$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136302e302f32302d3230203d3e203633383539.roa File: 3135382e3134302e3136302e302f32302d3230203d3e203633383539.roa (raw, json) Hash identifier: m/egxougGYoSKSnQwcP4flLf33HxxxjFA3wYWoiIz10= Subject key identifier: A2:3A:DA:AC:0E:6B:ED:A4:24:A3:0C:F0:7C:97:43:0A:98:D0:3A:33 Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 23ED1443EB498471D0D8CC1F4D6DD97AC5E755E7 Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136302e302f32302d3230203d3e203633383539.roa Signing time: Fri 26 Sep 2025 06:02:25 +0000 ROA not before: Fri 26 Sep 2025 05:57:25 +0000 ROA not after: Fri 25 Sep 2026 06:02:25 +0000 asID: 63859 IP address blocks: 158.140.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 08:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:ed:14:43:eb:49:84:71:d0:d8:cc:1f:4d:6d:d9:7a:c5:e7:55:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Sep 26 05:57:25 2025 GMT Not After : Sep 25 06:02:25 2026 GMT Subject: CN=A23ADAAC0E6BEDA424A30CF07C97430A98D03A33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:de:02:f5:8c:59:07:a6:5d:ff:16:cd:ab:71: 80:c8:9f:51:ec:15:7e:b1:3b:48:b3:b8:64:1e:ee: c7:0b:c0:6d:85:90:13:88:f3:4e:ec:a4:dd:1a:b9: b9:2b:2d:0b:08:29:9b:62:06:64:df:34:3b:92:f8: 5c:97:05:88:22:fa:f8:23:9d:79:a5:7c:98:1f:fc: f7:5d:56:f3:f2:c9:7e:8e:45:20:ac:91:08:13:e0: 6c:58:a8:4a:db:4b:67:f9:ce:4d:fb:79:10:01:44: d1:a1:e8:c9:32:3b:36:5f:28:17:2b:63:70:02:6c: 1b:da:71:2d:a9:e5:5b:2b:0d:25:c8:cc:4f:de:17: 5c:ce:20:83:20:d2:a4:62:7f:8c:bd:25:af:ea:a2: 38:de:2f:86:57:5b:a4:b1:a8:f9:ed:77:dd:6d:50: 32:41:78:d0:d8:34:85:d3:82:04:ee:f9:36:92:35: 2a:81:78:0c:b4:26:93:2e:17:da:55:f2:db:11:2f: 23:41:07:c7:5f:9c:e5:45:a3:d5:f9:fd:e8:15:ea: b0:51:94:d8:6e:9b:19:cc:56:98:ad:d6:f0:d2:df: 6b:5f:18:75:71:59:a0:cd:fb:2a:d7:c6:9d:89:aa: 55:f9:d8:ab:79:dc:fb:9d:db:0e:0d:e1:a5:91:a6: 6d:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:3A:DA:AC:0E:6B:ED:A4:24:A3:0C:F0:7C:97:43:0A:98:D0:3A:33 X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136302e302f32302d3230203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.160.0/20 Signature Algorithm: sha256WithRSAEncryption 95:27:87:18:79:e6:a0:1d:d0:96:53:30:43:e4:82:ae:65:08: fd:fd:32:7d:67:31:9b:29:a5:7c:9f:f7:f8:45:e4:3c:0b:f0: 50:a3:7a:27:5b:d1:56:b8:31:a1:9c:94:88:70:1c:3c:bc:ea: 8f:a0:89:c6:95:ed:0d:99:64:e8:78:55:55:bd:a5:91:15:42: 6b:ef:cb:6a:10:62:d9:89:a6:76:cf:35:9d:c7:5a:6a:7f:2c: a8:10:b9:81:54:97:fc:af:29:3c:d5:10:89:46:d8:fb:68:85: cf:70:dc:fc:2d:e4:43:97:b2:e7:90:28:60:1f:1c:4d:45:d9: 00:a7:d0:d4:85:6b:90:ae:db:2a:aa:dd:c3:70:56:8a:99:1b: 8a:e3:7a:93:ae:45:5a:0b:70:8a:bc:cd:bc:58:14:39:17:0b: 7b:ef:ea:22:ed:54:a3:ca:50:f9:9c:40:a9:f5:87:23:df:f7: 69:0e:ec:8b:9a:77:a6:de:f7:9b:1a:cd:39:db:c9:18:ef:c2: 74:10:dd:d3:43:d4:18:ed:eb:19:53:3c:2b:9d:5c:52:12:15: 2f:a6:bf:a9:73:0d:e6:ff:63:02:b4:b1:fb:f9:00:5e:23:85: 6c:05:fe:c2:87:1f:35:d8:f7:25:89:86:18:92:93:10:ad:a8: c0:b0:5b:b2 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUI+0UQ+tJhHHQ2MwfTW3ZesXnVecwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNTA5MjYwNTU3MjVaFw0yNjA5MjUwNjAyMjVaMDMxMTAvBgNV BAMTKEEyM0FEQUFDMEU2QkVEQTQyNEEzMENGMDdDOTc0MzBBOThEMDNBMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX3gL1jFkHpl3/Fs2rcYDIn1Hs FX6xO0izuGQe7scLwG2FkBOI807spN0aubkrLQsIKZtiBmTfNDuS+FyXBYgi+vgj nXmlfJgf/PddVvPyyX6ORSCskQgT4GxYqErbS2f5zk37eRABRNGh6MkyOzZfKBcr Y3ACbBvacS2p5VsrDSXIzE/eF1zOIIMg0qRif4y9Ja/qojjeL4ZXW6SxqPntd91t UDJBeNDYNIXTggTu+TaSNSqBeAy0JpMuF9pV8tsRLyNBB8dfnOVFo9X5/egV6rBR lNhumxnMVpit1vDS32tfGHVxWaDN+yrXxp2JqlX52Kt53Pud2w4N4aWRpm2rAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUojrarA5r7aQkowzwfJdDCpjQOjMwHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM2MzAyZTMwMmYz MjMwMmQzMjMwMjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnoygMA0GCSqG SIb3DQEBCwUAA4IBAQCVJ4cYeeagHdCWUzBD5IKuZQj9/TJ9ZzGbKaV8n/f4ReQ8 C/BQo3onW9FWuDGhnJSIcBw8vOqPoInGle0NmWToeFVVvaWRFUJr78tqEGLZiaZ2 zzWdx1pqfyyoELmBVJf8ryk81RCJRtj7aIXPcNz8LeRDl7LnkChgHxxNRdkAp9DU hWuQrtsqqt3DcFaKmRuK43qTrkVaC3CKvM28WBQ5Fwt77+oi7VSjylD5nECp9Ycj 3/dpDuyLmnem3vebGs0528kY78J0EN3TQ9QY7esZUzwrnVxSEhUvpr+pcw3m/2MC tLH7+QBeI4VsBf7Chx812PcliYYYkpMQrajAsFuy -----END CERTIFICATE-----Generated at Mon Oct 20 19:04:24 2025 by rpki-client