$ rpki-client -vvf repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136332e302f32342d3234203d3e20313532303337.roa File: 3230322e34372e3136332e302f32342d3234203d3e20313532303337.roa (raw, json) Hash identifier: /URm5Kz+lOTj8/0VCDqZYq+wPeWuBT+Tq5QLg7+ZM+8= Subject key identifier: 40:FE:3B:D4:D5:92:A4:F8:95:71:79:9C:14:C4:D7:1F:2D:82:43:E9 Certificate issuer: /CN=842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF Certificate serial: 62DA5BE9CF5AB644771824DAD4F6E501C0B7A17F Authority key identifier: 84:22:33:D6:E7:56:BC:93:C0:DB:9A:45:DD:2F:7B:CD:97:CB:29:AF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136332e302f32342d3234203d3e20313532303337.roa Signing time: Tue 23 Sep 2025 14:00:00 +0000 ROA not before: Tue 23 Sep 2025 13:55:00 +0000 ROA not after: Tue 22 Sep 2026 14:00:00 +0000 asID: 152037 IP address blocks: 202.47.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.crl rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 16:27:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:da:5b:e9:cf:5a:b6:44:77:18:24:da:d4:f6:e5:01:c0:b7:a1:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF Validity Not Before: Sep 23 13:55:00 2025 GMT Not After : Sep 22 14:00:00 2026 GMT Subject: CN=40FE3BD4D592A4F89571799C14C4D71F2D8243E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:06:cb:b8:3a:37:39:b9:f3:27:6e:be:f8:0b: f8:95:29:da:19:19:19:6c:1f:d0:59:fd:94:f7:7e: 9c:de:91:39:bb:e5:5b:1b:44:e0:91:b0:0a:82:f8: ae:11:41:8a:b8:b8:43:31:05:e4:d8:41:77:49:54: 98:f5:e9:44:78:b4:1e:70:35:c2:14:5c:23:dd:00: d4:4d:b4:fd:f3:89:07:25:a5:dd:5f:3b:e7:d1:9b: 43:a9:be:04:95:19:6f:07:5d:4c:ce:eb:0b:1d:8b: 55:d0:b0:9c:1b:b4:3a:1f:29:7e:d5:ac:27:44:e7: a1:4f:e6:cd:af:20:fc:f9:9a:66:0e:5d:29:a8:a3: a6:fd:44:c1:13:2b:06:cb:56:37:ab:2a:9a:c8:24: 92:5c:55:52:27:a5:85:38:b0:ea:bc:77:65:87:ee: 5b:ae:e8:c0:87:08:50:ac:19:3d:13:1c:fd:36:ec: 07:99:77:5d:f0:9d:0d:56:42:da:05:8d:79:1d:ef: c3:39:fa:c6:e4:d5:49:0c:0d:b9:8b:94:af:c4:02: 80:cd:cd:7e:53:bf:d5:74:b9:3b:30:54:73:26:4c: 1a:61:cb:47:a1:50:8c:38:db:54:57:0f:66:df:93: 99:3e:34:9e:2e:da:b0:d1:fa:7d:e4:e1:b5:38:ba: cb:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:FE:3B:D4:D5:92:A4:F8:95:71:79:9C:14:C4:D7:1F:2D:82:43:E9 X509v3 Authority Key Identifier: keyid:84:22:33:D6:E7:56:BC:93:C0:DB:9A:45:DD:2F:7B:CD:97:CB:29:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/842233D6E756BC93C0DB9A45DD2F7BCD97CB29AF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/581274af-7cd0-40af-a321-676898d58db8/0/3230322e34372e3136332e302f32342d3234203d3e20313532303337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.47.163.0/24 Signature Algorithm: sha256WithRSAEncryption 09:35:69:84:a4:c8:81:b8:3c:b6:5b:a5:5b:9e:96:28:56:3e: c0:60:e6:fa:58:b9:49:e4:0d:b6:df:d3:1a:e2:a6:70:b9:6d: ec:1d:52:2c:c3:31:03:ba:83:4c:3a:92:c3:88:c5:d5:df:0b: e3:e5:d1:3c:69:c6:61:c8:8e:50:84:fe:da:18:69:e5:31:34: a4:4d:00:13:50:71:8c:14:92:56:8e:b2:56:a5:6d:4b:67:64: 3a:a4:10:63:4f:fc:73:c4:d0:b8:5d:67:60:e6:0b:20:c8:26: fc:16:60:a4:53:80:62:53:16:03:bc:4f:ea:cb:9e:12:70:a2: 5b:e4:eb:93:bb:2a:e0:3c:03:f0:66:1f:8f:d6:46:26:80:d3: 84:b2:91:a9:6d:14:e0:36:d4:de:09:d8:47:3f:fa:63:3b:7d: 25:bb:c7:60:8a:78:13:5d:fa:59:69:bb:e1:fd:2f:61:f9:12: fb:c7:55:97:4c:e1:13:c7:96:33:25:23:5d:68:10:9a:2a:2a: f5:31:15:e9:d6:a1:bb:00:d9:c1:fa:d7:01:c3:d0:cb:da:b0: 1d:17:e4:b4:f3:cf:92:97:a9:04:3d:c7:86:be:8d:26:32:64: 76:6d:18:3c:db:8b:cf:2c:e9:65:f7:8c:9d:ea:78:d6:36:a8: f9:02:90:c4 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYtpb6c9atkR3GCTa1PblAcC3oX8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQyMjMzRDZFNzU2QkM5M0MwREI5QTQ1REQyRjdCQ0Q5 N0NCMjlBRjAeFw0yNTA5MjMxMzU1MDBaFw0yNjA5MjIxNDAwMDBaMDMxMTAvBgNV BAMTKDQwRkUzQkQ0RDU5MkE0Rjg5NTcxNzk5QzE0QzRENzFGMkQ4MjQzRTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDBsu4Ojc5ufMnbr74C/iVKdoZ GRlsH9BZ/ZT3fpzekTm75VsbROCRsAqC+K4RQYq4uEMxBeTYQXdJVJj16UR4tB5w NcIUXCPdANRNtP3ziQclpd1fO+fRm0OpvgSVGW8HXUzO6wsdi1XQsJwbtDofKX7V rCdE56FP5s2vIPz5mmYOXSmoo6b9RMETKwbLVjerKprIJJJcVVInpYU4sOq8d2WH 7luu6MCHCFCsGT0THP027AeZd13wnQ1WQtoFjXkd78M5+sbk1UkMDbmLlK/EAoDN zX5Tv9V0uTswVHMmTBphy0ehUIw421RXD2bfk5k+NJ4u2rDR+n3k4bU4usvHAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUQP471NWSpPiVcXmcFMTXHy2CQ+kwHwYDVR0j BBgwFoAUhCIz1udWvJPA25pF3S97zZfLKa8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ODEyNzRhZi03Y2QwLTQwYWYtYTMyMS02NzY4OThkNThkYjgvMC84NDIyMzNENkU3 NTZCQzkzQzBEQjlBNDVERDJGN0JDRDk3Q0IyOUFGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODQyMjMzRDZFNzU2QkM5M0MwREI5QTQ1REQyRjdCQ0Q5N0NC MjlBRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU4MTI3NGFmLTdjZDAtNDBhZi1h MzIxLTY3Njg5OGQ1OGRiOC8wLzMyMzAzMjJlMzQzNzJlMzEzNjMzMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzAzMzM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyi+jMA0GCSqG SIb3DQEBCwUAA4IBAQAJNWmEpMiBuDy2W6VbnpYoVj7AYOb6WLlJ5A2239Ma4qZw uW3sHVIswzEDuoNMOpLDiMXV3wvj5dE8acZhyI5QhP7aGGnlMTSkTQATUHGMFJJW jrJWpW1LZ2Q6pBBjT/xzxNC4XWdg5gsgyCb8FmCkU4BiUxYDvE/qy54ScKJb5OuT uyrgPAPwZh+P1kYmgNOEspGpbRTgNtTeCdhHP/pjO30lu8dgingTXfpZabvh/S9h +RL7x1WXTOETx5YzJSNdaBCaKir1MRXp1qG7ANnB+tcBw9DL2rAdF+S088+Sl6kE PceGvo0mMmR2bRg824vPLOll94yd6njWNqj5ApDE -----END CERTIFICATE-----Generated at Mon Oct 20 13:24:31 2025 by rpki-client