$ rpki-client -vvf repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/3130332e3136332e3234302e302f32342d3234203d3e20313431383837.roa File: 3130332e3136332e3234302e302f32342d3234203d3e20313431383837.roa (raw, json) Hash identifier: +teKINZvaHmO1Q+Kg4FSm38760XvHDKTZ7byNyW4UzY= Subject key identifier: 85:C7:45:E0:C4:C3:65:E0:3A:6D:DA:C2:DB:A2:C8:52:56:B7:65:B5 Certificate issuer: /CN=DB3705DEAC1CB7212393B7021AB671BD8699FE9B Certificate serial: 69F8D92D0DBC7690F11ED70D96DEDFA0CD911FAD Authority key identifier: DB:37:05:DE:AC:1C:B7:21:23:93:B7:02:1A:B6:71:BD:86:99:FE:9B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/3130332e3136332e3234302e302f32342d3234203d3e20313431383837.roa Signing time: Mon 22 Sep 2025 11:50:36 +0000 ROA not before: Mon 22 Sep 2025 11:45:36 +0000 ROA not after: Mon 21 Sep 2026 11:50:36 +0000 asID: 141887 IP address blocks: 103.163.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.crl rsync://repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 00:30:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:f8:d9:2d:0d:bc:76:90:f1:1e:d7:0d:96:de:df:a0:cd:91:1f:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DB3705DEAC1CB7212393B7021AB671BD8699FE9B Validity Not Before: Sep 22 11:45:36 2025 GMT Not After : Sep 21 11:50:36 2026 GMT Subject: CN=85C745E0C4C365E03A6DDAC2DBA2C85256B765B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:07:e7:ca:6a:18:6f:39:75:90:72:f3:06:b8: 8a:cd:34:df:3e:da:a8:55:a1:97:da:5a:7e:c0:05: 1d:29:29:db:5f:4d:f9:3e:0f:b8:cd:51:df:6d:8a: 2b:9e:da:c6:c6:1f:9e:3b:01:f0:4f:a0:67:1a:3d: d2:67:9c:cb:41:f4:53:81:3c:97:52:3d:ed:49:8d: 11:ed:e5:6e:e0:a7:25:36:fd:8c:07:41:38:18:6f: 84:ea:88:18:36:e0:5f:27:3e:01:2f:ac:4d:aa:67: 78:88:fd:46:b9:35:66:af:c1:5f:81:ff:27:81:91: 23:8b:05:38:4e:3a:2d:ac:3c:10:50:00:ec:e7:52: 7b:d1:13:7e:b0:11:b4:8c:9b:71:ed:24:81:14:90: b9:b4:3a:11:0c:21:61:d4:59:7c:6c:9c:18:9b:fe: 0c:b2:8d:f9:f7:b6:de:71:ff:80:f8:24:a0:b4:26: 2e:62:5d:43:ee:5e:6d:73:37:e7:6b:6a:37:81:b3: 38:0a:b0:d4:75:75:65:4c:48:f5:49:41:a1:f1:82: 4d:44:18:c3:b1:3d:c9:d7:fd:2b:3a:1d:12:28:0d: 72:3b:69:9b:ac:b1:37:cc:ce:af:86:e1:c8:a8:24: 0c:75:ab:4c:20:14:f1:ce:a4:18:79:8f:a7:0f:0e: cc:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:C7:45:E0:C4:C3:65:E0:3A:6D:DA:C2:DB:A2:C8:52:56:B7:65:B5 X509v3 Authority Key Identifier: keyid:DB:37:05:DE:AC:1C:B7:21:23:93:B7:02:1A:B6:71:BD:86:99:FE:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DB3705DEAC1CB7212393B7021AB671BD8699FE9B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3c5b785d-8303-45c5-9a58-ec1288740866/0/3130332e3136332e3234302e302f32342d3234203d3e20313431383837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.163.240.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:99:26:5d:cd:46:33:c6:a0:48:f5:15:01:28:29:f3:d6:9e: 5e:c7:4e:f8:f0:ea:ce:ef:98:1a:f8:81:97:59:27:7f:4e:f7: 60:55:6a:92:ff:a0:aa:b8:28:9e:72:c8:27:03:6b:ba:0b:62: 2b:9b:ca:fc:32:63:75:a1:b6:f7:ec:bd:60:3a:a3:9a:fa:c5: 6b:21:8d:3a:77:e8:47:18:60:f9:00:8f:e0:84:bc:36:4a:e9: 25:9c:8d:35:88:96:d3:e8:b7:b1:ac:d1:ae:61:c9:c9:f1:3a: c4:c0:cf:95:b6:31:96:d1:8d:2d:c9:c9:a9:1f:0a:f9:52:10: b8:2c:f8:60:9c:61:72:4e:c7:ea:ee:fa:81:86:40:38:03:0c: 67:8d:ac:35:5c:e7:00:5d:47:23:84:17:22:51:7c:44:a5:67: 0c:ca:99:b3:8c:70:62:28:b3:e2:19:92:3b:cf:db:20:53:7b: 58:a5:cb:93:c4:0c:86:10:ff:0f:b3:1d:4e:94:93:c3:87:a8: 48:e4:6e:6e:6a:93:2f:f5:a1:28:48:c2:c4:4a:74:0a:3b:a5: ce:ca:76:5a:9a:ea:ac:e4:7e:15:37:f4:ec:62:f6:b4:06:a3: 9b:87:f6:b5:34:f2:89:2a:ad:62:7a:71:31:e5:23:64:4f:03: 05:52:66:93 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUafjZLQ28dpDxHtcNlt7foM2RH60wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREIzNzA1REVBQzFDQjcyMTIzOTNCNzAyMUFCNjcxQkQ4 Njk5RkU5QjAeFw0yNTA5MjIxMTQ1MzZaFw0yNjA5MjExMTUwMzZaMDMxMTAvBgNV BAMTKDg1Qzc0NUUwQzRDMzY1RTAzQTZEREFDMkRCQTJDODUyNTZCNzY1QjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+B+fKahhvOXWQcvMGuIrNNN8+ 2qhVoZfaWn7ABR0pKdtfTfk+D7jNUd9tiiue2sbGH547AfBPoGcaPdJnnMtB9FOB PJdSPe1JjRHt5W7gpyU2/YwHQTgYb4TqiBg24F8nPgEvrE2qZ3iI/Ua5NWavwV+B /yeBkSOLBThOOi2sPBBQAOznUnvRE36wEbSMm3HtJIEUkLm0OhEMIWHUWXxsnBib /gyyjfn3tt5x/4D4JKC0Ji5iXUPuXm1zN+drajeBszgKsNR1dWVMSPVJQaHxgk1E GMOxPcnX/Ss6HRIoDXI7aZussTfMzq+G4cioJAx1q0wgFPHOpBh5j6cPDswtAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUhcdF4MTDZeA6bdrC26LIUla3ZbUwHwYDVR0j BBgwFoAU2zcF3qwctyEjk7cCGrZxvYaZ/pswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YzViNzg1ZC04MzAzLTQ1YzUtOWE1OC1lYzEyODg3NDA4NjYvMC9EQjM3MDVERUFD MUNCNzIxMjM5M0I3MDIxQUI2NzFCRDg2OTlGRTlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREIzNzA1REVBQzFDQjcyMTIzOTNCNzAyMUFCNjcxQkQ4Njk5 RkU5Qi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjNWI3ODVkLTgzMDMtNDVjNS05 YTU4LWVjMTI4ODc0MDg2Ni8wLzMxMzAzMzJlMzEzNjMzMmUzMjM0MzAyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzODM4Mzcucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABno/AwDQYJ KoZIhvcNAQELBQADggEBAHqZJl3NRjPGoEj1FQEoKfPWnl7HTvjw6s7vmBr4gZdZ J39O92BVapL/oKq4KJ5yyCcDa7oLYiubyvwyY3WhtvfsvWA6o5r6xWshjTp36EcY YPkAj+CEvDZK6SWcjTWIltPot7Gs0a5hycnxOsTAz5W2MZbRjS3JyakfCvlSELgs +GCcYXJOx+ru+oGGQDgDDGeNrDVc5wBdRyOEFyJRfESlZwzKmbOMcGIos+IZkjvP 2yBTe1ily5PEDIYQ/w+zHU6Uk8OHqEjkbm5qky/1oShIwsRKdAo7pc7Kdlqa6qzk fhU39Oxi9rQGo5uH9rU08okqrWJ6cTHlI2RPAwVSZpM= -----END CERTIFICATE-----Generated at Tue Oct 21 05:31:55 2025 by rpki-client