$ rpki-client -vvf repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa File: 3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa (raw, json) Hash identifier: cAXi7QLRcU3xQealltM+krJDl+01MknkHHhrGkik9hw= Subject key identifier: 52:8B:89:CF:A1:75:C3:4E:B8:0C:D1:54:8B:A7:67:64:17:4C:7C:75 Certificate issuer: /CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Certificate serial: 2D6404279A5FDE75614B69AD3A96F4D96655CF7A Authority key identifier: 33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa Signing time: Thu 05 Mar 2026 05:00:04 +0000 ROA not before: Thu 05 Mar 2026 04:55:04 +0000 ROA not after: Thu 04 Mar 2027 05:00:04 +0000 asID: 38785 IP address blocks: 121.101.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 00:21:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:64:04:27:9a:5f:de:75:61:4b:69:ad:3a:96:f4:d9:66:55:cf:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3308A0FBD29F359AD61CAA389208E1D74CC28164 Validity Not Before: Mar 5 04:55:04 2026 GMT Not After : Mar 4 05:00:04 2027 GMT Subject: CN=528B89CFA175C34EB80CD1548BA76764174C7C75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:09:02:e3:29:66:93:c4:bd:e7:2d:1b:c9:c3: fc:bd:99:f8:cd:b0:c1:2e:16:78:03:d3:d2:f3:3e: ac:d0:23:ad:79:a8:22:54:26:bc:6c:b9:3a:8c:60: 72:d8:58:25:d0:c9:e1:72:16:43:bc:a9:8a:b8:f8: 50:d2:b3:7e:63:8f:41:6a:6d:3e:ff:8f:36:ff:c3: 65:33:d5:1e:4f:f3:fa:68:0b:5d:28:7f:67:b9:17: b7:01:77:3d:37:70:43:bd:7f:cb:f6:2c:f4:3d:e3: 78:b6:a7:02:01:09:7c:df:2b:70:e7:7a:08:76:5c: 7c:8c:72:74:bf:36:f4:80:7f:33:0b:3b:60:6b:25: 3c:c3:6b:e1:2a:e7:df:da:58:f1:41:bf:da:ea:b8: d4:58:13:99:07:33:4f:d4:80:5e:b7:ce:67:ee:b5: 65:b0:3d:80:ff:87:cf:51:a6:3d:3f:ce:9a:15:63: 8f:af:8a:30:73:b8:9e:e0:8a:ef:76:70:c9:7c:88: 7b:6d:76:d9:d5:87:b0:09:a6:26:6e:c2:e7:75:8e: d4:8a:27:21:84:00:a9:fe:91:ac:14:40:53:0a:08: 7f:23:94:df:fc:24:5b:db:06:6c:4b:85:5e:c6:6d: 4d:9f:3e:2e:60:6c:d0:39:44:d5:f3:d2:90:8b:67: 98:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:8B:89:CF:A1:75:C3:4E:B8:0C:D1:54:8B:A7:67:64:17:4C:7C:75 X509v3 Authority Key Identifier: keyid:33:08:A0:FB:D2:9F:35:9A:D6:1C:AA:38:92:08:E1:D7:4C:C2:81:64 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3308A0FBD29F359AD61CAA389208E1D74CC28164.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3308A0FBD29F359AD61CAA389208E1D74CC28164.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a572dfbe-4ca0-4a46-8037-4968ed97cadc/0/3132312e3130312e3138392e302f32342d3234203d3e203338373835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.101.189.0/24 Signature Algorithm: sha256WithRSAEncryption b2:51:91:90:af:a0:d1:82:13:9f:f9:4b:c4:ba:c7:04:30:d0: 2d:cc:e4:00:da:fe:f2:8f:4e:2c:11:0a:ac:05:fc:47:36:0a: 50:45:8a:90:44:c3:8b:9e:e8:8c:34:03:09:8a:01:5b:79:da: 34:ce:a5:0c:4e:85:96:0d:38:39:e4:f4:6b:c4:d0:ea:b9:6a: 2e:b9:bb:e4:5b:bc:61:cb:49:0e:2e:ce:0d:a3:ec:e8:5b:6f: 9c:7e:89:65:cc:bc:d3:2b:e5:5e:bc:14:49:76:64:55:b5:89: 09:2d:b9:5c:af:b8:49:80:86:ee:57:37:8e:48:b2:e0:2c:df: ba:06:20:e1:ec:e4:95:aa:a8:a9:a8:e9:cd:77:00:a3:ce:77: a5:18:30:11:c0:ae:c0:42:50:b7:9a:32:9e:40:fb:72:d6:ee: 2a:8d:11:46:c6:fa:28:cc:f8:13:24:db:22:78:8d:8a:b0:d1: d9:5d:3e:ea:f2:12:80:3d:52:bf:ef:61:44:96:b3:a0:2c:ae: 0f:3d:3e:fa:3c:e0:99:c0:aa:d7:ec:98:a4:d1:4f:f0:d3:74: 67:b2:f0:73:51:7f:8e:49:dd:70:91:db:cc:ac:ce:ea:8c:02: c4:af:b2:52:03:14:b2:12:08:03:8d:b5:98:5a:57:7b:2b:b7: 2b:5b:54:d2 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIULWQEJ5pf3nVhS2mtOpb02WZVz3owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0 Q0MyODE2NDAeFw0yNjAzMDUwNDU1MDRaFw0yNzAzMDQwNTAwMDRaMDMxMTAvBgNV BAMTKDUyOEI4OUNGQTE3NUMzNEVCODBDRDE1NDhCQTc2NzY0MTc0QzdDNzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGCQLjKWaTxL3nLRvJw/y9mfjN sMEuFngD09LzPqzQI615qCJUJrxsuTqMYHLYWCXQyeFyFkO8qYq4+FDSs35jj0Fq bT7/jzb/w2Uz1R5P8/poC10of2e5F7cBdz03cEO9f8v2LPQ943i2pwIBCXzfK3Dn egh2XHyMcnS/NvSAfzMLO2BrJTzDa+Eq59/aWPFBv9rquNRYE5kHM0/UgF63zmfu tWWwPYD/h89Rpj0/zpoVY4+vijBzuJ7giu92cMl8iHttdtnVh7AJpiZuwud1jtSK JyGEAKn+kawUQFMKCH8jlN/8JFvbBmxLhV7GbU2fPi5gbNA5RNXz0pCLZ5i/AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUUouJz6F1w064DNFUi6dnZBdMfHUwHwYDVR0j BBgwFoAUMwig+9KfNZrWHKo4kgjh10zCgWQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NTcyZGZiZS00Y2EwLTRhNDYtODAzNy00OTY4ZWQ5N2NhZGMvMC8zMzA4QTBGQkQy OUYzNTlBRDYxQ0FBMzg5MjA4RTFENzRDQzI4MTY0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzMwOEEwRkJEMjlGMzU5QUQ2MUNBQTM4OTIwOEUxRDc0Q0My ODE2NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1NzJkZmJlLTRjYTAtNGE0Ni04 MDM3LTQ5NjhlZDk3Y2FkYy8wLzMxMzIzMTJlMzEzMDMxMmUzMTM4MzkyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzczODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAeWW9MA0GCSqG SIb3DQEBCwUAA4IBAQCyUZGQr6DRghOf+UvEuscEMNAtzOQA2v7yj04sEQqsBfxH NgpQRYqQRMOLnuiMNAMJigFbedo0zqUMToWWDTg55PRrxNDquWouubvkW7xhy0kO Ls4No+zoW2+cfollzLzTK+VevBRJdmRVtYkJLblcr7hJgIbuVzeOSLLgLN+6BiDh 7OSVqqipqOnNdwCjznelGDARwK7AQlC3mjKeQPty1u4qjRFGxvoozPgTJNsieI2K sNHZXT7q8hKAPVK/72FElrOgLK4PPT76POCZwKrX7Jik0U/w03RnsvBzUX+OSd1w kdvMrM7qjALEr7JSAxSyEggDjbWYWld7K7crW1TS -----END CERTIFICATE-----Generated at Thu Mar 26 22:38:19 2026 by rpki-client