$ rpki-client -vvf repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/3135372e32302e3230382e302f32342d3234203d3e20313532343136.roa File: 3135372e32302e3230382e302f32342d3234203d3e20313532343136.roa (raw, json) Hash identifier: 5HrjYhzGl966YcRXgphYt2j/Sbh0/oaXfGdM2Fz9Phg= Subject key identifier: 88:11:64:C7:35:CA:DC:A1:67:0E:BE:7A:B6:03:7E:B8:64:17:33:1B Certificate issuer: /CN=C453630F1ABE5FF992F948A75DB4587776AD02EC Certificate serial: 563527A2C59EED23D6AC7DFBF3B67D7FB879D86C Authority key identifier: C4:53:63:0F:1A:BE:5F:F9:92:F9:48:A7:5D:B4:58:77:76:AD:02:EC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C453630F1ABE5FF992F948A75DB4587776AD02EC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/3135372e32302e3230382e302f32342d3234203d3e20313532343136.roa Signing time: Sun 20 Apr 2025 08:01:13 +0000 ROA not before: Sun 20 Apr 2025 07:56:13 +0000 ROA not after: Sun 19 Apr 2026 08:01:13 +0000 asID: 152416 IP address blocks: 157.20.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/C453630F1ABE5FF992F948A75DB4587776AD02EC.crl rsync://repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/C453630F1ABE5FF992F948A75DB4587776AD02EC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C453630F1ABE5FF992F948A75DB4587776AD02EC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 08:38:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:35:27:a2:c5:9e:ed:23:d6:ac:7d:fb:f3:b6:7d:7f:b8:79:d8:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C453630F1ABE5FF992F948A75DB4587776AD02EC Validity Not Before: Apr 20 07:56:13 2025 GMT Not After : Apr 19 08:01:13 2026 GMT Subject: CN=881164C735CADCA1670EBE7AB6037EB86417331B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:cf:8e:4c:08:1c:53:0f:d3:1b:90:c4:bf:90: 24:18:90:42:41:e0:e6:14:1f:5f:b6:94:bc:70:d0: a5:e3:79:a6:c6:16:e9:c0:dd:5c:76:47:9f:81:c4: 93:63:ca:f7:2c:13:ef:4c:e8:44:8c:e5:ed:69:a2: b1:98:5c:62:e7:df:ff:6b:6b:72:b4:f0:51:02:42: e9:68:c8:ae:84:ab:d0:ee:f7:c2:0c:03:de:25:0f: 3f:12:48:83:b7:12:5e:7f:3e:ce:50:39:18:ca:07: 6c:b0:8a:27:70:4e:76:6e:92:f7:8f:8f:e3:9b:e1: 68:31:a2:59:c2:a1:bf:75:cc:71:38:9a:76:a4:4c: f1:1c:d6:4e:41:f1:aa:ac:c2:7a:63:0b:67:35:7c: e2:2b:7b:85:13:63:88:d5:47:4e:b9:73:62:b3:42: f5:c0:ed:29:d4:68:ee:83:be:94:ec:f0:5b:64:95: 59:82:4b:53:a4:03:87:90:90:bb:09:27:35:4c:bf: 06:e0:80:7b:dc:be:9a:7c:30:5e:54:cd:b1:9b:d5: 38:4e:6f:ff:0c:37:ae:6a:2c:15:39:ea:d7:a8:e6: 63:b4:30:bb:d2:e1:c6:85:ea:e5:ca:e2:e9:03:34: 2b:e4:b5:b8:d0:5e:17:29:b1:2e:b9:2a:0e:ba:82: 9c:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:11:64:C7:35:CA:DC:A1:67:0E:BE:7A:B6:03:7E:B8:64:17:33:1B X509v3 Authority Key Identifier: keyid:C4:53:63:0F:1A:BE:5F:F9:92:F9:48:A7:5D:B4:58:77:76:AD:02:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/C453630F1ABE5FF992F948A75DB4587776AD02EC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C453630F1ABE5FF992F948A75DB4587776AD02EC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/3135372e32302e3230382e302f32342d3234203d3e20313532343136.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.208.0/24 Signature Algorithm: sha256WithRSAEncryption 81:bb:98:c7:35:19:4f:63:ac:2e:6d:9c:a0:59:c6:23:9c:b2: a1:fc:c9:a5:ef:be:45:e4:39:1e:bb:1e:29:06:83:e8:49:1b: 19:50:86:f7:a3:bb:23:fb:5b:10:24:69:96:a9:fd:b8:31:68: d2:e9:54:6a:48:eb:24:1d:e8:6c:39:38:5d:00:09:c0:31:07: 6e:74:85:cb:2f:f4:44:fa:3f:66:1b:a7:7c:25:8c:da:ea:6a: 81:e0:39:60:b0:61:d4:b1:f8:25:00:a8:0e:84:f4:a8:31:95: 9d:56:10:c9:4a:4f:8a:51:81:fa:86:c4:6f:e9:81:17:24:63: 71:7d:45:a5:b0:2f:0d:0f:8d:91:1c:b1:7e:42:d6:be:f7:04: 35:5d:4b:fd:d6:85:af:93:49:9a:21:88:6b:2f:b0:d0:b5:8b: 03:fa:88:3a:b0:e9:c4:8b:2e:74:a9:21:d9:7f:1d:1e:02:89: 51:61:4e:cb:60:81:46:5d:62:b8:f0:20:33:87:8c:72:17:7b: f2:18:36:66:08:10:27:a5:34:4e:02:41:8d:f6:c4:41:7c:c2: 8c:3c:bc:21:f5:83:ba:ba:14:74:69:b9:62:2f:3f:7c:c6:86: d9:37:39:87:09:e3:9a:b4:92:9f:ea:65:1b:e8:b8:46:54:d7: 72:01:14:33 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUVjUnosWe7SPWrH3787Z9f7h52GwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzQ1MzYzMEYxQUJFNUZGOTkyRjk0OEE3NURCNDU4Nzc3 NkFEMDJFQzAeFw0yNTA0MjAwNzU2MTNaFw0yNjA0MTkwODAxMTNaMDMxMTAvBgNV BAMTKDg4MTE2NEM3MzVDQURDQTE2NzBFQkU3QUI2MDM3RUI4NjQxNzMzMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3z45MCBxTD9MbkMS/kCQYkEJB 4OYUH1+2lLxw0KXjeabGFunA3Vx2R5+BxJNjyvcsE+9M6ESM5e1porGYXGLn3/9r a3K08FECQuloyK6Eq9Du98IMA94lDz8SSIO3El5/Ps5QORjKB2ywiidwTnZukveP j+Ob4WgxolnCob91zHE4mnakTPEc1k5B8aqswnpjC2c1fOIre4UTY4jVR065c2Kz QvXA7SnUaO6DvpTs8FtklVmCS1OkA4eQkLsJJzVMvwbggHvcvpp8MF5UzbGb1ThO b/8MN65qLBU56teo5mO0MLvS4caF6uXK4ukDNCvktbjQXhcpsS65Kg66gpxTAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUiBFkxzXK3KFnDr56tgN+uGQXMxswHwYDVR0j BBgwFoAUxFNjDxq+X/mS+UinXbRYd3atAuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k YzQwOTRkMi1lMThkLTQ4NDAtODRmYS1jNTc1N2FmNTgwZjEvMC9DNDUzNjMwRjFB QkU1RkY5OTJGOTQ4QTc1REI0NTg3Nzc2QUQwMkVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQzQ1MzYzMEYxQUJFNUZGOTkyRjk0OEE3NURCNDU4Nzc3NkFE MDJFQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RjNDA5NGQyLWUxOGQtNDg0MC04 NGZhLWM1NzU3YWY1ODBmMS8wLzMxMzUzNzJlMzIzMDJlMzIzMDM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTQMA0GCSqG SIb3DQEBCwUAA4IBAQCBu5jHNRlPY6wubZygWcYjnLKh/Mml775F5Dkeux4pBoPo SRsZUIb3o7sj+1sQJGmWqf24MWjS6VRqSOskHehsOThdAAnAMQdudIXLL/RE+j9m G6d8JYza6mqB4DlgsGHUsfglAKgOhPSoMZWdVhDJSk+KUYH6hsRv6YEXJGNxfUWl sC8ND42RHLF+Qta+9wQ1XUv91oWvk0maIYhrL7DQtYsD+og6sOnEiy50qSHZfx0e AolRYU7LYIFGXWK48CAzh4xyF3vyGDZmCBAnpTROAkGN9sRBfMKMPLwh9YO6uhR0 abliLz98xobZNzmHCeOatJKf6mUb6LhGVNdyARQz -----END CERTIFICATE-----Generated at Wed Nov 5 16:21:50 2025 by rpki-client