$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138352e302f32342d3234203d3e203338373835.roa File: 3132312e3130312e3138352e302f32342d3234203d3e203338373835.roa (raw, json) Hash identifier: kADPVhjKR2TSlyiLPxQ0miUTvXZPeeWVGY0lXhCRU+w= Subject key identifier: AD:B3:BB:6B:85:C4:40:3C:9C:7E:5E:6A:A8:4E:60:1C:24:48:C0:FE Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Certificate serial: 2CB3F61B6A83C1E88DE7D3C754558E007AE388D6 Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138352e302f32342d3234203d3e203338373835.roa Signing time: Thu 05 Mar 2026 05:00:03 +0000 ROA not before: Thu 05 Mar 2026 04:55:03 +0000 ROA not after: Thu 04 Mar 2027 05:00:03 +0000 asID: 38785 IP address blocks: 121.101.185.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 00:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:b3:f6:1b:6a:83:c1:e8:8d:e7:d3:c7:54:55:8e:00:7a:e3:88:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Validity Not Before: Mar 5 04:55:03 2026 GMT Not After : Mar 4 05:00:03 2027 GMT Subject: CN=ADB3BB6B85C4403C9C7E5E6AA84E601C2448C0FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3f:4e:5d:3d:64:35:8f:ed:41:e4:60:81:73: 2a:76:49:fb:3d:bf:72:5f:a1:55:a0:56:58:ac:70: ae:07:48:2f:df:7e:d6:95:a2:c3:e3:64:ea:25:4c: 10:e9:28:3e:04:74:88:24:ee:f7:73:42:3f:7d:5f: 4b:7e:98:ea:16:7e:da:cc:f5:b0:0f:80:7c:04:a5: 5a:3d:bd:9b:4e:4a:15:08:2b:9c:9a:a2:8a:09:03: de:14:f9:97:aa:e4:f1:87:f3:97:7a:71:27:54:53: 37:95:1a:3b:11:69:fd:2d:34:0d:f9:dc:5d:db:00: 44:f9:fd:5d:b4:f9:84:aa:4d:61:a7:0f:e6:18:68: c3:ef:08:be:52:bd:f3:7b:0b:49:2c:61:f0:44:40: 78:0f:a1:24:4c:78:aa:8c:fe:78:aa:a8:b6:0f:60: 4c:4c:1a:e8:84:7e:3f:8f:fa:b0:82:42:d2:10:07: 2b:f6:6a:c7:17:dc:ef:1c:a7:90:05:10:1b:28:92: b3:21:0f:1a:3d:24:b4:a2:ad:e0:03:91:0b:fc:0d: 5f:9c:8e:56:07:25:19:cb:05:6a:34:87:59:d1:42: c0:6a:b6:60:29:4f:30:a1:77:97:ab:3c:c2:55:4d: f6:5a:26:2f:5a:21:d1:f1:5f:f4:61:3d:8e:58:c6: ee:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:B3:BB:6B:85:C4:40:3C:9C:7E:5E:6A:A8:4E:60:1C:24:48:C0:FE X509v3 Authority Key Identifier: keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138352e302f32342d3234203d3e203338373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.101.185.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:57:c6:6e:56:ab:61:c7:3c:03:c5:6d:08:68:99:f6:84:03: 8e:c2:04:1e:44:70:fa:9f:96:2f:b4:95:f2:70:d6:bc:5a:0d: 98:e9:5d:b5:ec:07:5d:38:96:52:d8:83:3b:05:b1:e5:4d:b0: 85:88:25:0f:09:22:f3:1c:f8:3e:4e:bd:90:8f:35:c9:01:dc: 14:52:b6:29:2a:e6:13:51:c7:55:0c:12:45:60:33:2c:ee:5f: fa:8f:f5:20:9d:7f:0e:18:da:07:68:2c:7b:19:9c:1e:8a:f1: e7:04:d7:33:21:81:80:0c:8c:37:cd:d5:cb:e7:fd:1c:be:b3: e3:f8:ae:2e:c1:52:00:a0:2d:e1:b6:ba:2c:2d:60:aa:b5:12: 63:f3:38:1c:df:ba:51:cf:85:cc:78:ae:04:30:04:bc:bd:62: 06:eb:ab:1c:9f:4b:37:6d:eb:ab:14:c0:21:a0:fb:68:3d:a3: 2c:50:19:63:e4:59:78:48:52:bb:ad:4e:5d:fd:23:d7:2b:9d: 2d:4e:be:49:e6:ae:3d:1d:e3:02:8f:c5:4d:b3:4c:43:62:80: d2:be:55:92:02:fe:e0:6e:27:ac:4f:c5:8a:f9:aa:95:90:7c: 8d:c2:ae:01:23:27:84:9b:c4:b8:b7:76:61:1d:ec:73:95:e3: bb:e8:c9:b2 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIULLP2G2qDweiN59PHVFWOAHrjiNYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0 Q0MyODE2NDAeFw0yNjAzMDUwNDU1MDNaFw0yNzAzMDQwNTAwMDNaMDMxMTAvBgNV BAMTKEFEQjNCQjZCODVDNDQwM0M5QzdFNUU2QUE4NEU2MDFDMjQ0OEMwRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPP05dPWQ1j+1B5GCBcyp2Sfs9 v3JfoVWgVliscK4HSC/fftaVosPjZOolTBDpKD4EdIgk7vdzQj99X0t+mOoWftrM 9bAPgHwEpVo9vZtOShUIK5yaoooJA94U+Zeq5PGH85d6cSdUUzeVGjsRaf0tNA35 3F3bAET5/V20+YSqTWGnD+YYaMPvCL5SvfN7C0ksYfBEQHgPoSRMeKqM/niqqLYP YExMGuiEfj+P+rCCQtIQByv2ascX3O8cp5AFEBsokrMhDxo9JLSireADkQv8DV+c jlYHJRnLBWo0h1nRQsBqtmApTzChd5erPMJVTfZaJi9aIdHxX/RhPY5Yxu7hAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUrbO7a4XEQDycfl5qqE5gHCRIwP4wHwYDVR0j BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My ODE2NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1NzJkZmJlLTRjYTAtNGE0Ni04 MDM3LTQ5NjhlZDk3Y2FkYy8wLzMxMzIzMTJlMzEzMDMxMmUzMTM4MzUyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeWW5MA0GCSqG SIb3DQEBCwUAA4IBAQBaV8ZuVqthxzwDxW0IaJn2hAOOwgQeRHD6n5YvtJXycNa8 Wg2Y6V217AddOJZS2IM7BbHlTbCFiCUPCSLzHPg+Tr2QjzXJAdwUUrYpKuYTUcdV DBJFYDMs7l/6j/UgnX8OGNoHaCx7GZweivHnBNczIYGADIw3zdXL5/0cvrPj+K4u wVIAoC3htrosLWCqtRJj8zgc37pRz4XMeK4EMAS8vWIG66scn0s3beurFMAhoPto PaMsUBlj5Fl4SFK7rU5d/SPXK50tTr5J5q49HeMCj8VNs0xDYoDSvlWSAv7gbies T8WK+aqVkHyNwq4BIyeEm8S4t3ZhHexzleO76Mmy -----END CERTIFICATE-----Generated at Thu Mar 26 22:36:19 2026 by rpki-client