$ rpki-client -vvf repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3232332e3133302e32302e302f32332d3234203d3e20313338313238.roa File: 3232332e3133302e32302e302f32332d3234203d3e20313338313238.roa (raw, json) Hash identifier: zOGqafxPKIahoYeNeVQJwZYMYXlq5HVpdCLIvX5OtD0= Subject key identifier: A3:11:3F:27:36:E8:F7:12:5B:D7:D9:F3:A4:FD:66:DC:0B:C5:1E:A9 Certificate issuer: /CN=295CEF87CDB74B1A43287E630C3FE568272D2F33 Certificate serial: 046C7CF93740D4E7A4EA34AB2D456B75600B62B5 Authority key identifier: 29:5C:EF:87:CD:B7:4B:1A:43:28:7E:63:0C:3F:E5:68:27:2D:2F:33 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/295CEF87CDB74B1A43287E630C3FE568272D2F33.cer Subject info access: rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3232332e3133302e32302e302f32332d3234203d3e20313338313238.roa Signing time: Wed 04 Mar 2026 04:03:21 +0000 ROA not before: Wed 04 Mar 2026 03:58:21 +0000 ROA not after: Wed 03 Mar 2027 04:03:21 +0000 asID: 138128 IP address blocks: 223.130.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/295CEF87CDB74B1A43287E630C3FE568272D2F33.crl rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/295CEF87CDB74B1A43287E630C3FE568272D2F33.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/295CEF87CDB74B1A43287E630C3FE568272D2F33.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 10:39:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:6c:7c:f9:37:40:d4:e7:a4:ea:34:ab:2d:45:6b:75:60:0b:62:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=295CEF87CDB74B1A43287E630C3FE568272D2F33 Validity Not Before: Mar 4 03:58:21 2026 GMT Not After : Mar 3 04:03:21 2027 GMT Subject: CN=A3113F2736E8F7125BD7D9F3A4FD66DC0BC51EA9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c1:ce:06:0a:8c:ad:9b:6e:80:b9:cc:db:24: cf:2b:24:a9:cb:6a:1e:8d:ad:3b:14:19:f6:11:9c: 6b:f3:19:e7:19:bf:08:f4:20:d7:0f:e7:42:4a:76: ca:02:8e:0c:6d:b9:99:13:28:e7:cd:2d:c1:ff:91: b2:70:70:ab:2d:84:56:b0:15:82:90:c4:2e:2c:53: 51:d1:5e:b1:eb:b2:f0:2e:1e:1a:5e:10:1d:e0:a8: ba:f2:60:4e:c8:c4:08:ad:0d:29:17:3e:db:70:d8: 53:cb:09:c0:62:a0:d8:75:ea:37:60:30:ad:e2:8b: 63:88:11:20:b6:55:30:eb:63:4e:8b:37:c6:36:79: 09:75:44:75:95:84:21:c4:99:db:fe:f2:eb:72:b4: d0:05:19:0f:0b:68:8b:c2:f2:63:ef:98:38:a6:82: f4:77:13:3f:e3:5f:c9:da:e2:b7:00:4e:21:89:4e: 25:c8:7a:c6:20:05:c0:40:c0:7d:be:23:bf:ba:2e: 6f:07:9a:d2:07:c6:c2:fd:19:ac:44:a6:b7:0f:53: f2:64:32:05:bd:cb:2f:e8:0b:b9:1c:a9:c2:7f:53: 13:70:d8:a3:c1:89:49:52:cb:29:9d:d9:70:59:18: 2c:d8:9c:02:1b:01:e9:7d:ec:9f:c5:ae:1e:92:7a: 16:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:11:3F:27:36:E8:F7:12:5B:D7:D9:F3:A4:FD:66:DC:0B:C5:1E:A9 X509v3 Authority Key Identifier: keyid:29:5C:EF:87:CD:B7:4B:1A:43:28:7E:63:0C:3F:E5:68:27:2D:2F:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/295CEF87CDB74B1A43287E630C3FE568272D2F33.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/295CEF87CDB74B1A43287E630C3FE568272D2F33.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/187d79ba-fb55-49a5-967b-1edc749d0128/0/3232332e3133302e32302e302f32332d3234203d3e20313338313238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.130.20.0/23 Signature Algorithm: sha256WithRSAEncryption 5e:d0:13:3d:cc:ce:92:64:87:e5:8b:f4:f4:da:7e:96:11:ff: cc:04:7e:79:fd:7e:b9:75:87:62:f7:f4:ca:a1:e0:a8:e4:d3: 6b:f8:6c:60:28:cf:b4:dc:ec:fb:1e:42:1e:bf:bc:91:aa:4d: 19:b3:e8:ef:13:16:ee:e6:96:dd:fd:be:fa:13:37:21:95:25: 1b:0a:ae:ef:dd:36:ef:5b:7c:da:4c:ef:08:0d:77:23:9d:f7: b5:f5:a1:e2:2a:50:e8:b7:dd:5f:e1:55:ac:2d:c4:97:ea:97: 36:79:b8:dc:93:cc:20:43:9c:6e:57:ca:ae:7a:7a:3a:60:1d: 2a:4d:d5:e2:7b:3f:b8:1b:88:0b:a6:3d:e3:52:36:16:4a:89: 25:4d:40:0c:7c:65:dd:2e:9d:ab:e0:3d:f3:d5:7d:30:f4:5f: 4a:6f:dc:20:2d:cf:73:f1:cd:bc:26:59:b0:bf:68:2e:ec:97: a3:0a:68:29:b6:f7:3f:ad:e0:e3:ff:37:82:71:64:73:48:63: a7:74:a1:50:05:20:68:c0:96:95:e8:d0:8d:90:48:19:65:25: f1:b9:5f:fd:a5:0a:23:59:5a:98:9a:94:0f:78:03:26:be:42: b4:cf:45:83:4d:3d:94:1b:85:f8:d8:b9:65:0f:0e:4a:b5:f4: e3:29:11:69 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUBGx8+TdA1Oek6jSrLUVrdWALYrUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjk1Q0VGODdDREI3NEIxQTQzMjg3RTYzMEMzRkU1Njgy NzJEMkYzMzAeFw0yNjAzMDQwMzU4MjFaFw0yNzAzMDMwNDAzMjFaMDMxMTAvBgNV BAMTKEEzMTEzRjI3MzZFOEY3MTI1QkQ3RDlGM0E0RkQ2NkRDMEJDNTFFQTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWwc4GCoytm26AuczbJM8rJKnL ah6NrTsUGfYRnGvzGecZvwj0INcP50JKdsoCjgxtuZkTKOfNLcH/kbJwcKsthFaw FYKQxC4sU1HRXrHrsvAuHhpeEB3gqLryYE7IxAitDSkXPttw2FPLCcBioNh16jdg MK3ii2OIESC2VTDrY06LN8Y2eQl1RHWVhCHEmdv+8utytNAFGQ8LaIvC8mPvmDim gvR3Ez/jX8na4rcATiGJTiXIesYgBcBAwH2+I7+6Lm8HmtIHxsL9GaxEprcPU/Jk MgW9yy/oC7kcqcJ/UxNw2KPBiUlSyymd2XBZGCzYnAIbAel97J/Frh6SehbZAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUoxE/Jzbo9xJb19nzpP1m3AvFHqkwHwYDVR0j BBgwFoAUKVzvh823SxpDKH5jDD/laCctLzMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ODdkNzliYS1mYjU1LTQ5YTUtOTY3Yi0xZWRjNzQ5ZDAxMjgvMC8yOTVDRUY4N0NE Qjc0QjFBNDMyODdFNjMwQzNGRTU2ODI3MkQyRjMzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMjk1Q0VGODdDREI3NEIxQTQzMjg3RTYzMEMzRkU1NjgyNzJE MkYzMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4N2Q3OWJhLWZiNTUtNDlhNS05 NjdiLTFlZGM3NDlkMDEyOC8wLzMyMzIzMzJlMzEzMzMwMmUzMjMwMmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzMzM4MzEzMjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB34IUMA0GCSqG SIb3DQEBCwUAA4IBAQBe0BM9zM6SZIfli/T02n6WEf/MBH55/X65dYdi9/TKoeCo 5NNr+GxgKM+03Oz7HkIev7yRqk0Zs+jvExbu5pbd/b76EzchlSUbCq7v3TbvW3za TO8IDXcjnfe19aHiKlDot91f4VWsLcSX6pc2ebjck8wgQ5xuV8queno6YB0qTdXi ez+4G4gLpj3jUjYWSoklTUAMfGXdLp2r4D3z1X0w9F9Kb9wgLc9z8c28Jlmwv2gu 7JejCmgptvc/reDj/zeCcWRzSGOndKFQBSBowJaV6NCNkEgZZSXxuV/9pQojWVqY mpQPeAMmvkK0z0WDTT2UG4X42LllDw5KtfTjKRFp -----END CERTIFICATE-----Generated at Thu Mar 26 18:09:21 2026 by rpki-client