$ rpki-client -vvf repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/34332e3234372e32312e302f32342d3234203d3e20313331373830.roa File: 34332e3234372e32312e302f32342d3234203d3e20313331373830.roa (raw, json) Hash identifier: 75jsZ2/RYGs14ieUtfuhtsNjuwyC8On82jjkJYD2UMY= Subject key identifier: 99:AB:AF:C9:E3:1F:EE:41:C4:2F:D3:3E:4A:FE:F6:19:3C:8F:30:15 Certificate issuer: /CN=116B1B493114E6F87244DA54CAB8D8EAB2503A38 Certificate serial: 02DD94A583AFA1B0E1794BE77BBD87AECA24E946 Authority key identifier: 11:6B:1B:49:31:14:E6:F8:72:44:DA:54:CA:B8:D8:EA:B2:50:3A:38 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/116B1B493114E6F87244DA54CAB8D8EAB2503A38.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/34332e3234372e32312e302f32342d3234203d3e20313331373830.roa Signing time: Tue 21 Oct 2025 09:34:38 +0000 ROA not before: Tue 21 Oct 2025 09:29:38 +0000 ROA not after: Tue 20 Oct 2026 09:34:38 +0000 asID: 131780 IP address blocks: 43.247.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/116B1B493114E6F87244DA54CAB8D8EAB2503A38.crl rsync://repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/116B1B493114E6F87244DA54CAB8D8EAB2503A38.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/116B1B493114E6F87244DA54CAB8D8EAB2503A38.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 20:16:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:dd:94:a5:83:af:a1:b0:e1:79:4b:e7:7b:bd:87:ae:ca:24:e9:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=116B1B493114E6F87244DA54CAB8D8EAB2503A38 Validity Not Before: Oct 21 09:29:38 2025 GMT Not After : Oct 20 09:34:38 2026 GMT Subject: CN=99ABAFC9E31FEE41C42FD33E4AFEF6193C8F3015 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:df:3e:de:31:74:26:93:c5:8b:c1:d2:8e:86: 62:55:41:96:30:cc:cf:40:9b:16:81:79:54:59:5a: 5f:f0:93:5d:65:7d:56:c8:f1:2e:eb:dd:9f:ab:ff: 56:b5:2e:fe:53:d8:9b:7c:d2:17:f8:6f:0d:f1:9f: 8e:69:7b:10:c8:cf:af:9c:10:30:23:1e:55:a0:19: 7d:98:ff:95:7a:af:3c:2c:a3:b6:a2:3e:c8:69:a1: da:9b:73:fd:a9:ee:2a:32:a5:fd:b0:ca:49:8b:07: 7b:42:c2:2a:97:39:44:79:9b:ee:0b:44:6b:a2:fe: 24:3a:31:39:03:9b:57:4d:72:3b:6b:a7:4d:33:f7: 09:49:85:ec:52:99:bd:04:18:91:3c:a1:87:ec:98: d1:50:d9:58:6f:31:e7:6f:ec:41:22:32:b1:00:97: d1:63:59:d8:71:61:23:b4:41:73:33:d1:c2:35:b7: d6:1e:c7:55:58:21:54:f3:59:ff:7f:4a:cc:47:1f: 38:e0:bd:a6:79:83:47:2b:5b:26:1b:1f:10:71:d6: 62:1a:49:29:62:e1:c9:a5:73:4b:09:44:90:00:5f: 53:a4:08:10:29:a2:0b:a0:a7:ab:b2:70:c3:e4:8a: ee:5f:71:85:94:e1:bd:6e:3b:c7:01:13:6a:76:d8: 71:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:AB:AF:C9:E3:1F:EE:41:C4:2F:D3:3E:4A:FE:F6:19:3C:8F:30:15 X509v3 Authority Key Identifier: keyid:11:6B:1B:49:31:14:E6:F8:72:44:DA:54:CA:B8:D8:EA:B2:50:3A:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/116B1B493114E6F87244DA54CAB8D8EAB2503A38.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/116B1B493114E6F87244DA54CAB8D8EAB2503A38.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8c667769-80dc-4093-b5f7-dfe7c5720486/0/34332e3234372e32312e302f32342d3234203d3e20313331373830.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.247.21.0/24 Signature Algorithm: sha256WithRSAEncryption 25:de:4c:d8:d4:50:a9:ea:32:10:27:6b:b2:6d:e4:a1:48:85: 9a:5d:b4:c4:d1:cd:40:ea:f6:de:ae:0d:fd:4b:37:36:8d:b3: 1d:71:c4:eb:ee:96:e8:a8:df:d4:2c:cc:ba:ef:86:c7:2b:ba: e8:e1:5d:1c:f0:c4:bf:4c:d0:8d:47:23:95:f1:1a:92:ff:ea: c4:0c:31:b8:1c:97:25:e9:2b:eb:c8:25:47:16:fc:ee:8a:7b: 8f:8b:40:5a:40:8d:27:c2:02:dc:ad:b7:c9:fd:3d:85:3d:ed: 2a:f2:b6:51:9a:80:5d:b6:b0:a6:f4:20:95:7a:16:97:61:9f: 52:90:f0:e6:13:d7:28:01:b1:a1:b6:7e:ed:74:8a:b8:e6:f9: 5a:eb:85:f6:d1:62:e3:1b:5e:8b:1f:55:2b:10:75:c6:78:3c: b1:92:96:d4:6d:60:c6:a1:9b:fe:06:7f:1a:cf:85:97:3f:12: 98:8f:dd:9d:bf:2a:b6:af:a1:30:b5:a1:70:c2:bf:0b:0b:c2: f0:45:9d:a6:a5:a9:1e:70:2f:42:16:77:de:0d:fc:44:35:82: 02:7a:02:2a:da:64:4c:04:84:c1:0b:8f:4a:b3:27:25:d1:ac: 92:50:ee:8b:5e:60:42:bc:b9:f8:67:e2:99:79:13:84:e7:ff: d3:54:d4:61 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUAt2UpYOvobDheUvne72Hrsok6UYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTE2QjFCNDkzMTE0RTZGODcyNDREQTU0Q0FCOEQ4RUFC MjUwM0EzODAeFw0yNTEwMjEwOTI5MzhaFw0yNjEwMjAwOTM0MzhaMDMxMTAvBgNV BAMTKDk5QUJBRkM5RTMxRkVFNDFDNDJGRDMzRTRBRkVGNjE5M0M4RjMwMTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz3z7eMXQmk8WLwdKOhmJVQZYw zM9AmxaBeVRZWl/wk11lfVbI8S7r3Z+r/1a1Lv5T2Jt80hf4bw3xn45pexDIz6+c EDAjHlWgGX2Y/5V6rzwso7aiPshpodqbc/2p7ioypf2wykmLB3tCwiqXOUR5m+4L RGui/iQ6MTkDm1dNcjtrp00z9wlJhexSmb0EGJE8oYfsmNFQ2VhvMedv7EEiMrEA l9FjWdhxYSO0QXMz0cI1t9Yex1VYIVTzWf9/SsxHHzjgvaZ5g0crWyYbHxBx1mIa SSli4cmlc0sJRJAAX1OkCBApogugp6uycMPkiu5fcYWU4b1uO8cBE2p22HFrAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUmauvyeMf7kHEL9M+Sv72GTyPMBUwHwYDVR0j BBgwFoAUEWsbSTEU5vhyRNpUyrjY6rJQOjgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YzY2Nzc2OS04MGRjLTQwOTMtYjVmNy1kZmU3YzU3MjA0ODYvMC8xMTZCMUI0OTMx MTRFNkY4NzI0NERBNTRDQUI4RDhFQUIyNTAzQTM4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTE2QjFCNDkzMTE0RTZGODcyNDREQTU0Q0FCOEQ4RUFCMjUw M0EzOC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjNjY3NzY5LTgwZGMtNDA5My1i NWY3LWRmZTdjNTcyMDQ4Ni8wLzM0MzMyZTMyMzQzNzJlMzIzMTJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzMzMTM3MzgzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv3FTANBgkqhkiG 9w0BAQsFAAOCAQEAJd5M2NRQqeoyECdrsm3koUiFml20xNHNQOr23q4N/Us3No2z HXHE6+6W6Kjf1CzMuu+Gxyu66OFdHPDEv0zQjUcjlfEakv/qxAwxuByXJekr68gl Rxb87op7j4tAWkCNJ8IC3K23yf09hT3tKvK2UZqAXbawpvQglXoWl2GfUpDw5hPX KAGxobZ+7XSKuOb5WuuF9tFi4xteix9VKxB1xng8sZKW1G1gxqGb/gZ/Gs+Flz8S mI/dnb8qtq+hMLWhcMK/CwvC8EWdpqWpHnAvQhZ33g38RDWCAnoCKtpkTASEwQuP SrMnJdGsklDui15gQry5+GfimXkThOf/01TUYQ== -----END CERTIFICATE-----Generated at Wed Oct 22 09:32:54 2025 by rpki-client