$ rpki-client -vvf repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa File: 3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa (raw, json) Hash identifier: hp0FWXodRjkZ1xCt3tnFlPQ3FclJlDZduoZ/rI+jC6E= Subject key identifier: C1:ED:BE:EA:C6:52:7D:BA:95:51:15:FC:FA:29:3D:CF:79:76:C0:7F Certificate issuer: /CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Certificate serial: 49E9F5637C0BB077472E5D53551924D657D5F8D5 Authority key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa Signing time: Tue 14 Oct 2025 12:00:00 +0000 ROA not before: Tue 14 Oct 2025 11:55:00 +0000 ROA not after: Tue 13 Oct 2026 12:00:00 +0000 asID: 152823 IP address blocks: 160.22.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 03:47:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:e9:f5:63:7c:0b:b0:77:47:2e:5d:53:55:19:24:d6:57:d5:f8:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Validity Not Before: Oct 14 11:55:00 2025 GMT Not After : Oct 13 12:00:00 2026 GMT Subject: CN=C1EDBEEAC6527DBA955115FCFA293DCF7976C07F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:56:0b:91:76:2e:14:e2:81:61:37:71:82:e6: dc:f1:39:08:d7:ba:c9:4f:de:57:21:df:9d:c5:d3: 05:f6:55:7b:7a:a2:73:fa:05:83:5b:98:b3:4c:9a: f0:2a:f7:45:55:e8:cf:a0:f7:c1:78:e4:d3:24:71: da:3a:56:ab:f6:cb:c1:cd:29:44:d6:34:4a:9b:dd: bb:69:74:81:10:66:ee:a3:b0:25:ae:fb:d5:25:cb: 24:e2:5a:a6:fb:ab:69:21:31:40:9e:a2:d3:79:05: d0:93:00:e0:ec:7a:25:46:fb:02:c5:ef:7f:d1:0c: b4:84:f5:ec:55:72:a4:a0:8d:88:50:14:c8:50:f7: cb:57:36:75:1d:88:91:b4:9e:b6:46:20:31:49:b1: f3:e8:de:7b:58:b4:96:36:fa:5a:e6:6f:c7:5c:00: b4:f2:a1:eb:61:e3:91:a4:4a:ee:61:8a:5a:5c:0d: 00:de:0a:7d:c2:2c:86:55:62:7d:fe:1d:11:8b:0b: 62:2d:7f:96:d4:ee:60:78:f1:7a:68:18:82:b4:8a: 30:36:9a:27:3c:46:fc:9b:ca:d8:c4:ee:12:58:4f: af:31:5e:d1:78:4d:2a:90:7b:f8:1f:1b:ef:4a:f6: 33:33:e2:95:54:b5:63:bd:2d:61:77:33:00:29:62: 20:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:ED:BE:EA:C6:52:7D:BA:95:51:15:FC:FA:29:3D:CF:79:76:C0:7F X509v3 Authority Key Identifier: keyid:D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/3136302e32322e3138372e302f32342d3234203d3e20313532383233.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.187.0/24 Signature Algorithm: sha256WithRSAEncryption 51:d3:0b:4e:93:fc:e3:39:e9:07:b9:3c:f7:24:72:1d:82:2a: 79:64:64:c3:ba:2d:e7:b1:14:b6:d6:58:36:d9:73:73:20:ed: 0e:41:86:48:5b:a7:67:87:ff:e9:35:02:35:e2:3d:55:8e:15: 25:69:cb:a0:f7:3c:7f:e7:2e:59:3a:e1:35:b2:1a:fb:f7:c6: 40:07:58:ee:b7:3d:1c:f4:cf:a6:f7:ea:bf:b0:bd:c8:77:3b: 92:e6:09:17:cc:f8:ca:79:88:a9:97:e0:29:4c:49:97:45:7b: 89:2f:42:b5:59:ce:f8:02:c8:4a:18:ed:c9:0f:32:fc:b3:27: a2:73:f3:b7:1b:aa:ef:76:b1:0b:f3:3b:d3:03:95:a9:cd:fe: b6:15:4e:79:25:0f:c0:35:d3:1b:90:af:a2:0b:37:0c:5b:73: d3:14:5b:fa:d5:c0:74:8c:24:17:15:d9:5f:62:68:71:1c:a9: c4:2d:73:24:cb:0e:92:93:4b:94:68:3d:47:d1:29:b5:6b:86: ed:4f:0c:fc:72:38:e2:e0:af:57:e8:b5:a6:e8:c4:76:1a:fa: 2f:ab:64:f5:c2:d5:be:70:51:c0:e4:db:82:50:82:bb:87:3b: 32:1f:01:1e:b6:d5:0e:32:2b:4e:53:16:6f:14:c5:67:5c:1e: df:28:a3:a5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUSen1Y3wLsHdHLl1TVRkk1lfV+NUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJC NEZBMjhGMDAeFw0yNTEwMTQxMTU1MDBaFw0yNjEwMTMxMjAwMDBaMDMxMTAvBgNV BAMTKEMxRURCRUVBQzY1MjdEQkE5NTUxMTVGQ0ZBMjkzRENGNzk3NkMwN0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5VguRdi4U4oFhN3GC5tzxOQjX uslP3lch353F0wX2VXt6onP6BYNbmLNMmvAq90VV6M+g98F45NMkcdo6Vqv2y8HN KUTWNEqb3btpdIEQZu6jsCWu+9UlyyTiWqb7q2khMUCeotN5BdCTAODseiVG+wLF 73/RDLSE9exVcqSgjYhQFMhQ98tXNnUdiJG0nrZGIDFJsfPo3ntYtJY2+lrmb8dc ALTyoeth45GkSu5hilpcDQDeCn3CLIZVYn3+HRGLC2Itf5bU7mB48XpoGIK0ijA2 mic8RvybytjE7hJYT68xXtF4TSqQe/gfG+9K9jMz4pVUtWO9LWF3MwApYiAlAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUwe2+6sZSfbqVURX8+ik9z3l2wH8wHwYDVR0j BBgwFoAU07Ddu44H/NmKOZyQxbP8MrT6KPAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMC9EM0IwRERCQjhF MDdGQ0Q5OEEzOTlDOTBDNUIzRkMzMkI0RkEyOEYwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDNCMEREQkI4RTA3RkNEOThBMzk5QzkwQzVCM0ZDMzJCNEZB MjhGMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdkOWY5OGYzLTcyZjAtNDAwNi1i ZTk5LWI5YTllOGQ5ZDJiZi8wLzMxMzYzMDJlMzIzMjJlMzEzODM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzgzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBa7MA0GCSqG SIb3DQEBCwUAA4IBAQBR0wtOk/zjOekHuTz3JHIdgip5ZGTDui3nsRS21lg22XNz IO0OQYZIW6dnh//pNQI14j1VjhUlacug9zx/5y5ZOuE1shr798ZAB1jutz0c9M+m 9+q/sL3IdzuS5gkXzPjKeYipl+ApTEmXRXuJL0K1Wc74AshKGO3JDzL8syeic/O3 G6rvdrEL8zvTA5Wpzf62FU55JQ/ANdMbkK+iCzcMW3PTFFv61cB0jCQXFdlfYmhx HKnELXMkyw6Sk0uUaD1H0Sm1a4btTwz8cjji4K9X6LWm6MR2Gvovq2T1wtW+cFHA 5NuCUIK7hzsyHwEettUOMitOUxZvFMVnXB7fKKOl -----END CERTIFICATE-----Generated at Mon Oct 20 22:03:11 2025 by rpki-client