$ rpki-client -vvf repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/3130332e31302e3134382e302f32322d3234203d3e20313336313032.roa File: 3130332e31302e3134382e302f32322d3234203d3e20313336313032.roa (raw, json) Hash identifier: YsAypY99u2UNps3UuTssVcjcS3FU5EYzwPP14rlgcWs= Subject key identifier: 5B:ED:5F:E6:5C:7A:B1:27:AF:E0:C9:EE:3D:6C:4E:FF:1F:E6:78:88 Certificate issuer: /CN=5F1EC0378C7B3A8912CA32E382D2C083E173E71C Certificate serial: 7D87D02286BAAF7F0BE95FC07DE942CEC7FA2E9B Authority key identifier: 5F:1E:C0:37:8C:7B:3A:89:12:CA:32:E3:82:D2:C0:83:E1:73:E7:1C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/3130332e31302e3134382e302f32322d3234203d3e20313336313032.roa Signing time: Fri 27 Jun 2025 08:03:13 +0000 ROA not before: Fri 27 Jun 2025 07:58:13 +0000 ROA not after: Fri 26 Jun 2026 08:03:13 +0000 asID: 136102 IP address blocks: 103.10.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.crl rsync://repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 03:42:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:87:d0:22:86:ba:af:7f:0b:e9:5f:c0:7d:e9:42:ce:c7:fa:2e:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5F1EC0378C7B3A8912CA32E382D2C083E173E71C Validity Not Before: Jun 27 07:58:13 2025 GMT Not After : Jun 26 08:03:13 2026 GMT Subject: CN=5BED5FE65C7AB127AFE0C9EE3D6C4EFF1FE67888 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e7:b4:5a:e4:cd:c8:a9:6c:e8:7e:b5:6b:42: 6c:b8:3c:1d:f5:92:65:36:02:c4:50:84:f2:02:23: ef:1f:11:f8:c5:f3:8e:87:c8:54:d0:71:3c:9d:60: bc:99:ce:7d:33:69:23:40:00:1f:e6:7f:eb:3a:70: 89:af:4d:52:1f:4c:56:2a:e0:f4:8f:4f:4a:b4:41: ea:48:ce:c1:e9:9d:16:42:ba:a3:26:15:7b:63:c6: f2:26:80:eb:a3:93:96:4a:d1:e3:9e:67:65:1a:1c: 4e:62:57:3d:6c:5c:9b:4c:9b:ea:bf:21:0d:d5:97: 5f:0d:9a:d4:b3:ae:d0:3e:30:80:2b:f5:8a:88:5f: 44:35:06:7f:6a:c7:65:9b:16:8c:d0:eb:0f:80:94: 4c:81:8a:8d:8f:ea:18:b7:ff:c1:e7:6f:cc:60:ef: 3f:c1:8f:cf:18:c1:4c:b7:86:46:3e:50:a6:d7:0a: 19:1b:e5:ed:c2:70:af:1e:3f:70:41:53:1a:c3:14: e0:09:f5:9e:ac:f7:a6:6b:fe:c0:2a:b3:30:88:42: b0:a4:a7:4d:fa:7e:48:14:2c:ef:03:1b:4d:2a:1d: 7a:e0:a2:ed:b5:bc:00:cd:3e:8b:a6:49:23:04:44: 28:f0:f6:29:f8:48:d0:3c:37:54:cc:1f:13:9a:f8: 2d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:ED:5F:E6:5C:7A:B1:27:AF:E0:C9:EE:3D:6C:4E:FF:1F:E6:78:88 X509v3 Authority Key Identifier: keyid:5F:1E:C0:37:8C:7B:3A:89:12:CA:32:E3:82:D2:C0:83:E1:73:E7:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5F1EC0378C7B3A8912CA32E382D2C083E173E71C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4402daa5-fb0c-4a24-9889-33bd50db4fe0/0/3130332e31302e3134382e302f32322d3234203d3e20313336313032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.10.148.0/22 Signature Algorithm: sha256WithRSAEncryption 35:7e:ea:58:f9:09:ac:d8:bc:e7:ee:6e:29:6a:d8:41:58:f8: 20:41:53:4d:73:04:ba:f0:95:b5:6d:3b:c3:71:f7:46:00:04: 43:01:cf:a4:76:4a:25:ad:3f:4a:e7:4c:37:5e:35:5e:f3:98: eb:8e:4e:f2:2a:84:71:ca:ba:04:94:4b:d8:e8:be:b2:c4:97: ab:fe:60:9b:85:4a:16:72:fa:de:a0:82:ac:ff:2e:fb:ca:53: ef:14:f6:36:9b:3a:5d:e0:c6:2e:19:db:1a:2c:62:36:56:89: 24:2a:17:5c:fa:d4:bf:fa:0c:5c:da:9a:12:6f:00:b1:40:41: f6:8b:e1:9c:b2:fa:c5:98:9d:c6:d3:f8:07:69:87:9c:0b:30: 18:1f:3f:8a:af:fd:34:ee:5f:85:fd:66:c2:fb:4f:5c:99:da: 5e:96:a2:05:dc:66:c2:9f:5c:d9:75:cf:8a:99:5a:a9:11:f8: 39:f6:44:ea:48:b9:4f:70:d1:13:d2:6c:6e:8a:3c:91:74:bf: 71:c0:83:d2:fe:ac:47:1d:1a:06:6d:34:ba:d4:1f:02:05:65: d0:a7:f0:7d:ba:9c:64:c4:f2:0b:89:07:1f:b9:5e:47:63:61: 86:19:37:2a:54:e0:0c:82:8d:f5:fb:82:f0:04:1c:56:c5:26: f1:73:de:32 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUfYfQIoa6r38L6V/AfelCzsf6LpswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUYxRUMwMzc4QzdCM0E4OTEyQ0EzMkUzODJEMkMwODNF MTczRTcxQzAeFw0yNTA2MjcwNzU4MTNaFw0yNjA2MjYwODAzMTNaMDMxMTAvBgNV BAMTKDVCRUQ1RkU2NUM3QUIxMjdBRkUwQzlFRTNENkM0RUZGMUZFNjc4ODgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP57Ra5M3IqWzofrVrQmy4PB31 kmU2AsRQhPICI+8fEfjF846HyFTQcTydYLyZzn0zaSNAAB/mf+s6cImvTVIfTFYq 4PSPT0q0QepIzsHpnRZCuqMmFXtjxvImgOujk5ZK0eOeZ2UaHE5iVz1sXJtMm+q/ IQ3Vl18NmtSzrtA+MIAr9YqIX0Q1Bn9qx2WbFozQ6w+AlEyBio2P6hi3/8Hnb8xg 7z/Bj88YwUy3hkY+UKbXChkb5e3CcK8eP3BBUxrDFOAJ9Z6s96Zr/sAqszCIQrCk p036fkgULO8DG00qHXrgou21vADNPoumSSMERCjw9in4SNA8N1TMHxOa+C2/AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUW+1f5lx6sSev4MnuPWxO/x/meIgwHwYDVR0j BBgwFoAUXx7AN4x7OokSyjLjgtLAg+Fz5xwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDAyZGFhNS1mYjBjLTRhMjQtOTg4OS0zM2JkNTBkYjRmZTAvMC81RjFFQzAzNzhD N0IzQTg5MTJDQTMyRTM4MkQyQzA4M0UxNzNFNzFDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUYxRUMwMzc4QzdCM0E4OTEyQ0EzMkUzODJEMkMwODNFMTcz RTcxQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ0MDJkYWE1LWZiMGMtNGEyNC05 ODg5LTMzYmQ1MGRiNGZlMC8wLzMxMzAzMzJlMzEzMDJlMzEzNDM4MmUzMDJmMzIz MjJkMzIzNDIwM2QzZTIwMzEzMzM2MzEzMDMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZwqUMA0GCSqG SIb3DQEBCwUAA4IBAQA1fupY+Qms2Lzn7m4pathBWPggQVNNcwS68JW1bTvDcfdG AARDAc+kdkolrT9K50w3XjVe85jrjk7yKoRxyroElEvY6L6yxJer/mCbhUoWcvre oIKs/y77ylPvFPY2mzpd4MYuGdsaLGI2VokkKhdc+tS/+gxc2poSbwCxQEH2i+Gc svrFmJ3G0/gHaYecCzAYHz+Kr/007l+F/WbC+09cmdpelqIF3GbCn1zZdc+KmVqp Efg59kTqSLlPcNET0mxuijyRdL9xwIPS/qxHHRoGbTS61B8CBWXQp/B9upxkxPIL iQcfuV5HY2GGGTcqVOAMgo31+4LwBBxWxSbxc94y -----END CERTIFICATE-----Generated at Thu Jul 3 09:59:24 2025 by rpki-client