$ rpki-client -vvf repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/3135372e36362e3233382e302f32342d3234203d3e20313532373538.roa File: 3135372e36362e3233382e302f32342d3234203d3e20313532373538.roa (raw, json) Hash identifier: Mfu0+PMIaMHgeu7vJ5ATI3uA0Ov6u+uix1eTRPcgQIY= Subject key identifier: 7D:23:86:F4:1C:BA:A7:7B:AA:E2:3E:B6:EA:62:38:D9:CB:64:76:00 Certificate issuer: /CN=9B2DB6A80E8A5860943D5E249BCF6F2C47D48549 Certificate serial: 14E910F8D69342CF96E691711EE6A4FFE71E8FD3 Authority key identifier: 9B:2D:B6:A8:0E:8A:58:60:94:3D:5E:24:9B:CF:6F:2C:47:D4:85:49 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/3135372e36362e3233382e302f32342d3234203d3e20313532373538.roa Signing time: Tue 21 Oct 2025 13:00:02 +0000 ROA not before: Tue 21 Oct 2025 12:55:02 +0000 ROA not after: Tue 20 Oct 2026 13:00:02 +0000 asID: 152758 IP address blocks: 157.66.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.crl rsync://repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 05:27:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:e9:10:f8:d6:93:42:cf:96:e6:91:71:1e:e6:a4:ff:e7:1e:8f:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9B2DB6A80E8A5860943D5E249BCF6F2C47D48549 Validity Not Before: Oct 21 12:55:02 2025 GMT Not After : Oct 20 13:00:02 2026 GMT Subject: CN=7D2386F41CBAA77BAAE23EB6EA6238D9CB647600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:7f:21:47:71:4d:1e:e0:52:59:68:a7:25:d8: dc:82:da:e5:92:6c:94:2e:cb:16:5c:aa:89:aa:b7: 11:d9:9a:7c:07:66:6c:31:8a:c8:6a:e4:b5:20:d0: e9:d7:dc:14:a4:fd:ec:b9:e6:1f:8e:04:3b:12:b0: 0c:36:46:3a:db:28:33:7e:a0:f6:9a:57:21:07:5d: 50:07:f7:2d:8b:ca:96:5e:0d:81:f8:1c:25:cd:42: d4:a5:ff:47:3c:da:4c:0f:73:c2:b5:8c:b5:ed:d1: 5f:75:eb:47:3c:58:d9:8d:f7:73:c0:7d:7f:02:6b: e6:f9:dc:82:9a:9f:24:3d:74:da:19:db:b0:a7:48: 0a:f2:f5:9b:42:0e:46:f0:43:02:76:d7:3d:88:2b: 00:41:d0:06:84:2e:57:65:6d:ca:13:24:8b:8e:d8: 26:ee:dd:93:66:79:dc:98:17:14:fa:a7:07:aa:eb: 7a:56:61:c4:fd:58:e7:30:86:e8:7b:91:0c:e0:b3: 4c:2c:a0:ed:32:47:d0:e3:b2:a2:88:4f:f0:cd:36: 29:ae:3e:2e:08:61:c1:bb:f8:94:08:5d:85:1a:b3: 5b:0c:f9:64:cb:d6:1b:60:99:6e:4e:35:ca:45:8b: bd:78:66:3b:4c:cf:fb:b0:4b:ad:70:bf:74:2a:c9: 83:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:23:86:F4:1C:BA:A7:7B:AA:E2:3E:B6:EA:62:38:D9:CB:64:76:00 X509v3 Authority Key Identifier: keyid:9B:2D:B6:A8:0E:8A:58:60:94:3D:5E:24:9B:CF:6F:2C:47:D4:85:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9B2DB6A80E8A5860943D5E249BCF6F2C47D48549.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/0/3135372e36362e3233382e302f32342d3234203d3e20313532373538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.238.0/24 Signature Algorithm: sha256WithRSAEncryption d4:dc:69:48:81:c0:d6:53:fc:f8:21:6d:53:87:b0:99:84:2a: 28:c9:bd:2b:95:84:7d:51:45:41:0c:00:37:64:15:5a:ff:6c: f8:bd:1e:c7:3b:71:b3:64:ca:79:1f:50:b9:e5:07:d8:b6:43: 51:9e:fa:42:b7:c5:e6:5b:3e:d9:43:8b:db:ed:aa:46:64:f0: 4b:49:40:cf:b2:0b:d0:39:81:37:55:e2:b4:a5:2d:fd:30:c8: 01:96:ad:93:89:f7:c4:27:05:10:3e:24:fe:07:ec:63:48:be: ff:c0:96:fc:9f:1f:db:1f:d3:12:25:49:80:7b:6b:bf:a5:2a: 00:b8:ab:a0:24:58:8c:78:cc:18:7c:f1:c2:05:fb:00:a1:2e: 5e:d4:c4:33:98:96:e9:43:d7:94:9f:d8:2c:69:dd:bd:50:de: 83:00:23:d6:f7:1e:99:d4:10:f4:f4:b6:52:2c:54:84:b1:01: cd:92:f3:65:cc:16:54:ed:6d:9d:6d:7c:78:9a:ab:4f:c8:bb: cc:5a:b9:26:84:f9:ff:ba:4c:d4:c7:8c:6c:3b:e7:a9:0d:1d: c0:39:2d:e7:7f:28:b3:af:b0:76:fd:13:cd:59:e6:07:43:e2: b5:cd:f8:d5:ec:74:3f:6d:92:26:8e:47:1b:4f:1a:99:e6:16: 04:7d:30:d3 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUFOkQ+NaTQs+W5pFxHuak/+cej9MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUIyREI2QTgwRThBNTg2MDk0M0Q1RTI0OUJDRjZGMkM0 N0Q0ODU0OTAeFw0yNTEwMjExMjU1MDJaFw0yNjEwMjAxMzAwMDJaMDMxMTAvBgNV BAMTKDdEMjM4NkY0MUNCQUE3N0JBQUUyM0VCNkVBNjIzOEQ5Q0I2NDc2MDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAfyFHcU0e4FJZaKcl2NyC2uWS bJQuyxZcqomqtxHZmnwHZmwxishq5LUg0OnX3BSk/ey55h+OBDsSsAw2RjrbKDN+ oPaaVyEHXVAH9y2LypZeDYH4HCXNQtSl/0c82kwPc8K1jLXt0V9160c8WNmN93PA fX8Ca+b53IKanyQ9dNoZ27CnSAry9ZtCDkbwQwJ21z2IKwBB0AaELldlbcoTJIuO 2Cbu3ZNmedyYFxT6pweq63pWYcT9WOcwhuh7kQzgs0wsoO0yR9DjsqKIT/DNNimu Pi4IYcG7+JQIXYUas1sM+WTL1htgmW5ONcpFi714ZjtMz/uwS61wv3QqyYNXAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUfSOG9By6p3uq4j626mI42ctkdgAwHwYDVR0j BBgwFoAUmy22qA6KWGCUPV4km89vLEfUhUkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k N2RkMjUxOS0zMDc4LTQ3ZDMtOWU4Ni00OGZkM2JkZTc2YzgvMC85QjJEQjZBODBF OEE1ODYwOTQzRDVFMjQ5QkNGNkYyQzQ3RDQ4NTQ5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOUIyREI2QTgwRThBNTg2MDk0M0Q1RTI0OUJDRjZGMkM0N0Q0 ODU0OS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q3ZGQyNTE5LTMwNzgtNDdkMy05 ZTg2LTQ4ZmQzYmRlNzZjOC8wLzMxMzUzNzJlMzYzNjJlMzIzMzM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzczNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnULuMA0GCSqG SIb3DQEBCwUAA4IBAQDU3GlIgcDWU/z4IW1Th7CZhCooyb0rlYR9UUVBDAA3ZBVa /2z4vR7HO3GzZMp5H1C55QfYtkNRnvpCt8XmWz7ZQ4vb7apGZPBLSUDPsgvQOYE3 VeK0pS39MMgBlq2TiffEJwUQPiT+B+xjSL7/wJb8nx/bH9MSJUmAe2u/pSoAuKug JFiMeMwYfPHCBfsAoS5e1MQzmJbpQ9eUn9gsad29UN6DACPW9x6Z1BD09LZSLFSE sQHNkvNlzBZU7W2dbXx4mqtPyLvMWrkmhPn/ukzUx4xsO+epDR3AOS3nfyizr7B2 /RPNWeYHQ+K1zfjV7HQ/bZImjkcbTxqZ5hYEfTDT -----END CERTIFICATE-----Generated at Wed Nov 5 14:59:11 2025 by rpki-client