$ rpki-client -vvf repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136302e302f32302d3230203d3e203435373235.roa File: 3230322e3135302e3136302e302f32302d3230203d3e203435373235.roa (raw, json) Hash identifier: AYYvX1SMmvEUSV/SlEcF1R0YQ2WDD6uub8Ptl6bq5fc= Subject key identifier: 24:DB:21:CB:81:19:75:6D:48:6D:4F:32:41:CB:86:41:7C:D3:23:42 Certificate issuer: /CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Certificate serial: 2426BE222F87306B02E51570B0AF563A15305FFE Authority key identifier: BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject info access: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136302e302f32302d3230203d3e203435373235.roa Signing time: Sun 08 Mar 2026 16:00:01 +0000 ROA not before: Sun 08 Mar 2026 15:55:01 +0000 ROA not after: Sun 07 Mar 2027 16:00:01 +0000 asID: 45725 IP address blocks: 202.150.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 21:55:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:26:be:22:2f:87:30:6b:02:e5:15:70:b0:af:56:3a:15:30:5f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Validity Not Before: Mar 8 15:55:01 2026 GMT Not After : Mar 7 16:00:01 2027 GMT Subject: CN=24DB21CB8119756D486D4F3241CB86417CD32342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:77:6b:e3:93:2f:ef:d6:14:39:22:52:49:fc: ea:80:15:32:83:6d:11:3e:f9:1d:e2:60:1a:e2:48: b6:17:63:4c:61:88:9a:f6:1e:d2:4c:ad:3b:c9:db: 51:53:44:f4:40:24:fc:11:81:09:ad:66:de:48:0f: 40:eb:c9:a9:6a:3a:fb:ea:c8:4b:70:bb:e9:12:b0: f2:bf:1e:9b:1a:b0:32:bd:cc:06:de:df:4b:de:29: de:d2:18:03:32:31:6c:70:97:eb:d8:d9:81:2c:8f: 3b:b9:4a:e5:eb:92:82:f0:08:8a:6d:3c:89:fd:7d: 05:75:37:f7:1c:f6:81:87:1d:fe:63:13:5e:8c:ce: f7:93:78:fc:48:a4:70:ea:8c:3b:b1:6b:b0:ab:15: e7:5b:10:5a:9a:6c:2d:c0:7e:14:4a:38:5f:3d:cb: 1a:79:ac:96:49:f1:15:9e:89:09:9b:2c:90:7f:56: ca:58:49:17:ca:56:1b:9c:54:e0:54:ce:dc:a8:30: 2c:57:01:ba:dc:00:d7:38:1b:ab:71:a7:83:85:9f: 33:db:91:97:2e:d7:fe:de:ed:72:89:5f:b4:eb:9d: 5f:21:23:28:05:23:82:8c:3e:3a:0f:25:38:13:48: 7d:3c:b7:c0:91:08:ea:b0:e8:e4:d9:e3:70:63:7b: a5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:DB:21:CB:81:19:75:6D:48:6D:4F:32:41:CB:86:41:7C:D3:23:42 X509v3 Authority Key Identifier: keyid:BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136302e302f32302d3230203d3e203435373235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.150.160.0/20 Signature Algorithm: sha256WithRSAEncryption 25:ae:ea:51:53:aa:95:d1:04:51:b3:22:ab:4a:6e:31:d4:72: 2b:8a:fc:44:10:83:51:07:5f:a1:04:d1:07:84:1f:e5:6b:31: bb:f3:82:3c:19:3f:70:88:91:39:17:01:58:1e:3f:cb:90:4c: ed:5d:44:1b:83:3d:c4:3e:76:4c:30:a8:9f:94:b0:9c:87:3c: b9:30:f3:cc:43:a1:d3:5e:d3:c7:0a:a9:34:9a:61:bf:97:b6: 8d:75:32:21:af:4a:6e:14:0e:bb:f8:a9:55:f4:cc:fb:33:db: 0c:d8:3b:bf:a5:87:5e:00:69:68:1a:68:e3:66:80:97:76:96: ca:0a:76:a8:41:d6:20:7d:cc:0c:85:17:98:13:57:db:a5:9e: 86:30:7b:7a:35:6c:ad:75:8a:e3:ce:21:a4:99:a2:17:67:1f: 4c:65:bb:9e:ab:47:c8:12:0b:2a:da:05:3a:27:4e:31:29:58: f7:67:09:ac:fb:92:b5:a6:01:8a:2f:fc:2f:d5:41:fb:e2:25: 8c:8f:0e:6e:e6:a6:5f:28:34:40:96:55:f0:a1:b1:aa:47:3c: 34:d2:93:b5:7f:3a:95:08:c7:1e:bd:69:57:f9:18:56:c5:c7: ce:d7:8e:64:12:b3:80:99:7c:b0:6c:79:43:5c:fa:f9:7c:03: 6f:c2:3e:3f -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUJCa+Ii+HMGsC5RVwsK9WOhUwX/4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYy NzQ1ODEwMzAeFw0yNjAzMDgxNTU1MDFaFw0yNzAzMDcxNjAwMDFaMDMxMTAvBgNV BAMTKDI0REIyMUNCODExOTc1NkQ0ODZENEYzMjQxQ0I4NjQxN0NEMzIzNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBd2vjky/v1hQ5IlJJ/OqAFTKD bRE++R3iYBriSLYXY0xhiJr2HtJMrTvJ21FTRPRAJPwRgQmtZt5ID0DryalqOvvq yEtwu+kSsPK/HpsasDK9zAbe30veKd7SGAMyMWxwl+vY2YEsjzu5SuXrkoLwCIpt PIn9fQV1N/cc9oGHHf5jE16MzveTePxIpHDqjDuxa7CrFedbEFqabC3AfhRKOF89 yxp5rJZJ8RWeiQmbLJB/VspYSRfKVhucVOBUztyoMCxXAbrcANc4G6txp4OFnzPb kZcu1/7e7XKJX7TrnV8hIygFI4KMPjoPJTgTSH08t8CRCOqw6OTZ43Bje6VvAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUJNshy4EZdW1IbU8yQcuGQXzTI0IwHwYDVR0j BBgwFoAUvn+BPzxsoompzaxWMJdbdidFgQMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NDQyMTZkOC03MGNlLTQ5MDgtYTcyYi1lYzI3M2Y0M2JiYzIvMC9CRTdGODEzRjND NkNBMjg5QTlDREFDNTYzMDk3NUI3NjI3NDU4MTAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYyNzQ1 ODEwMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0NDIxNmQ4LTcwY2UtNDkwOC1h NzJiLWVjMjczZjQzYmJjMi8wLzMyMzAzMjJlMzEzNTMwMmUzMTM2MzAyZTMwMmYz MjMwMmQzMjMwMjAzZDNlMjAzNDM1MzczMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEypagMA0GCSqG SIb3DQEBCwUAA4IBAQAlrupRU6qV0QRRsyKrSm4x1HIrivxEEINRB1+hBNEHhB/l azG784I8GT9wiJE5FwFYHj/LkEztXUQbgz3EPnZMMKiflLCchzy5MPPMQ6HTXtPH Cqk0mmG/l7aNdTIhr0puFA67+KlV9Mz7M9sM2Du/pYdeAGloGmjjZoCXdpbKCnao QdYgfcwMhReYE1fbpZ6GMHt6NWytdYrjziGkmaIXZx9MZbueq0fIEgsq2gU6J04x KVj3Zwms+5K1pgGKL/wv1UH74iWMjw5u5qZfKDRAllXwobGqRzw00pO1fzqVCMce vWlX+RhWxcfO145kErOAmXywbHlDXPr5fANvwj4/ -----END CERTIFICATE-----Generated at Thu Mar 26 18:37:25 2026 by rpki-client