$ rpki-client -vvf repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32332d3233203d3e203435373235.roa File: 3230322e3135302e3136342e302f32332d3233203d3e203435373235.roa (raw, json) Hash identifier: rpUPYGkkbcLqQ1OuUy+nw93Zp9RI9ayasb1ZrV3T7qE= Subject key identifier: D8:AB:5E:41:B7:90:DB:DB:14:AB:50:E5:61:64:CF:FD:CA:0C:83:B8 Certificate issuer: /CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Certificate serial: 648B187ECE5F210B1B4F90D8373A62E86C73B25A Authority key identifier: BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject info access: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32332d3233203d3e203435373235.roa Signing time: Sun 08 Mar 2026 16:00:01 +0000 ROA not before: Sun 08 Mar 2026 15:55:01 +0000 ROA not after: Sun 07 Mar 2027 16:00:01 +0000 asID: 45725 IP address blocks: 202.150.164.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 21:55:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:8b:18:7e:ce:5f:21:0b:1b:4f:90:d8:37:3a:62:e8:6c:73:b2:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Validity Not Before: Mar 8 15:55:01 2026 GMT Not After : Mar 7 16:00:01 2027 GMT Subject: CN=D8AB5E41B790DBDB14AB50E56164CFFDCA0C83B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:5b:aa:2e:53:c8:4d:a5:e7:73:87:5f:21:05: 82:1e:9c:6a:b8:9c:31:35:e7:7a:68:e2:29:c7:72: ff:0c:9d:b8:74:a4:be:19:d5:11:a6:7c:fe:4f:69: 4a:b0:23:57:c2:6a:04:bb:f5:30:01:9a:5c:29:9d: 7d:79:a9:94:8e:13:50:bc:65:91:66:c4:07:33:68: 5b:f0:61:c2:fc:d1:40:a6:c0:ef:18:db:8f:48:c3: e0:20:20:6a:64:66:65:6a:e9:27:22:cd:6f:e4:1f: 3d:0a:38:89:cb:16:0a:9e:bb:7e:33:62:e4:06:4e: 0c:63:de:2d:8d:af:2f:0c:34:27:37:b1:7b:aa:9e: db:64:25:cf:e7:9a:03:57:7e:dc:fe:29:f1:73:fb: dc:78:df:85:51:e7:b2:33:51:e9:c4:e7:fd:94:e2: 2b:10:b0:2c:e8:75:49:53:02:94:25:b6:be:39:da: 78:b9:6c:de:55:30:ae:82:8b:0d:48:8b:34:ac:6f: ae:f3:b4:95:63:6d:54:49:ac:c7:33:14:0c:a7:09: 4a:86:c2:79:6f:62:52:2c:0a:80:f8:62:d7:25:05: a0:e0:30:9a:5a:2d:dc:1e:b4:4a:10:bb:f0:cb:45: bc:6f:cb:99:a4:25:17:fc:4c:5c:22:81:bc:eb:5f: eb:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:AB:5E:41:B7:90:DB:DB:14:AB:50:E5:61:64:CF:FD:CA:0C:83:B8 X509v3 Authority Key Identifier: keyid:BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3136342e302f32332d3233203d3e203435373235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.150.164.0/23 Signature Algorithm: sha256WithRSAEncryption ba:4b:6e:09:53:50:b4:99:5e:d1:4e:74:9c:1a:71:02:a1:b3: 08:25:5f:39:c0:1c:a9:26:18:5e:f7:5d:6e:01:db:b4:a0:a0: 40:00:2f:26:e5:e2:c8:44:1d:f5:33:38:a1:5d:bc:03:22:c0: 88:03:ec:c5:55:d1:e7:3d:21:8f:20:12:3c:7c:4c:88:85:51: db:34:05:15:ef:5c:2c:80:bd:96:8e:c8:2a:36:81:67:9f:fc: 8d:0f:93:83:90:e2:cf:8a:d3:8e:71:be:18:b0:f8:30:a2:a6: 49:64:a1:44:2b:3e:6f:67:87:fc:5f:06:01:48:ba:28:8b:36: 46:ab:77:70:2c:7a:88:cd:0b:12:95:0e:96:a1:66:bd:a6:7f: f1:e6:ea:25:e6:16:87:88:d8:ef:6a:c4:53:d3:1f:49:f1:65: 46:94:bf:5c:16:33:a1:f3:82:47:4c:15:ea:45:27:8d:a8:2e: 9b:4f:32:2c:16:d1:2a:f6:9b:73:9e:2f:78:0e:9d:62:6b:09: 5f:71:3a:32:43:0f:26:55:8d:b9:14:eb:d3:ae:48:0f:b0:65: f8:b6:be:20:91:83:95:6c:6b:07:e2:e9:c4:e9:9a:e9:1c:41: 2c:62:0c:fd:f4:7c:a9:e4:47:59:50:53:6d:77:ba:14:a6:21: 4a:5e:cc:09 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUZIsYfs5fIQsbT5DYNzpi6GxzslowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYy NzQ1ODEwMzAeFw0yNjAzMDgxNTU1MDFaFw0yNzAzMDcxNjAwMDFaMDMxMTAvBgNV BAMTKEQ4QUI1RTQxQjc5MERCREIxNEFCNTBFNTYxNjRDRkZEQ0EwQzgzQjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtW6ouU8hNpedzh18hBYIenGq4 nDE153po4inHcv8Mnbh0pL4Z1RGmfP5PaUqwI1fCagS79TABmlwpnX15qZSOE1C8 ZZFmxAczaFvwYcL80UCmwO8Y249Iw+AgIGpkZmVq6ScizW/kHz0KOInLFgqeu34z YuQGTgxj3i2Nry8MNCc3sXuqnttkJc/nmgNXftz+KfFz+9x434VR57IzUenE5/2U 4isQsCzodUlTApQltr452ni5bN5VMK6Ciw1IizSsb67ztJVjbVRJrMczFAynCUqG wnlvYlIsCoD4YtclBaDgMJpaLdwetEoQu/DLRbxvy5mkJRf8TFwigbzrX+u3AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU2KteQbeQ29sUq1DlYWTP/coMg7gwHwYDVR0j BBgwFoAUvn+BPzxsoompzaxWMJdbdidFgQMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NDQyMTZkOC03MGNlLTQ5MDgtYTcyYi1lYzI3M2Y0M2JiYzIvMC9CRTdGODEzRjND NkNBMjg5QTlDREFDNTYzMDk3NUI3NjI3NDU4MTAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYyNzQ1 ODEwMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0NDIxNmQ4LTcwY2UtNDkwOC1h NzJiLWVjMjczZjQzYmJjMi8wLzMyMzAzMjJlMzEzNTMwMmUzMTM2MzQyZTMwMmYz MjMzMmQzMjMzMjAzZDNlMjAzNDM1MzczMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBypakMA0GCSqG SIb3DQEBCwUAA4IBAQC6S24JU1C0mV7RTnScGnECobMIJV85wBypJhhe911uAdu0 oKBAAC8m5eLIRB31MzihXbwDIsCIA+zFVdHnPSGPIBI8fEyIhVHbNAUV71wsgL2W jsgqNoFnn/yND5ODkOLPitOOcb4YsPgwoqZJZKFEKz5vZ4f8XwYBSLooizZGq3dw LHqIzQsSlQ6WoWa9pn/x5uol5haHiNjvasRT0x9J8WVGlL9cFjOh84JHTBXqRSeN qC6bTzIsFtEq9ptzni94Dp1iawlfcToyQw8mVY25FOvTrkgPsGX4tr4gkYOVbGsH 4unE6ZrpHEEsYgz99Hyp5EdZUFNtd7oUpiFKXswJ -----END CERTIFICATE-----Generated at Thu Mar 26 21:58:40 2026 by rpki-client