:94:7b:46:b4: 22:49:a5:fe:e0:5d:be:c2:26:8d:a3:66:ac:6b:0c:11:4f:14: ea:53:f1:51:a9:de:81:1c:a7:01:80:44:a4:b2:24:a6:6b:1b: da:dc:47:81:13:07:76:6c:ca:f4:87:3b:0d:74:4d:69:21:89: 98:7d:85:5b:c4:74:7f:90:fe:bb:a3:00:02:4b:24:6d:c5:85: 0c:97:bc:57:75:02:7f:80:6e:a8:2e:60:db:e0:4e:c2:46:be: b2:85:4c:88 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUIU8Apc/QqVAAv7ytOJBd6RmauGUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUZBN0FFM0Q3OTBBMUYwQzkxNEI4Mzk5RTQ2OTVGNEQ2 MzQyQjRDMzAeFw0yNjAxMTkxMTA5NTBaFw0yNzAxMTgxMTE0NTBaMDMxMTAvBgNV BAMTKEREMjBGOUMyRUQ4ODg3RENCMjc1REE1RENCRjczNUFDQTAxMTg3QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIvjYfKN5H4ausv1mrBQkvEm0O Wo3zaRIiR1ltFu0MD9XGyFI05CrqzD2HyrGlhgNp+tiY+ZD7F0t4BVaND+32/8Z9 TxhLhRTXAignGoUINvMurbui9b3mV3gZTV9hRiKqA0EBfurfanfC0tehAQFxmZwV gF7V4C/h1LNx5gyNDipOJkSWexdDQLubTrWeitC8f+TKJLpH/tFe9iKuAxvmWrmE MYW3BEp3GBgJt7Z38WOG8PD77WpJvaKVzBPxTEdBwgLgPyYCMq8suCPcuC7Cd7er XA/u7l9md/QFwSq8AWaCRocbVVIxFiYgHl3jNCojq9GsI5+pbqq5gm3EsmwpAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU3SD5wu2Ih9yyddpdy/c1rKARh6wwHwYDVR0j BBgwFoAUr6euPXkKHwyRS4OZ5GlfTWNCtMMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i OTBkMDI2NS0yY2MxLTQ2M2QtOTQ4Yi1jZGVkMTNhMjAyOTUvMC9BRkE3QUUzRDc5 MEExRjBDOTE0QjgzOTlFNDY5NUY0RDYzNDJCNEMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQUZBN0FFM0Q3OTBBMUYwQzkxNEI4Mzk5RTQ2OTVGNEQ2MzQy QjRDMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I5MGQwMjY1LTJjYzEtNDYzZC05 NDhiLWNkZWQxM2EyMDI5NS8wLzMxMzUzNzJlMzEzMDJlMzEzODMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzMzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnQq1MA0GCSqG SIb3DQEBCwUAA4IBAQCE8+FxrS5i7T9TjWgRsBiR+fieIAP4DkXeifTnEWSTZSgO NDPxQF1ZmvkTWwfHEYQ8A9C0MD69bU3E/P1oMhibAi80MOD1V5kcR7QMtCqi6lAr bPLV8TUeH+IuLhRwRjGnGxmfjKBhMcIxdvNMMP15SCyp2R2La6cT3iUFxJfDL+r+ Q6WxLruYl0Mtktwqi4PSlTnyuF4UDsQqcS99ZJR7RrQiSaX+4F2+wiaNo2asawwR TxTqU/FRqd6BHKcBgESksiSmaxva3EeBEwd2bMr0hzsNdE1pIYmYfYVbxHR/kP67 owACSyRtxYUMl7xXdQJ/gG6oLmDb4E7CRr6yhUyI -----END CERTIFICATE-----Generated at Mon Mar 2 17:13:37 2026 by rpki-client