$ rpki-client -vvf repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/3136302e32322e36372e302f32342d3234203d3e20313532383134.roa File: 3136302e32322e36372e302f32342d3234203d3e20313532383134.roa (raw, json) Hash identifier: Ey7L9KsZTmEk5ltcrs4Z+pnj7s7l3HrY1Uvag6NQq84= Subject key identifier: 44:94:18:68:6D:49:0B:2F:E5:52:B9:1A:A8:4C:76:57:7E:CD:3C:00 Certificate issuer: /CN=9EE9E8715DE7A995273D27BD16FBF33DC09CF652 Certificate serial: 5311D0A0274713DB3A128846E68B3759974E1A62 Authority key identifier: 9E:E9:E8:71:5D:E7:A9:95:27:3D:27:BD:16:FB:F3:3D:C0:9C:F6:52 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/3136302e32322e36372e302f32342d3234203d3e20313532383134.roa Signing time: Tue 17 Jun 2025 09:00:07 +0000 ROA not before: Tue 17 Jun 2025 08:55:07 +0000 ROA not after: Tue 16 Jun 2026 09:00:07 +0000 asID: 152814 IP address blocks: 160.22.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.crl rsync://repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 01:10:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:11:d0:a0:27:47:13:db:3a:12:88:46:e6:8b:37:59:97:4e:1a:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9EE9E8715DE7A995273D27BD16FBF33DC09CF652 Validity Not Before: Jun 17 08:55:07 2025 GMT Not After : Jun 16 09:00:07 2026 GMT Subject: CN=449418686D490B2FE552B91AA84C76577ECD3C00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e7:5b:d6:59:b8:e0:1e:0c:04:5f:1c:38:fc: 50:b7:a5:4e:f6:f7:01:de:46:3c:3a:79:74:31:02: d0:b6:cf:73:0e:24:cb:6d:19:68:93:4d:ac:60:ee: ee:79:4d:04:d0:ba:f8:cc:e6:cb:30:fc:dc:b3:03: 81:36:4b:ea:be:d2:f5:05:05:09:70:11:3d:26:19: 1c:e3:95:60:85:50:32:6c:8e:06:3c:03:22:46:92: d9:3b:1c:5e:56:bb:d7:91:f7:18:49:d4:8d:89:0d: 4b:dc:64:a7:d6:3b:64:39:b8:29:30:94:cc:6e:f3: 5c:f9:79:e5:b7:db:fe:a4:4b:46:05:df:3e:da:65: 67:bc:b8:0b:45:4a:75:42:38:c0:f7:1a:16:6a:f5: a8:31:d9:39:56:b9:ee:af:9f:83:3d:49:a9:96:dc: c8:ed:32:26:fc:94:11:0d:af:ec:a0:b7:29:2d:4f: 59:e8:18:52:e1:c1:e1:a2:15:87:ea:7b:f8:fe:02: c1:58:fd:27:fa:81:c3:50:16:96:07:73:f7:61:30: c5:61:e5:fe:a4:80:6e:40:fd:6f:2f:7f:e6:08:29: a7:fd:2e:59:83:56:b1:e7:6b:84:25:88:d9:1c:e1: e3:bd:d0:30:6b:0f:0e:e0:2f:2d:3b:66:92:c4:7a: 4a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:94:18:68:6D:49:0B:2F:E5:52:B9:1A:A8:4C:76:57:7E:CD:3C:00 X509v3 Authority Key Identifier: keyid:9E:E9:E8:71:5D:E7:A9:95:27:3D:27:BD:16:FB:F3:3D:C0:9C:F6:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/9EE9E8715DE7A995273D27BD16FBF33DC09CF652.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9db927df-bc9c-4be6-a1fa-2e125c469f71/0/3136302e32322e36372e302f32342d3234203d3e20313532383134.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.67.0/24 Signature Algorithm: sha256WithRSAEncryption 05:93:2f:43:aa:2d:69:f3:d9:ff:c5:d5:c1:5b:dd:92:7d:4a: 66:a3:13:f2:75:fe:02:6c:f6:8e:29:eb:d1:46:70:6d:1a:af: 03:18:af:54:b3:a7:e2:41:7d:80:de:4d:41:d6:84:7b:cb:25: 2e:c7:a0:1b:20:c0:bb:96:79:b5:b0:2c:4a:78:1b:9f:6b:3e: 7c:93:b1:c5:7a:74:ee:bc:f5:d9:78:06:86:7a:42:b7:0c:07: b1:66:f7:2a:8f:1f:55:84:0f:a7:a8:1e:ab:54:08:79:2f:6e: 12:85:15:cc:da:be:a5:70:7e:ef:6f:31:0d:8f:6b:09:da:00: f8:a2:b1:07:36:eb:7a:00:39:15:8c:ec:85:0f:eb:0e:69:89: 41:3e:7b:05:f4:6c:21:2d:31:09:0c:04:d1:ca:2f:ef:c1:0c: 98:a8:d8:15:42:95:ec:90:6a:64:05:7f:0c:b9:00:da:19:33: c2:69:7e:f5:6e:6c:8d:81:11:28:bd:0c:8e:00:cb:dc:6e:87: a8:b2:bd:64:f7:b1:b2:a6:39:80:46:2c:4b:09:d9:3b:9e:3a: ea:07:1b:78:7e:70:4d:c8:b0:b2:12:6c:49:54:21:98:08:22: 89:a8:3a:da:5f:3a:23:a1:ef:47:cb:5d:e6:a5:58:80:5d:96: 51:21:ed:23 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUUxHQoCdHE9s6EohG5os3WZdOGmIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUVFOUU4NzE1REU3QTk5NTI3M0QyN0JEMTZGQkYzM0RD MDlDRjY1MjAeFw0yNTA2MTcwODU1MDdaFw0yNjA2MTYwOTAwMDdaMDMxMTAvBgNV BAMTKDQ0OTQxODY4NkQ0OTBCMkZFNTUyQjkxQUE4NEM3NjU3N0VDRDNDMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+51vWWbjgHgwEXxw4/FC3pU72 9wHeRjw6eXQxAtC2z3MOJMttGWiTTaxg7u55TQTQuvjM5ssw/NyzA4E2S+q+0vUF BQlwET0mGRzjlWCFUDJsjgY8AyJGktk7HF5Wu9eR9xhJ1I2JDUvcZKfWO2Q5uCkw lMxu81z5eeW32/6kS0YF3z7aZWe8uAtFSnVCOMD3GhZq9agx2TlWue6vn4M9SamW 3MjtMib8lBENr+ygtyktT1noGFLhweGiFYfqe/j+AsFY/Sf6gcNQFpYHc/dhMMVh 5f6kgG5A/W8vf+YIKaf9LlmDVrHna4QliNkc4eO90DBrDw7gLy07ZpLEekqZAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQURJQYaG1JCy/lUrkaqEx2V37NPAAwHwYDVR0j BBgwFoAUnunocV3nqZUnPSe9FvvzPcCc9lIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 ZGI5MjdkZi1iYzljLTRiZTYtYTFmYS0yZTEyNWM0NjlmNzEvMC85RUU5RTg3MTVE RTdBOTk1MjczRDI3QkQxNkZCRjMzREMwOUNGNjUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOUVFOUU4NzE1REU3QTk5NTI3M0QyN0JEMTZGQkYzM0RDMDlD RjY1Mi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzlkYjkyN2RmLWJjOWMtNGJlNi1h MWZhLTJlMTI1YzQ2OWY3MS8wLzMxMzYzMDJlMzIzMjJlMzYzNzJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzUzMjM4MzEzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKAWQzANBgkqhkiG 9w0BAQsFAAOCAQEABZMvQ6otafPZ/8XVwVvdkn1KZqMT8nX+Amz2jinr0UZwbRqv AxivVLOn4kF9gN5NQdaEe8slLsegGyDAu5Z5tbAsSngbn2s+fJOxxXp07rz12XgG hnpCtwwHsWb3Ko8fVYQPp6geq1QIeS9uEoUVzNq+pXB+728xDY9rCdoA+KKxBzbr egA5FYzshQ/rDmmJQT57BfRsIS0xCQwE0cov78EMmKjYFUKV7JBqZAV/DLkA2hkz wml+9W5sjYERKL0MjgDL3G6HqLK9ZPexsqY5gEYsSwnZO5466gcbeH5wTciwshJs SVQhmAgiiag62l86I6HvR8td5qVYgF2WUSHtIw== -----END CERTIFICATE-----Generated at Sun Jul 6 08:55:00 2025 by rpki-client