$ rpki-client -vvf repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/3135372e31302e36332e302f32342d3234203d3e20313532303835.roa File: 3135372e31302e36332e302f32342d3234203d3e20313532303835.roa (raw, json) Hash identifier: 9mpAVpAO+aHJhHpBlGcLDx3eGU5On+hoBdAGOhixT1Q= Subject key identifier: 23:E0:68:EA:F5:C0:41:C0:08:5B:A2:D3:01:74:C3:48:E2:18:01:E5 Certificate issuer: /CN=4A37764CC80D1B8A6819E0F0F145466E0BE52CBD Certificate serial: 0C94BF9E4009BE3C7C8C8D27ABABA9C5F6098D85 Authority key identifier: 4A:37:76:4C:C8:0D:1B:8A:68:19:E0:F0:F1:45:46:6E:0B:E5:2C:BD Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/3135372e31302e36332e302f32342d3234203d3e20313532303835.roa Signing time: Tue 04 Mar 2025 10:00:00 +0000 ROA not before: Tue 04 Mar 2025 09:55:00 +0000 ROA not after: Tue 03 Mar 2026 10:00:00 +0000 asID: 152085 IP address blocks: 157.10.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.crl rsync://repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 12:36:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:94:bf:9e:40:09:be:3c:7c:8c:8d:27:ab:ab:a9:c5:f6:09:8d:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4A37764CC80D1B8A6819E0F0F145466E0BE52CBD Validity Not Before: Mar 4 09:55:00 2025 GMT Not After : Mar 3 10:00:00 2026 GMT Subject: CN=23E068EAF5C041C0085BA2D30174C348E21801E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:22:7e:24:4d:a1:72:10:17:23:ca:07:ab:b4: 6b:c1:c5:2d:2c:7c:8a:ea:4b:b8:b8:f0:53:1f:10: 4d:a5:04:8a:6f:25:bc:ec:9d:99:02:fd:d5:6e:43: d4:a6:bf:ca:d5:e2:b2:3f:1b:25:37:0e:2a:62:ca: 39:56:1b:30:b0:ff:3c:69:14:dc:ca:02:67:21:68: e5:b6:32:bb:03:0b:37:19:1a:29:b0:c7:9a:6a:9a: 6d:2d:1d:c3:2a:e4:dc:b4:8e:57:6f:96:f7:38:f8: 74:e9:9b:94:87:04:4b:5c:c6:86:a9:ca:62:6f:21: 8d:64:ab:ee:a3:32:80:54:d6:b8:4a:56:2e:1e:bb: 9b:75:39:8c:89:05:42:8c:2a:24:c6:82:0c:58:54: aa:d4:a0:11:06:ec:18:24:76:2e:dc:e3:e4:fe:0a: 7e:97:33:03:ad:34:4c:ad:31:93:2a:79:ee:6e:d3: dd:31:1e:fc:24:a4:63:1c:8a:8c:93:75:7c:9b:cc: 4a:36:1a:e1:a2:16:24:93:84:3d:69:4d:57:6e:01: ac:e8:58:56:07:2c:e1:3a:46:13:29:9e:e7:6d:20: ac:25:f5:3e:e2:fe:4c:e1:08:85:4d:46:49:00:61: 72:fd:54:f7:e5:8e:25:b3:74:e4:39:14:26:40:83: d0:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:E0:68:EA:F5:C0:41:C0:08:5B:A2:D3:01:74:C3:48:E2:18:01:E5 X509v3 Authority Key Identifier: keyid:4A:37:76:4C:C8:0D:1B:8A:68:19:E0:F0:F1:45:46:6E:0B:E5:2C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4A37764CC80D1B8A6819E0F0F145466E0BE52CBD.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/3135372e31302e36332e302f32342d3234203d3e20313532303835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.63.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:28:25:4b:ca:61:fd:54:97:cb:46:1f:d6:ad:46:60:ec:33: d0:da:ee:f9:1c:23:e8:f4:99:39:08:08:8b:9e:6b:14:50:ba: ed:e5:e5:9d:6a:01:cf:79:8c:d8:dc:be:d7:fa:6b:db:3d:de: 3a:2c:49:a4:8d:aa:f6:6f:55:09:f7:b8:78:f5:77:10:46:5c: 1a:a6:24:95:79:ba:a3:73:81:4b:43:54:12:0f:3e:53:47:a2: a4:8f:05:4a:0e:41:24:22:d5:4a:13:a6:1a:16:8f:b7:82:3e: 0e:6e:fa:b9:8b:bc:47:92:6a:4f:fa:ef:8b:0a:2e:ac:e0:34: d5:7a:74:f8:7c:3c:29:ff:66:7e:67:03:5c:0e:86:6c:85:78: e3:6e:e9:f0:bc:5b:09:60:da:0c:c8:8c:02:4d:ce:c8:95:97: a8:3a:90:76:1e:c4:dc:5e:69:d0:94:60:6e:e9:b3:01:b1:63: 33:2b:ff:ea:df:74:2f:22:91:75:a8:3b:2f:74:5c:da:2e:8c: bd:16:a5:3d:b5:32:77:dd:bd:74:44:ab:f6:2a:c0:e4:d9:92: f7:4a:ee:20:f6:11:ab:36:2c:cf:e5:c7:09:ea:fb:f3:5b:54: bd:bf:a4:d0:05:07:a3:ea:31:99:69:97:a5:1c:60:a4:8c:b1: 4e:af:33:40 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUDJS/nkAJvjx8jI0nq6upxfYJjYUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEEzNzc2NENDODBEMUI4QTY4MTlFMEYwRjE0NTQ2NkUw QkU1MkNCRDAeFw0yNTAzMDQwOTU1MDBaFw0yNjAzMDMxMDAwMDBaMDMxMTAvBgNV BAMTKDIzRTA2OEVBRjVDMDQxQzAwODVCQTJEMzAxNzRDMzQ4RTIxODAxRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/In4kTaFyEBcjygertGvBxS0s fIrqS7i48FMfEE2lBIpvJbzsnZkC/dVuQ9Smv8rV4rI/GyU3DipiyjlWGzCw/zxp FNzKAmchaOW2MrsDCzcZGimwx5pqmm0tHcMq5Ny0jldvlvc4+HTpm5SHBEtcxoap ymJvIY1kq+6jMoBU1rhKVi4eu5t1OYyJBUKMKiTGggxYVKrUoBEG7Bgkdi7c4+T+ Cn6XMwOtNEytMZMqee5u090xHvwkpGMcioyTdXybzEo2GuGiFiSThD1pTVduAazo WFYHLOE6RhMpnudtIKwl9T7i/kzhCIVNRkkAYXL9VPfljiWzdOQ5FCZAg9DTAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUI+Bo6vXAQcAIW6LTAXTDSOIYAeUwHwYDVR0j BBgwFoAUSjd2TMgNG4poGeDw8UVGbgvlLL0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m ZDNhMmZkZi1iY2JhLTQ3NTctYjM2Ni1lMWEwYWQyZDM3NGEvMC80QTM3NzY0Q0M4 MEQxQjhBNjgxOUUwRjBGMTQ1NDY2RTBCRTUyQ0JELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNEEzNzc2NENDODBEMUI4QTY4MTlFMEYwRjE0NTQ2NkUwQkU1 MkNCRC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZkM2EyZmRmLWJjYmEtNDc1Ny1i MzY2LWUxYTBhZDJkMzc0YS8wLzMxMzUzNzJlMzEzMDJlMzYzMzJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzUzMjMwMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0KPzANBgkqhkiG 9w0BAQsFAAOCAQEALSglS8ph/VSXy0Yf1q1GYOwz0Nru+Rwj6PSZOQgIi55rFFC6 7eXlnWoBz3mM2Ny+1/pr2z3eOixJpI2q9m9VCfe4ePV3EEZcGqYklXm6o3OBS0NU Eg8+U0eipI8FSg5BJCLVShOmGhaPt4I+Dm76uYu8R5JqT/rviwourOA01Xp0+Hw8 Kf9mfmcDXA6GbIV4427p8LxbCWDaDMiMAk3OyJWXqDqQdh7E3F5p0JRgbumzAbFj Myv/6t90LyKRdag7L3Rc2i6MvRalPbUyd929dESr9irA5NmS90ruIPYRqzYsz+XH Cer781tUvb+k0AUHo+oxmWmXpRxgpIyxTq8zQA== -----END CERTIFICATE-----Generated at Wed Nov 5 23:06:54 2025 by rpki-client