$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32312d3231203d3e203633383539.roa File: 3135382e3134302e3137362e302f32312d3231203d3e203633383539.roa (raw, json) Hash identifier: 9kcnPx/ZSmrEGG26gLxLOCQqjBWy2zRGdc2qERhjnd0= Subject key identifier: 26:41:D6:9C:F9:EC:7D:FE:E7:69:B3:DD:D9:F1:9E:16:0A:B2:0E:A1 Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 59189058AEDEA5604746206C35962775F8480D0F Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32312d3231203d3e203633383539.roa Signing time: Fri 26 Sep 2025 06:02:25 +0000 ROA not before: Fri 26 Sep 2025 05:57:25 +0000 ROA not after: Fri 25 Sep 2026 06:02:25 +0000 asID: 63859 IP address blocks: 158.140.176.0/21 maxlen: 21 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 08:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:18:90:58:ae:de:a5:60:47:46:20:6c:35:96:27:75:f8:48:0d:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Sep 26 05:57:25 2025 GMT Not After : Sep 25 06:02:25 2026 GMT Subject: CN=2641D69CF9EC7DFEE769B3DDD9F19E160AB20EA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:8e:34:8f:ee:7e:c0:c4:e4:14:43:59:61:d3: 72:55:35:34:48:a2:00:72:ff:a0:3a:ca:a1:b2:97: 24:55:ca:bd:b7:bc:01:97:7a:24:7c:4e:38:99:31: ab:09:20:6b:c9:3d:ab:de:81:7b:8d:a4:77:6a:fc: b3:2a:54:a2:3e:1e:a1:51:31:9f:3a:cb:f3:a4:00: de:95:04:24:54:e8:c0:68:3e:6b:c8:38:52:75:79: ec:7b:40:7d:04:a8:39:47:5b:58:24:ee:b5:7c:78: e8:9b:55:2b:3d:51:6f:e6:06:db:22:6d:0c:c6:a9: 3a:8b:e7:8e:d3:38:68:53:8b:e9:75:e9:fa:32:28: 24:c5:39:6d:be:d9:03:ab:07:3c:27:a9:47:58:42: ec:68:7a:9d:1d:4e:b6:3e:89:53:e2:60:ca:a2:d3: ef:e7:be:1b:c2:11:55:48:47:fb:68:71:51:8c:ee: 0f:46:7f:c3:ae:3f:92:79:e8:51:92:fe:24:ed:ea: a3:bc:c4:c2:1d:75:15:97:ba:78:d3:2f:fb:06:f9: 33:e7:19:d4:9a:0a:53:0f:7f:a5:87:bb:e3:90:95: 44:78:ed:97:90:cd:ce:15:26:b7:19:7f:93:62:fb: f5:07:7d:58:97:48:5b:0a:05:4b:67:85:2d:46:1a: 59:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:41:D6:9C:F9:EC:7D:FE:E7:69:B3:DD:D9:F1:9E:16:0A:B2:0E:A1 X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32312d3231203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.176.0/21 Signature Algorithm: sha256WithRSAEncryption 1c:46:a3:a3:f9:ae:7b:b8:55:a0:69:88:89:ae:e9:e0:e3:17: b0:a3:3e:4e:9f:ce:49:e8:40:55:9c:c5:68:5a:de:eb:bc:bc: 78:cc:f4:f1:03:8e:be:a4:49:4b:ae:f1:86:ab:1f:65:86:57: bc:e5:3e:6a:52:bb:cb:01:02:cd:db:3b:24:08:22:a7:97:57: b1:39:f4:67:db:af:6d:dc:87:2c:23:02:da:b8:31:ef:5c:32: 35:38:4e:a6:1b:c7:5b:52:e4:6b:1a:3a:53:0e:5c:0a:0a:d4: cc:87:7d:28:ab:d4:93:a0:23:ce:64:40:18:2c:50:dd:2d:00: 48:26:59:98:27:a5:c4:de:89:37:5f:ac:b5:69:4b:e9:c0:93: 6b:0b:98:1e:ce:ba:3d:6b:27:17:82:da:20:f9:84:fe:67:c6: 71:fd:41:88:7d:b0:b1:f4:95:f3:e7:13:de:d5:fc:d7:96:9e: 1c:4c:30:ee:39:a2:be:71:fe:c8:5c:b2:a3:d5:45:df:3d:86: 22:e1:00:0d:18:2d:5d:ac:dd:05:b4:84:fc:2e:e7:81:7d:02: 79:69:cf:e5:d3:6d:35:8d:16:bb:a3:b6:a3:7a:8e:9d:17:24: c9:02:26:a7:d8:bf:8f:79:47:eb:15:8b:41:56:2d:40:58:79: 27:5f:ea:a3 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUWRiQWK7epWBHRiBsNZYndfhIDQ8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNTA5MjYwNTU3MjVaFw0yNjA5MjUwNjAyMjVaMDMxMTAvBgNV BAMTKDI2NDFENjlDRjlFQzdERkVFNzY5QjNEREQ5RjE5RTE2MEFCMjBFQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8jjSP7n7AxOQUQ1lh03JVNTRI ogBy/6A6yqGylyRVyr23vAGXeiR8TjiZMasJIGvJPavegXuNpHdq/LMqVKI+HqFR MZ86y/OkAN6VBCRU6MBoPmvIOFJ1eex7QH0EqDlHW1gk7rV8eOibVSs9UW/mBtsi bQzGqTqL547TOGhTi+l16foyKCTFOW2+2QOrBzwnqUdYQuxoep0dTrY+iVPiYMqi 0+/nvhvCEVVIR/tocVGM7g9Gf8OuP5J56FGS/iTt6qO8xMIddRWXunjTL/sG+TPn GdSaClMPf6WHu+OQlUR47ZeQzc4VJrcZf5Ni+/UHfViXSFsKBUtnhS1GGllDAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUJkHWnPnsff7nabPd2fGeFgqyDqEwHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM3MzYyZTMwMmYz MjMxMmQzMjMxMjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnoywMA0GCSqG SIb3DQEBCwUAA4IBAQAcRqOj+a57uFWgaYiJrung4xewoz5On85J6EBVnMVoWt7r vLx4zPTxA46+pElLrvGGqx9lhle85T5qUrvLAQLN2zskCCKnl1exOfRn269t3Ics IwLauDHvXDI1OE6mG8dbUuRrGjpTDlwKCtTMh30oq9SToCPOZEAYLFDdLQBIJlmY J6XE3ok3X6y1aUvpwJNrC5gezro9aycXgtog+YT+Z8Zx/UGIfbCx9JXz5xPe1fzX lp4cTDDuOaK+cf7IXLKj1UXfPYYi4QANGC1drN0FtIT8LueBfQJ5ac/l0201jRa7 o7ajeo6dFyTJAian2L+PeUfrFYtBVi1AWHknX+qj -----END CERTIFICATE-----Generated at Mon Oct 20 07:56:45 2025 by rpki-client