$ rpki-client -vvf repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/3230322e3138302e31302e302f32342d3234203d3e203338373539.roa File: 3230322e3138302e31302e302f32342d3234203d3e203338373539.roa (raw, json) Hash identifier: W3Rk8oMCIZrZG18jw5tK5o5kQjsEemd0y2JxL184dQU= Subject key identifier: 84:D0:AB:01:10:C5:AB:B6:88:F1:4D:89:78:0B:90:0E:2A:2C:18:97 Certificate issuer: /CN=42042E672B688C3072FD4743B3E7DD81EC7CA306 Certificate serial: 5904058FACA9BBD635EBFC655511A75A69519835 Authority key identifier: 42:04:2E:67:2B:68:8C:30:72:FD:47:43:B3:E7:DD:81:EC:7C:A3:06 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/42042E672B688C3072FD4743B3E7DD81EC7CA306.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/3230322e3138302e31302e302f32342d3234203d3e203338373539.roa Signing time: Tue 17 Jun 2025 14:00:00 +0000 ROA not before: Tue 17 Jun 2025 13:55:00 +0000 ROA not after: Tue 16 Jun 2026 14:00:00 +0000 asID: 38759 IP address blocks: 202.180.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/42042E672B688C3072FD4743B3E7DD81EC7CA306.crl rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/42042E672B688C3072FD4743B3E7DD81EC7CA306.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/42042E672B688C3072FD4743B3E7DD81EC7CA306.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 20:49:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:04:05:8f:ac:a9:bb:d6:35:eb:fc:65:55:11:a7:5a:69:51:98:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42042E672B688C3072FD4743B3E7DD81EC7CA306 Validity Not Before: Jun 17 13:55:00 2025 GMT Not After : Jun 16 14:00:00 2026 GMT Subject: CN=84D0AB0110C5ABB688F14D89780B900E2A2C1897 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:55:10:ea:70:63:61:c4:51:95:ad:21:6e:32: a7:17:b3:66:49:0a:eb:01:b8:07:ea:59:68:f9:a1: 24:4b:b5:dd:55:b3:fb:f3:bb:2a:4a:25:07:33:65: 07:ef:b2:35:1e:b0:ef:98:aa:b7:fb:e0:cf:65:0c: 60:50:f8:5d:6d:cf:18:19:28:f2:cf:a1:f6:58:ba: af:a8:ca:85:df:41:e9:ec:8d:ba:56:dc:12:5d:bf: 5f:90:47:9b:e9:89:d0:54:c9:25:c6:d8:43:1e:16: ab:2a:36:92:d1:e0:14:23:71:a3:0d:cb:b3:3a:25: 1e:94:c7:12:ad:ff:c3:17:f9:d2:2a:cb:b2:42:70: 20:fc:97:d7:87:c8:7b:59:09:b1:b1:08:3a:ba:79: 36:7b:b9:85:9d:0d:5c:1a:27:e6:49:ae:3d:56:1a: e7:71:b6:02:62:76:a3:36:89:93:ac:21:1c:81:30: db:0f:6f:9c:96:4f:02:89:a6:08:d8:56:09:d6:67: 19:c0:ef:cd:f8:7b:1c:83:18:3b:a2:6c:89:87:da: 3b:f7:81:12:5b:d5:27:9d:0d:2b:0a:33:4e:6e:12: 6e:dd:5b:0e:15:83:8d:ce:9a:73:bd:03:b9:1b:b7: 39:7b:fd:e8:a6:8c:46:9f:02:31:df:96:ee:87:65: d8:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:D0:AB:01:10:C5:AB:B6:88:F1:4D:89:78:0B:90:0E:2A:2C:18:97 X509v3 Authority Key Identifier: keyid:42:04:2E:67:2B:68:8C:30:72:FD:47:43:B3:E7:DD:81:EC:7C:A3:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/42042E672B688C3072FD4743B3E7DD81EC7CA306.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/42042E672B688C3072FD4743B3E7DD81EC7CA306.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a12f228c-df20-4728-9f96-8faa1340017a/0/3230322e3138302e31302e302f32342d3234203d3e203338373539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.180.10.0/24 Signature Algorithm: sha256WithRSAEncryption 35:79:8c:bd:f6:b4:fe:34:75:b2:87:c4:ea:3c:10:fe:f4:cc: ce:77:3d:0a:fa:7d:aa:4d:63:e7:1c:b4:5c:d9:6a:7c:c0:04: ac:0c:39:83:a0:3c:19:19:99:ab:e1:41:5b:cf:fd:34:ad:d7: ff:24:f5:12:89:21:fa:ae:05:ec:86:c1:a8:a0:10:cd:67:87: f5:12:53:56:20:cc:da:10:b1:b4:9f:74:13:75:f7:85:fc:64: ba:86:e7:f4:77:98:1a:d1:9f:ab:9e:a3:87:bb:5c:86:55:8d: df:d8:9d:63:58:02:8f:0e:4a:fd:a2:c5:27:5f:0b:22:fa:84: 5e:5d:7a:ac:22:18:2d:7f:d5:ee:fa:40:c2:62:b3:fe:1b:b4: 31:2d:31:5d:51:09:6c:a7:be:7f:26:f4:84:9c:bf:96:37:09: cd:42:6c:eb:35:20:65:f0:ea:ea:ee:b1:10:3b:37:01:18:51: 7b:39:81:bc:00:9e:6b:93:d1:4a:f1:61:67:57:5c:a7:7b:56: 25:bf:be:94:d4:fc:d0:af:e4:2a:03:21:42:67:ef:54:9d:f7: ab:c1:8e:b9:1c:1a:61:14:9e:63:e2:9e:59:a5:28:f6:d6:f3: 22:ec:0d:63:fa:64:2f:b3:46:43:b9:36:2d:55:1d:e5:9f:9a: 70:18:20:7e -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUWQQFj6ypu9Y16/xlVRGnWmlRmDUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDIwNDJFNjcyQjY4OEMzMDcyRkQ0NzQzQjNFN0REODFF QzdDQTMwNjAeFw0yNTA2MTcxMzU1MDBaFw0yNjA2MTYxNDAwMDBaMDMxMTAvBgNV BAMTKDg0RDBBQjAxMTBDNUFCQjY4OEYxNEQ4OTc4MEI5MDBFMkEyQzE4OTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKVRDqcGNhxFGVrSFuMqcXs2ZJ CusBuAfqWWj5oSRLtd1Vs/vzuypKJQczZQfvsjUesO+Yqrf74M9lDGBQ+F1tzxgZ KPLPofZYuq+oyoXfQensjbpW3BJdv1+QR5vpidBUySXG2EMeFqsqNpLR4BQjcaMN y7M6JR6UxxKt/8MX+dIqy7JCcCD8l9eHyHtZCbGxCDq6eTZ7uYWdDVwaJ+ZJrj1W GudxtgJidqM2iZOsIRyBMNsPb5yWTwKJpgjYVgnWZxnA7834exyDGDuibImH2jv3 gRJb1SedDSsKM05uEm7dWw4Vg43OmnO9A7kbtzl7/eimjEafAjHflu6HZdilAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUhNCrARDFq7aI8U2JeAuQDiosGJcwHwYDVR0j BBgwFoAUQgQuZytojDBy/UdDs+fdgex8owYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MTJmMjI4Yy1kZjIwLTQ3MjgtOWY5Ni04ZmFhMTM0MDAxN2EvMC80MjA0MkU2NzJC Njg4QzMwNzJGRDQ3NDNCM0U3REQ4MUVDN0NBMzA2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDIwNDJFNjcyQjY4OEMzMDcyRkQ0NzQzQjNFN0REODFFQzdD QTMwNi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExMmYyMjhjLWRmMjAtNDcyOC05 Zjk2LThmYWExMzQwMDE3YS8wLzMyMzAzMjJlMzEzODMwMmUzMTMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzUzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMq0CjANBgkqhkiG 9w0BAQsFAAOCAQEANXmMvfa0/jR1sofE6jwQ/vTMznc9Cvp9qk1j5xy0XNlqfMAE rAw5g6A8GRmZq+FBW8/9NK3X/yT1Eokh+q4F7IbBqKAQzWeH9RJTViDM2hCxtJ90 E3X3hfxkuobn9HeYGtGfq56jh7tchlWN39idY1gCjw5K/aLFJ18LIvqEXl16rCIY LX/V7vpAwmKz/hu0MS0xXVEJbKe+fyb0hJy/ljcJzUJs6zUgZfDq6u6xEDs3ARhR ezmBvACea5PRSvFhZ1dcp3tWJb++lNT80K/kKgMhQmfvVJ33q8GOuRwaYRSeY+Ke WaUo9tbzIuwNY/pkL7NGQ7k2LVUd5Z+acBggfg== -----END CERTIFICATE-----Generated at Mon Jun 30 13:40:51 2025 by rpki-client