$ rpki-client -vvf repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/3130332e3136392e3133382e302f32332d3234203d3e20313432333433.roa File: 3130332e3136392e3133382e302f32332d3234203d3e20313432333433.roa (raw, json) Hash identifier: aSdaPM0o498crDDrokbkojmBP4EpLJ/R7SH4SGHemZM= Subject key identifier: 32:BA:D8:A7:E3:FD:0A:9F:5C:86:91:BC:17:3E:7D:62:0D:55:D0:08 Certificate issuer: /CN=846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0 Certificate serial: 1246579B1301832ECCAF9894A341FAD124A64B7D Authority key identifier: 84:6B:CB:85:C1:E1:AA:59:03:7B:0A:2A:C5:9E:D1:E8:E7:42:0E:D0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/3130332e3136392e3133382e302f32332d3234203d3e20313432333433.roa Signing time: Wed 11 Mar 2026 15:00:00 +0000 ROA not before: Wed 11 Mar 2026 14:55:00 +0000 ROA not after: Wed 10 Mar 2027 15:00:00 +0000 asID: 142343 IP address blocks: 103.169.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.crl rsync://repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 11:55:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:46:57:9b:13:01:83:2e:cc:af:98:94:a3:41:fa:d1:24:a6:4b:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0 Validity Not Before: Mar 11 14:55:00 2026 GMT Not After : Mar 10 15:00:00 2027 GMT Subject: CN=32BAD8A7E3FD0A9F5C8691BC173E7D620D55D008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:9e:a3:d7:9f:fe:b9:a7:33:a3:14:6d:01:6b: 6a:1b:67:15:b1:02:59:11:14:db:c1:1e:18:14:88: 3e:c1:e6:2d:44:ca:b5:3c:0f:3b:48:33:8a:1f:95: c9:16:e4:da:75:0e:9f:a8:c3:be:65:b8:6e:36:99: 08:45:ea:18:0a:21:8d:dc:46:54:5b:60:62:4b:4a: cc:df:ae:98:24:17:57:e1:a4:1c:dd:d8:2d:64:61: 08:11:d9:1e:78:72:78:1e:14:73:08:a3:d7:e1:74: 6e:54:c0:f3:b2:0b:f7:fd:a3:aa:ba:80:82:60:da: 04:a1:71:5c:96:74:a7:37:06:27:19:a2:ba:12:c9: 70:ed:f9:91:89:24:26:56:6e:68:3b:d9:3b:d4:e3: 3d:b4:b1:da:ee:40:6b:2b:cc:ab:42:aa:03:2c:10: 02:0c:9b:5a:70:4b:eb:a2:c2:e9:0a:4c:11:75:54: 01:a2:aa:b2:de:51:51:0d:4a:a5:e6:19:41:c2:34: 64:a5:d7:1c:07:b5:87:06:bc:3f:e9:b8:b3:67:46: b6:30:11:ba:10:da:42:0a:02:87:4a:bd:5d:7c:3e: a4:3d:09:e7:0c:24:d3:2d:88:23:78:d4:5d:2e:7c: 7a:c8:ae:8f:9c:fe:60:37:31:0a:32:72:88:8e:03: ea:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:BA:D8:A7:E3:FD:0A:9F:5C:86:91:BC:17:3E:7D:62:0D:55:D0:08 X509v3 Authority Key Identifier: keyid:84:6B:CB:85:C1:E1:AA:59:03:7B:0A:2A:C5:9E:D1:E8:E7:42:0E:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/846BCB85C1E1AA59037B0A2AC59ED1E8E7420ED0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/04ca5868-57e9-49b9-bfe1-48d78334a18c/0/3130332e3136392e3133382e302f32332d3234203d3e20313432333433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.138.0/23 Signature Algorithm: sha256WithRSAEncryption 8d:72:3f:93:69:c8:55:fa:bb:46:79:0a:38:73:89:77:c1:7a: af:1a:b5:4a:95:87:6a:30:83:f7:de:29:40:d7:20:0a:f3:bc: d7:fc:ca:b2:a3:3f:14:65:15:8b:68:39:5f:3c:4b:0c:c4:c3: 2d:fd:72:11:90:f1:6a:51:cd:c1:57:b4:7c:d9:f5:04:08:5a: 45:4c:bc:b1:3c:12:fe:3a:d5:6c:9c:26:b8:60:82:c6:c5:fb: 11:1d:05:a0:19:ac:5d:ed:e5:28:49:9d:6f:05:24:06:56:ee: 13:90:3c:1b:6c:2c:ec:58:70:8a:8b:2a:37:32:cd:91:99:b7: e5:a6:e6:4d:4c:bd:6c:94:58:0e:42:3c:e6:72:fe:06:c5:38: bc:89:7e:84:29:43:75:a3:bd:1e:a4:71:a2:ca:10:86:2c:53: 70:f4:9c:03:34:9f:f0:6c:21:59:8b:5f:cf:f7:8f:a5:8e:e8: 16:2d:d0:0e:50:02:22:02:61:65:5a:05:5d:39:d6:37:f5:d4: 0b:ca:c8:0a:c3:0a:ec:b1:81:38:f3:53:be:7c:2e:ac:8d:1a: 3d:52:79:41:29:a1:44:b0:fd:28:c9:10:0d:a0:60:f1:78:b0: 39:83:ac:07:e4:41:c2:8b:74:9d:8f:98:ae:d8:a7:05:22:44: b8:d9:99:cc -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUEkZXmxMBgy7Mr5iUo0H60SSmS30wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQ2QkNCODVDMUUxQUE1OTAzN0IwQTJBQzU5RUQxRThF NzQyMEVEMDAeFw0yNjAzMTExNDU1MDBaFw0yNzAzMTAxNTAwMDBaMDMxMTAvBgNV BAMTKDMyQkFEOEE3RTNGRDBBOUY1Qzg2OTFCQzE3M0U3RDYyMEQ1NUQwMDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChnqPXn/65pzOjFG0Ba2obZxWx AlkRFNvBHhgUiD7B5i1EyrU8DztIM4oflckW5Np1Dp+ow75luG42mQhF6hgKIY3c RlRbYGJLSszfrpgkF1fhpBzd2C1kYQgR2R54cngeFHMIo9fhdG5UwPOyC/f9o6q6 gIJg2gShcVyWdKc3BicZoroSyXDt+ZGJJCZWbmg72TvU4z20sdruQGsrzKtCqgMs EAIMm1pwS+uiwukKTBF1VAGiqrLeUVENSqXmGUHCNGSl1xwHtYcGvD/puLNnRrYw EboQ2kIKAodKvV18PqQ9CecMJNMtiCN41F0ufHrIro+c/mA3MQoycoiOA+ofAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUMrrYp+P9Cp9chpG8Fz59Yg1V0AgwHwYDVR0j BBgwFoAUhGvLhcHhqlkDewoqxZ7R6OdCDtAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NGNhNTg2OC01N2U5LTQ5YjktYmZlMS00OGQ3ODMzNGExOGMvMC84NDZCQ0I4NUMx RTFBQTU5MDM3QjBBMkFDNTlFRDFFOEU3NDIwRUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQ2QkNCODVDMUUxQUE1OTAzN0IwQTJBQzU5RUQxRThFNzQy MEVEMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0Y2E1ODY4LTU3ZTktNDliOS1i ZmUxLTQ4ZDc4MzM0YTE4Yy8wLzMxMzAzMzJlMzEzNjM5MmUzMTMzMzgyZTMwMmYz MjMzMmQzMjM0MjAzZDNlMjAzMTM0MzIzMzM0MzMucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnqYowDQYJ KoZIhvcNAQELBQADggEBAI1yP5NpyFX6u0Z5CjhziXfBeq8atUqVh2owg/feKUDX IArzvNf8yrKjPxRlFYtoOV88SwzEwy39chGQ8WpRzcFXtHzZ9QQIWkVMvLE8Ev46 1WycJrhggsbF+xEdBaAZrF3t5ShJnW8FJAZW7hOQPBtsLOxYcIqLKjcyzZGZt+Wm 5k1MvWyUWA5CPOZy/gbFOLyJfoQpQ3WjvR6kcaLKEIYsU3D0nAM0n/BsIVmLX8/3 j6WO6BYt0A5QAiICYWVaBV051jf11AvKyArDCuyxgTjzU758LqyNGj1SeUEpoUSw /SjJEA2gYPF4sDmDrAfkQcKLdJ2PmK7YpwUiRLjZmcw= -----END CERTIFICATE-----Generated at Thu Mar 26 21:06:34 2026 by rpki-client