$ rpki-client -vvf repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa File: 3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa (raw, json) Hash identifier: oUnLaY5QLKq7msdrsSjPpVYbhTetk+RaEux8Uav3LJk= Subject key identifier: BD:6A:2D:F1:5A:79:74:A1:04:E1:7D:A6:1C:59:4D:3A:D1:56:C4:3B Certificate issuer: /CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Certificate serial: 01AFC71F6A42BCD568948B4A6F0132F41ED8C6D6 Authority key identifier: 2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa Signing time: Tue 17 Mar 2026 10:00:00 +0000 ROA not before: Tue 17 Mar 2026 09:55:00 +0000 ROA not after: Tue 16 Mar 2027 10:00:00 +0000 asID: 138089 IP address blocks: 157.20.244.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:04:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:af:c7:1f:6a:42:bc:d5:68:94:8b:4a:6f:01:32:f4:1e:d8:c6:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ADDD4035173FAC3BB3949CB36CCEF2553798BFC Validity Not Before: Mar 17 09:55:00 2026 GMT Not After : Mar 16 10:00:00 2027 GMT Subject: CN=BD6A2DF15A7974A104E17DA61C594D3AD156C43B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:b4:74:03:0a:6a:48:73:db:b4:73:06:64:da: 20:92:97:0d:8b:ab:d6:fc:c5:2b:ca:4d:3e:88:da: 91:63:8d:6c:a7:b5:36:39:3b:61:a7:8f:3d:c8:59: 06:4c:28:04:5f:0e:28:f4:d6:60:9c:a9:ae:cb:69: 82:e4:12:76:15:bc:93:e3:62:0b:a2:22:61:ec:2d: 28:14:c6:82:22:7e:8c:02:0c:42:d5:56:92:e6:05: 7e:d2:3f:0c:42:53:e3:8b:12:b7:96:c1:17:4e:bf: 96:16:9a:da:58:28:03:ad:01:5b:64:07:de:e7:37: 46:75:da:ab:82:f1:da:d6:d0:9a:b0:34:9e:f1:96: 63:a8:c2:18:25:f7:90:65:e3:1f:37:82:0e:b2:b5: 00:97:12:fb:d3:17:1c:a0:6d:e2:ac:55:47:9f:13: ea:51:b4:e6:10:39:8d:55:42:98:64:1a:cd:3d:a9: 77:5a:90:ca:53:10:23:ff:84:9a:eb:62:62:13:e3: e8:8f:66:07:c8:ba:ae:dd:1b:bd:5d:e9:e3:20:86: 1d:a9:4d:91:3e:6c:ee:c7:c1:a9:e7:e9:a8:d1:89: a5:b3:cb:12:31:b5:d5:b1:28:13:1a:92:e5:ae:ad: 2a:5b:a3:6b:9a:63:51:11:82:0d:c3:53:00:ef:85: ad:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:6A:2D:F1:5A:79:74:A1:04:E1:7D:A6:1C:59:4D:3A:D1:56:C4:3B X509v3 Authority Key Identifier: keyid:2A:DD:D4:03:51:73:FA:C3:BB:39:49:CB:36:CC:EF:25:53:79:8B:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/2ADDD4035173FAC3BB3949CB36CCEF2553798BFC.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/3135372e32302e3234342e302f32342d3234203d3e20313338303839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.244.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:d2:15:18:b4:33:f0:26:a5:39:fb:cd:4b:0a:0f:89:d5:e4: 43:46:10:c9:30:7a:3b:c1:21:ad:0f:c9:3e:c2:c0:f3:5c:fc: 5e:68:41:fb:28:a9:41:0e:2d:bb:32:14:ab:0e:fd:be:8c:6d: 3e:e9:e5:44:fc:e4:66:32:f3:5d:b5:13:3e:85:bd:52:e1:cc: 93:03:a6:8b:46:f4:e1:10:6e:97:c9:7c:ae:2f:fe:6d:e9:b4: 24:99:e0:7e:fa:dc:cc:9d:b5:55:16:03:85:3a:90:35:99:fa: 19:95:55:59:20:21:2b:74:24:c4:cb:9d:37:71:4f:ac:a3:b4: a3:db:85:77:74:5b:aa:d2:43:65:54:b1:0f:17:08:d2:bb:b5: 67:63:f6:e4:d4:21:a1:82:c4:6b:87:96:f2:b9:cd:a4:39:3f: 69:fb:fd:92:51:31:0a:78:89:4f:8a:13:11:c5:71:9a:42:e1: 97:92:9f:60:78:aa:2f:7e:88:2c:21:e0:19:27:9c:da:94:f1: 5e:89:69:b1:79:b7:5f:5b:a6:e2:ff:f4:1a:4b:b6:7f:a2:e7: b5:c0:d4:37:ce:ed:9d:99:a0:38:af:32:38:8b:12:8e:b1:c6: 40:22:9d:6f:b7:2f:93:67:3c:43:bf:c1:38:bc:03:67:56:cb: 78:59:2c:74 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUAa/HH2pCvNVolItKbwEy9B7YxtYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1 Mzc5OEJGQzAeFw0yNjAzMTcwOTU1MDBaFw0yNzAzMTYxMDAwMDBaMDMxMTAvBgNV BAMTKEJENkEyREYxNUE3OTc0QTEwNEUxN0RBNjFDNTk0RDNBRDE1NkM0M0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3tHQDCmpIc9u0cwZk2iCSlw2L q9b8xSvKTT6I2pFjjWyntTY5O2Gnjz3IWQZMKARfDij01mCcqa7LaYLkEnYVvJPj YguiImHsLSgUxoIifowCDELVVpLmBX7SPwxCU+OLEreWwRdOv5YWmtpYKAOtAVtk B97nN0Z12quC8drW0JqwNJ7xlmOowhgl95Bl4x83gg6ytQCXEvvTFxygbeKsVUef E+pRtOYQOY1VQphkGs09qXdakMpTECP/hJrrYmIT4+iPZgfIuq7dG71d6eMghh2p TZE+bO7Hwann6ajRiaWzyxIxtdWxKBMakuWurSpbo2uaY1ERgg3DUwDvha03AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUvWot8Vp5dKEE4X2mHFlNOtFWxDswHwYDVR0j BBgwFoAUKt3UA1Fz+sO7OUnLNszvJVN5i/wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ODY3YTJlZS1kNDExLTRmZjgtOWY1Yy0zNWQwMzQxMjNmODQvMC8yQURERDQwMzUx NzNGQUMzQkIzOTQ5Q0IzNkNDRUYyNTUzNzk4QkZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMkFEREQ0MDM1MTczRkFDM0JCMzk0OUNCMzZDQ0VGMjU1Mzc5 OEJGQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI4NjdhMmVlLWQ0MTEtNGZmOC05 ZjVjLTM1ZDAzNDEyM2Y4NC8wLzMxMzUzNzJlMzIzMDJlMzIzNDM0MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT0MA0GCSqG SIb3DQEBCwUAA4IBAQBb0hUYtDPwJqU5+81LCg+J1eRDRhDJMHo7wSGtD8k+wsDz XPxeaEH7KKlBDi27MhSrDv2+jG0+6eVE/ORmMvNdtRM+hb1S4cyTA6aLRvThEG6X yXyuL/5t6bQkmeB++tzMnbVVFgOFOpA1mfoZlVVZICErdCTEy503cU+so7Sj24V3 dFuq0kNlVLEPFwjSu7VnY/bk1CGhgsRrh5byuc2kOT9p+/2SUTEKeIlPihMRxXGa QuGXkp9geKovfogsIeAZJ5zalPFeiWmxebdfW6bi//QaS7Z/oue1wNQ3zu2dmaA4 rzI4ixKOscZAIp1vty+TZzxDv8E4vANnVst4WSx0 -----END CERTIFICATE-----Generated at Thu Mar 26 18:25:38 2026 by rpki-client