$ rpki-client -vvf repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/3136302e32322e31332e302f32342d3234203d3e20313532373935.roa File: 3136302e32322e31332e302f32342d3234203d3e20313532373935.roa (raw, json) Hash identifier: CjQ8LjHFMEFZAKqjfhXd2Dui1+KhZzwEUkNHDbRDo5c= Subject key identifier: 39:72:8E:B7:6A:49:D3:F1:7F:E4:54:6E:A9:2C:8D:03:81:BE:4A:0A Certificate issuer: /CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Certificate serial: 5AAB8F709D18F18621B3A865F364B9C3268A3951 Authority key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/3136302e32322e31332e302f32342d3234203d3e20313532373935.roa Signing time: Fri 25 Jul 2025 06:00:00 +0000 ROA not before: Fri 25 Jul 2025 05:55:00 +0000 ROA not after: Fri 24 Jul 2026 06:00:00 +0000 asID: 152795 IP address blocks: 160.22.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 10:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:ab:8f:70:9d:18:f1:86:21:b3:a8:65:f3:64:b9:c3:26:8a:39:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Validity Not Before: Jul 25 05:55:00 2025 GMT Not After : Jul 24 06:00:00 2026 GMT Subject: CN=39728EB76A49D3F17FE4546EA92C8D0381BE4A0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:62:76:e3:0c:0d:b0:ca:46:2d:b9:58:7d:fc: 2b:ba:6a:31:e9:58:fb:e1:9a:e6:16:8a:37:26:73: 1c:27:1b:3e:d0:ca:c3:e7:2c:ed:87:a4:21:53:37: 28:48:8e:f1:8a:72:4a:17:40:73:71:01:66:85:89: 57:ee:dc:f5:21:67:cf:b5:a4:04:6d:19:d9:ab:df: 9b:84:1c:ff:e6:e3:69:24:09:49:f7:88:a6:4e:94: 81:34:62:85:25:ea:1a:ca:5d:ff:46:d5:78:d4:67: c8:d0:4d:43:9d:9f:d3:1f:08:b9:9a:17:11:59:4c: dd:3d:e7:a6:c1:e7:af:0b:6b:65:88:3e:f8:0a:a3: 2c:ac:ee:2e:cf:d5:01:e0:01:90:77:6b:4e:53:7c: 88:5a:bd:38:58:ab:d1:05:b3:34:29:13:d3:86:7e: 31:0a:a1:0e:a2:b0:27:92:89:7c:d7:50:09:b0:e0: de:72:39:04:7a:7a:44:e2:33:1e:6f:5a:5c:2d:38: c7:80:59:b3:5e:28:41:06:35:14:4f:fc:9e:e6:fa: ee:ed:a0:c9:a2:7d:60:00:a9:c1:6c:78:64:64:54: 0f:ec:d1:d7:64:5d:40:af:96:a8:99:13:2e:f4:86: 66:20:b8:83:68:e4:dd:f2:86:d8:59:ee:14:f3:ae: f9:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:72:8E:B7:6A:49:D3:F1:7F:E4:54:6E:A9:2C:8D:03:81:BE:4A:0A X509v3 Authority Key Identifier: keyid:58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/3136302e32322e31332e302f32342d3234203d3e20313532373935.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.13.0/24 Signature Algorithm: sha256WithRSAEncryption 94:45:12:0e:be:ea:00:2a:d6:0c:3e:42:42:cb:7f:5a:7c:a4: d7:ed:58:5b:dd:76:7d:95:0f:0a:f3:3b:3b:65:4b:15:5e:47: 4a:3c:d0:b1:a6:f6:10:b8:9e:52:15:59:ec:ba:0d:e9:70:aa: 91:d8:c0:5c:b7:d8:ce:47:e0:5f:bb:c0:ed:d5:ea:5e:cf:02: 80:16:48:22:4b:89:7e:09:d3:9f:ed:0e:c2:d2:9d:13:37:c6: a5:79:cf:93:7f:51:0c:cb:30:43:16:27:9f:1f:72:b5:38:ec: 3c:f3:a8:cf:6d:25:e8:67:03:e1:1c:e7:96:46:84:ed:cf:a9: fe:6f:ab:01:31:5d:a0:08:d4:12:fe:be:74:1d:87:87:56:ad: 1b:d6:b5:20:a4:68:b6:aa:28:17:23:fa:62:52:bf:06:1c:63: 61:cb:a2:92:a9:8d:8b:84:36:70:a2:eb:0e:e4:f0:7e:da:4e: 45:83:45:83:2e:a7:c5:25:28:b0:07:2e:d1:0e:e2:c8:70:24: 14:04:96:2d:2b:5c:9a:d8:13:19:21:8d:25:93:c7:c8:27:a0: ec:a3:d1:36:4e:bf:74:dd:f0:94:6e:19:70:f7:f9:b3:41:73: 78:d8:9e:85:ff:a9:0e:ec:c1:63:6e:8e:03:87:17:2b:ed:f0: 2f:8e:ab:d7 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUWquPcJ0Y8YYhs6hl82S5wyaKOVEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdF MEU0RDA2OTAeFw0yNTA3MjUwNTU1MDBaFw0yNjA3MjQwNjAwMDBaMDMxMTAvBgNV BAMTKDM5NzI4RUI3NkE0OUQzRjE3RkU0NTQ2RUE5MkM4RDAzODFCRTRBMEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7YnbjDA2wykYtuVh9/Cu6ajHp WPvhmuYWijcmcxwnGz7QysPnLO2HpCFTNyhIjvGKckoXQHNxAWaFiVfu3PUhZ8+1 pARtGdmr35uEHP/m42kkCUn3iKZOlIE0YoUl6hrKXf9G1XjUZ8jQTUOdn9MfCLma FxFZTN0956bB568La2WIPvgKoyys7i7P1QHgAZB3a05TfIhavThYq9EFszQpE9OG fjEKoQ6isCeSiXzXUAmw4N5yOQR6ekTiMx5vWlwtOMeAWbNeKEEGNRRP/J7m+u7t oMmifWAAqcFseGRkVA/s0ddkXUCvlqiZEy70hmYguINo5N3yhthZ7hTzrvkFAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUOXKOt2pJ0/F/5FRuqSyNA4G+SgowHwYDVR0j BBgwFoAUWI3Q/OS8JDzJxtaK4E6EZ+Dk0GkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w MTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMC81ODhERDBGQ0U0 QkMyNDNDQzlDNkQ2OEFFMDRFODQ2N0UwRTREMDY5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNTg4REQwRkNFNEJDMjQzQ0M5QzZENjhBRTA0RTg0NjdFMEU0 RDA2OS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAxOTllNTQxLTE4NjEtNGQ2YS04 ZTI4LWIwMjg0NTg2MTQ5Ni8wLzMxMzYzMDJlMzIzMjJlMzEzMzJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzUzMjM3MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKAWDTANBgkqhkiG 9w0BAQsFAAOCAQEAlEUSDr7qACrWDD5CQst/Wnyk1+1YW912fZUPCvM7O2VLFV5H SjzQsab2ELieUhVZ7LoN6XCqkdjAXLfYzkfgX7vA7dXqXs8CgBZIIkuJfgnTn+0O wtKdEzfGpXnPk39RDMswQxYnnx9ytTjsPPOoz20l6GcD4RznlkaE7c+p/m+rATFd oAjUEv6+dB2Hh1atG9a1IKRotqooFyP6YlK/BhxjYcuikqmNi4Q2cKLrDuTwftpO RYNFgy6nxSUosAcu0Q7iyHAkFASWLStcmtgTGSGNJZPHyCeg7KPRNk6/dN3wlG4Z cPf5s0FzeNiehf+pDuzBY26OA4cXK+3wL46r1w== -----END CERTIFICATE-----Generated at Sun Aug 24 08:47:53 2025 by rpki-client