$ rpki-client -vvf repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3234203d3e203436303233.roa File: 34332e3235322e382e302f32322d3234203d3e203436303233.roa (raw, json) Hash identifier: ew8ixv2h2tSjaEY3/TThrhcZ+9lWnQ16DmQ536uNxCE= Subject key identifier: 3A:64:24:BF:CF:8E:16:68:30:F4:EE:29:E1:3D:1A:63:19:2A:13:2A Certificate issuer: /CN=7DF6602C113DDEE922AA019C74EF4283764A4695 Certificate serial: 1CB7AEF68A9D8C5DC83168398BCAF35357AD094E Authority key identifier: 7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer Subject info access: rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3234203d3e203436303233.roa Signing time: Tue 14 Oct 2025 16:00:03 +0000 ROA not before: Tue 14 Oct 2025 15:55:03 +0000 ROA not after: Tue 13 Oct 2026 16:00:03 +0000 asID: 46023 IP address blocks: 43.252.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 18:03:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:b7:ae:f6:8a:9d:8c:5d:c8:31:68:39:8b:ca:f3:53:57:ad:09:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7DF6602C113DDEE922AA019C74EF4283764A4695 Validity Not Before: Oct 14 15:55:03 2025 GMT Not After : Oct 13 16:00:03 2026 GMT Subject: CN=3A6424BFCF8E166830F4EE29E13D1A63192A132A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:23:8d:7f:3f:5f:66:f0:4e:57:0d:b5:bc:ce: 7b:f4:55:15:68:84:0b:79:98:7e:d0:ef:c7:35:8f: 2f:79:8c:b8:84:80:d4:43:f0:a0:79:62:be:da:cf: b8:7b:0b:02:56:ed:62:9b:5a:ae:c0:01:ea:18:18: 92:8f:8d:40:0e:1b:62:4e:0b:02:67:74:7d:d5:2c: 60:b0:0c:66:68:b7:5d:6c:95:60:af:e9:87:09:60: 00:17:05:87:49:f5:38:8c:ad:d1:d0:6c:c4:1b:7b: 06:da:a2:ba:e6:d0:db:27:f4:e5:2c:43:11:fa:39: 81:36:42:ea:f7:0f:f2:de:e4:53:ba:3e:00:af:df: 5c:b5:d1:1e:ed:1f:a5:5d:c3:93:87:05:d5:4f:7b: 06:15:a7:42:4e:99:5f:78:08:3f:6c:09:2f:5d:9e: d4:1d:d4:d3:9c:7c:16:dd:10:85:64:ae:f6:2e:62: 0f:b3:39:1e:c4:f3:3a:08:ab:ff:d7:ce:a7:72:34: 3e:f0:b9:69:d5:0b:56:ca:dd:a5:90:4f:78:31:7e: 39:b8:50:ec:0a:e8:e9:2e:33:8a:18:cf:0a:ed:0c: 6a:6d:fa:b4:3f:f7:38:40:1d:04:99:c0:20:fc:9a: 04:a7:c2:2b:8f:f1:0e:6b:69:17:d5:af:18:30:e2: 00:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:64:24:BF:CF:8E:16:68:30:F4:EE:29:E1:3D:1A:63:19:2A:13:2A X509v3 Authority Key Identifier: keyid:7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/34332e3235322e382e302f32322d3234203d3e203436303233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.8.0/22 Signature Algorithm: sha256WithRSAEncryption 31:d6:aa:40:9d:d9:89:26:3c:d4:48:fd:c8:5a:76:8e:56:c5: e3:45:00:cd:10:a2:4f:16:0a:e2:f8:fb:07:ee:3c:77:5c:65: d7:c1:0e:7c:c9:16:ea:00:18:96:51:1d:8a:22:03:34:68:c1: 75:43:20:80:8c:0d:6b:69:17:36:02:a9:79:69:f8:45:76:fd: 76:c8:54:4c:32:83:7d:04:28:6e:9e:42:a9:a8:d9:84:73:f3: e3:09:57:0f:3a:70:67:31:90:a5:4f:50:ca:55:c2:f7:00:49: b8:aa:fc:55:09:8f:b5:3f:4d:7f:3e:09:11:b5:43:54:99:91: 07:92:02:d6:f3:02:36:f8:c1:99:34:fd:80:a6:ca:31:2e:77: dd:7b:9b:d0:a6:99:d3:f8:21:df:a9:c5:2a:01:a9:de:f3:e7: 87:38:5e:5a:62:7e:b1:f9:eb:77:5d:ca:ca:d4:3f:89:a0:34: 93:9b:fe:1b:86:25:d9:2a:0c:8d:b2:93:6f:23:fd:df:03:4a: bd:f0:fb:3e:3a:fa:cc:34:c4:30:08:23:bc:e1:24:d9:d1:bb: f1:b6:82:38:2b:c4:20:e3:c9:d9:fa:d8:ac:f1:b0:c2:d2:b6: 0d:d1:d8:d6:1c:34:ba:0d:d1:70:e4:a2:12:eb:cc:81:8a:d1: 3a:0a:77:f4 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIUHLeu9oqdjF3IMWg5i8rzU1etCU4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3 NjRBNDY5NTAeFw0yNTEwMTQxNTU1MDNaFw0yNjEwMTMxNjAwMDNaMDMxMTAvBgNV BAMTKDNBNjQyNEJGQ0Y4RTE2NjgzMEY0RUUyOUUxM0QxQTYzMTkyQTEzMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAI41/P19m8E5XDbW8znv0VRVo hAt5mH7Q78c1jy95jLiEgNRD8KB5Yr7az7h7CwJW7WKbWq7AAeoYGJKPjUAOG2JO CwJndH3VLGCwDGZot11slWCv6YcJYAAXBYdJ9TiMrdHQbMQbewbaorrm0Nsn9OUs QxH6OYE2Qur3D/Le5FO6PgCv31y10R7tH6Vdw5OHBdVPewYVp0JOmV94CD9sCS9d ntQd1NOcfBbdEIVkrvYuYg+zOR7E8zoIq//XzqdyND7wuWnVC1bK3aWQT3gxfjm4 UOwK6OkuM4oYzwrtDGpt+rQ/9zhAHQSZwCD8mgSnwiuP8Q5raRfVrxgw4gCTAgMB AAGjggItMIICKTAdBgNVHQ4EFgQUOmQkv8+OFmgw9O4p4T0aYxkqEyowHwYDVR0j BBgwFoAUffZgLBE93ukiqgGcdO9Cg3ZKRpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MGE5ODViMC1lMTdhLTQyMWItOTY1NS0wMzI0NWEwMWFlZjgvMC83REY2NjAyQzEx M0RERUU5MjJBQTAxOUM3NEVGNDI4Mzc2NEE0Njk1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3NjRB NDY5NS5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vMDBhOTg1YjAtZTE3YS00MjFiLTk2 NTUtMDMyNDVhMDFhZWY4LzAvMzQzMzJlMzIzNTMyMmUzODJlMzAyZjMyMzIyZDMy MzQyMDNkM2UyMDM0MzYzMDMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr/AgwDQYJKoZIhvcNAQEL BQADggEBADHWqkCd2YkmPNRI/chado5WxeNFAM0Qok8WCuL4+wfuPHdcZdfBDnzJ FuoAGJZRHYoiAzRowXVDIICMDWtpFzYCqXlp+EV2/XbIVEwyg30EKG6eQqmo2YRz 8+MJVw86cGcxkKVPUMpVwvcASbiq/FUJj7U/TX8+CRG1Q1SZkQeSAtbzAjb4wZk0 /YCmyjEud917m9CmmdP4Id+pxSoBqd7z54c4XlpifrH563ddysrUP4mgNJOb/huG JdkqDI2yk28j/d8DSr3w+z46+sw0xDAII7zhJNnRu/G2gjgrxCDjydn62KzxsMLS tg3R2NYcNLoN0XDkohLrzIGK0ToKd/Q= -----END CERTIFICATE-----Generated at Mon Oct 20 19:08:55 2025 by rpki-client