$ rpki-client -vvf repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa File: 3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa (raw, json) Hash identifier: cPfXuq0p2jW4xPUhE/apIJeWsmib6FpPpP3zgdnQtuQ= Subject key identifier: 92:D6:85:9B:53:82:6F:BC:47:C7:F4:CB:3C:BA:EC:D9:3E:E0:90:27 Certificate issuer: /CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Certificate serial: 41BD249584D5419EABEE0E50355D411A3BCA732D Authority key identifier: F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa Signing time: Sun 02 Nov 2025 06:00:00 +0000 ROA not before: Sun 02 Nov 2025 05:55:00 +0000 ROA not after: Sun 01 Nov 2026 06:00:00 +0000 asID: 153071 IP address blocks: 160.25.114.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 00:47:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:bd:24:95:84:d5:41:9e:ab:ee:0e:50:35:5d:41:1a:3b:ca:73:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Validity Not Before: Nov 2 05:55:00 2025 GMT Not After : Nov 1 06:00:00 2026 GMT Subject: CN=92D6859B53826FBC47C7F4CB3CBAECD93EE09027 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:28:ad:43:8c:e9:b2:24:27:0f:50:ec:ec:28: a0:be:b3:24:bd:fa:cb:85:12:4a:10:71:e5:4f:37: 44:21:94:9f:c4:22:c1:09:f7:94:8e:8b:0b:b5:ca: 00:50:11:96:ec:21:a0:c2:a4:20:84:93:78:0f:02: 4a:02:ad:63:92:f2:ab:30:a3:05:ed:f3:f0:1b:0e: 1d:c5:8f:37:17:43:fd:0b:0c:e9:b8:b0:67:21:5c: c5:13:81:55:d1:ba:d7:ca:2d:a7:c1:f1:43:b6:06: 77:8a:de:18:4d:8d:57:c5:ac:5e:04:d4:ed:80:61: 30:fa:9c:ba:d8:fa:b5:f0:34:bc:55:06:60:a2:55: f7:50:5a:2b:a0:f9:f6:82:d9:c6:6e:6e:cb:58:3c: 61:c8:7a:08:4c:a1:71:d3:20:db:8d:4a:a0:f9:c8: d3:67:e1:04:52:48:90:2c:e0:fe:3f:cc:0d:7e:80: f7:5f:34:51:2c:c3:2b:4e:bd:d1:36:3a:67:94:ba: 53:73:52:7d:c5:09:07:39:0e:cc:11:b8:e1:78:ed: 39:c3:f1:d9:5f:e6:98:de:3b:4a:47:70:6c:04:2b: 58:92:ba:87:62:09:c6:46:e0:55:1e:14:bd:c9:77: 8b:a8:41:ed:9d:fc:ad:0d:0e:ac:9b:31:7f:53:be: 87:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:D6:85:9B:53:82:6F:BC:47:C7:F4:CB:3C:BA:EC:D9:3E:E0:90:27 X509v3 Authority Key Identifier: keyid:F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131342e302f32332d3234203d3e20313533303731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.114.0/23 Signature Algorithm: sha256WithRSAEncryption 46:46:05:40:9f:31:65:2f:42:3b:f1:c7:fe:d8:88:5a:cc:10: ec:1c:9b:df:be:10:eb:70:0d:2e:88:49:bc:98:a9:aa:99:b2: 68:4c:c5:bd:5f:42:ed:97:55:f9:cb:9c:21:55:3f:84:ee:bb: 94:1b:66:86:ca:11:0f:93:97:32:2e:ae:23:23:19:f9:63:79: 2a:ad:43:a9:98:c9:1d:53:26:55:13:f9:e3:0a:46:07:1b:8a: c4:1a:5c:43:ee:73:95:13:24:ab:9e:04:d2:3a:49:60:fc:c2: 9d:46:d0:68:b2:16:87:7a:1b:ff:37:37:50:75:03:9a:14:fa: 71:49:5a:8b:88:7d:f1:e5:1b:d6:a9:19:e2:98:03:fd:75:47: 14:46:55:fa:29:61:15:5e:c7:ff:03:8f:1a:d0:89:77:48:5f: 52:f9:7d:2b:48:41:e7:64:7e:68:76:15:e6:56:c4:82:ef:51: fa:00:cc:42:bc:90:d4:bd:3f:e1:2d:45:c6:d7:5b:d3:5c:83: 42:fe:94:b1:61:e2:6b:e7:d9:93:a2:55:0f:1e:aa:6e:b4:18: 64:7a:a1:3d:37:11:9a:87:e1:28:0b:d8:93:7b:b4:b4:7c:ff: e8:28:83:71:f2:05:20:fb:95:1f:85:6f:80:36:ff:f6:80:71: bc:c6:aa:a0 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQb0klYTVQZ6r7g5QNV1BGjvKcy0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3 MzFCMzkwODAeFw0yNTExMDIwNTU1MDBaFw0yNjExMDEwNjAwMDBaMDMxMTAvBgNV BAMTKDkyRDY4NTlCNTM4MjZGQkM0N0M3RjRDQjNDQkFFQ0Q5M0VFMDkwMjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxKK1DjOmyJCcPUOzsKKC+syS9 +suFEkoQceVPN0QhlJ/EIsEJ95SOiwu1ygBQEZbsIaDCpCCEk3gPAkoCrWOS8qsw owXt8/AbDh3FjzcXQ/0LDOm4sGchXMUTgVXRutfKLafB8UO2BneK3hhNjVfFrF4E 1O2AYTD6nLrY+rXwNLxVBmCiVfdQWiug+faC2cZubstYPGHIeghMoXHTINuNSqD5 yNNn4QRSSJAs4P4/zA1+gPdfNFEswytOvdE2OmeUulNzUn3FCQc5DswRuOF47TnD 8dlf5pjeO0pHcGwEK1iSuodiCcZG4FUeFL3Jd4uoQe2d/K0NDqybMX9TvoclAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUktaFm1OCb7xHx/TLPLrs2T7gkCcwHwYDVR0j BBgwFoAU+RtQub00SBt67TNB7L5nsXMbOQgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j Njc4NjBlMy02YWQ4LTQ3YTUtOTRjMC05M2ZmZDI0NzI4NjUvMC9GOTFCNTBCOUJE MzQ0ODFCN0FFRDMzNDFFQ0JFNjdCMTczMUIzOTA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3MzFC MzkwOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2Nzg2MGUzLTZhZDgtNDdhNS05 NGMwLTkzZmZkMjQ3Mjg2NS8wLzMxMzYzMDJlMzIzNTJlMzEzMTM0MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoBlyMA0GCSqG SIb3DQEBCwUAA4IBAQBGRgVAnzFlL0I78cf+2IhazBDsHJvfvhDrcA0uiEm8mKmq mbJoTMW9X0Ltl1X5y5whVT+E7ruUG2aGyhEPk5cyLq4jIxn5Y3kqrUOpmMkdUyZV E/njCkYHG4rEGlxD7nOVEySrngTSOklg/MKdRtBoshaHehv/NzdQdQOaFPpxSVqL iH3x5RvWqRnimAP9dUcURlX6KWEVXsf/A48a0Il3SF9S+X0rSEHnZH5odhXmVsSC 71H6AMxCvJDUvT/hLUXG11vTXINC/pSxYeJr59mTolUPHqputBhkeqE9NxGah+Eo C9iTe7S0fP/oKINx8gUg+5UfhW+ANv/2gHG8xqqg -----END CERTIFICATE-----Generated at Wed Nov 5 11:59:40 2025 by rpki-client