$ rpki-client -vvf repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139362e302f32342d3234203d3e20313533313037.roa File: 3136302e32352e3139362e302f32342d3234203d3e20313533313037.roa (raw, json) Hash identifier: WXQWW4Wi6xrEbWBjUR+QMjICoHgwf/HhAfAnKsJzlws= Subject key identifier: A1:E1:32:7F:5D:77:ED:86:D2:2C:56:DD:04:9C:E1:6C:A0:85:70:C2 Certificate issuer: /CN=4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659 Certificate serial: 28401FAC3F60321CB6747588F9E6F45894C8EAE9 Authority key identifier: 4A:CE:0A:DD:BB:5B:F3:B4:9B:1C:DA:5A:23:10:CF:06:B3:34:A6:59 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139362e302f32342d3234203d3e20313533313037.roa Signing time: Tue 23 Sep 2025 07:01:16 +0000 ROA not before: Tue 23 Sep 2025 06:56:16 +0000 ROA not after: Tue 22 Sep 2026 07:01:16 +0000 asID: 153107 IP address blocks: 160.25.196.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.crl rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:40:1f:ac:3f:60:32:1c:b6:74:75:88:f9:e6:f4:58:94:c8:ea:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659 Validity Not Before: Sep 23 06:56:16 2025 GMT Not After : Sep 22 07:01:16 2026 GMT Subject: CN=A1E1327F5D77ED86D22C56DD049CE16CA08570C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:11:ca:83:fc:2d:e4:da:bb:ea:d8:71:6a:2b: b9:c9:aa:e7:05:ab:8a:e2:6f:6c:90:3a:46:1a:f4: 3e:20:06:52:2f:cf:f8:12:4a:78:f2:2f:ef:f8:00: 2b:07:b7:75:03:81:02:15:53:60:15:ec:c0:b5:4d: 8b:19:0e:ec:59:46:10:a9:e5:b2:87:35:ed:f8:51: bb:ae:65:53:74:b2:d6:9d:d5:ea:bf:64:8d:d7:c6: 16:0f:41:54:83:a9:c5:d3:47:ca:01:bf:2f:00:2a: 5c:90:ad:4e:f6:29:36:2b:1e:96:3b:b3:f9:87:eb: 3e:68:57:c0:29:31:fe:66:fb:08:64:e8:40:71:80: 6a:af:4a:e5:55:24:77:80:1f:39:c5:22:13:94:80: b2:30:9f:46:37:b9:2f:10:5e:bc:ca:9a:d0:5f:e4: 3d:d5:e2:7e:32:fa:25:4a:c5:67:07:f4:a1:d4:3f: e7:67:76:4d:c0:1d:24:bc:db:85:e3:1d:3e:2d:b3: cf:cc:24:e2:ff:ea:cf:1c:72:bc:e2:76:c5:1f:65: 79:c3:9f:eb:77:73:c7:7f:4a:c3:95:78:2b:d8:f9: 14:23:08:d7:9e:09:fd:eb:bc:8f:93:cd:e2:23:fe: c9:c5:b3:9f:96:03:76:c7:f3:2b:a8:71:01:21:73: 28:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:E1:32:7F:5D:77:ED:86:D2:2C:56:DD:04:9C:E1:6C:A0:85:70:C2 X509v3 Authority Key Identifier: keyid:4A:CE:0A:DD:BB:5B:F3:B4:9B:1C:DA:5A:23:10:CF:06:B3:34:A6:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139362e302f32342d3234203d3e20313533313037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.196.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:43:bb:1a:59:fc:0c:90:60:3f:6c:af:43:19:dd:82:71:8f: d4:6b:4e:c4:72:89:1d:08:d4:6f:0d:df:ec:a4:b8:06:86:05: 4d:f8:9f:b1:e4:54:69:a7:0b:a9:f6:d5:eb:d1:66:45:6d:59: 1e:fe:f7:72:f7:35:b6:03:7f:35:b0:4d:a4:33:ba:0e:89:7c: 35:2a:cd:70:bb:a0:33:17:7c:91:78:e1:74:e5:ea:2e:cc:16: 85:24:fd:e2:8f:b7:3e:a1:f4:af:30:57:d8:1a:d6:69:e1:bf: 07:ad:01:c3:1d:fb:23:59:51:ce:63:35:64:9b:6c:1a:24:17: 65:51:ff:f3:b7:d4:08:80:bd:f0:c5:66:a7:a1:72:2f:f7:b7: 5a:1d:59:14:63:7a:97:c9:30:bd:27:cc:7c:03:ae:be:fc:71: 23:77:ba:e2:3f:95:ec:25:36:5a:1d:f1:da:b0:46:c6:52:d5: 41:27:43:11:13:d4:0e:13:ff:c8:cc:06:85:f8:a7:64:19:fd: 14:2f:4a:1f:71:0c:ef:72:40:60:6e:b0:e3:cf:9b:0e:22:08: 97:d2:03:51:e6:02:05:20:e2:e3:f2:06:09:6a:56:09:e8:3d: a2:bd:0a:b3:b6:ad:91:69:a4:26:ce:97:64:85:7a:46:b4:18: a4:15:6c:13 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUKEAfrD9gMhy2dHWI+eb0WJTI6ukwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFDRTBBRERCQjVCRjNCNDlCMUNEQTVBMjMxMENGMDZC MzM0QTY1OTAeFw0yNTA5MjMwNjU2MTZaFw0yNjA5MjIwNzAxMTZaMDMxMTAvBgNV BAMTKEExRTEzMjdGNUQ3N0VEODZEMjJDNTZERDA0OUNFMTZDQTA4NTcwQzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEEcqD/C3k2rvq2HFqK7nJqucF q4rib2yQOkYa9D4gBlIvz/gSSnjyL+/4ACsHt3UDgQIVU2AV7MC1TYsZDuxZRhCp 5bKHNe34UbuuZVN0stad1eq/ZI3XxhYPQVSDqcXTR8oBvy8AKlyQrU72KTYrHpY7 s/mH6z5oV8ApMf5m+whk6EBxgGqvSuVVJHeAHznFIhOUgLIwn0Y3uS8QXrzKmtBf 5D3V4n4y+iVKxWcH9KHUP+dndk3AHSS824XjHT4ts8/MJOL/6s8ccrzidsUfZXnD n+t3c8d/SsOVeCvY+RQjCNeeCf3rvI+TzeIj/snFs5+WA3bH8yuocQEhcyglAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUoeEyf1137YbSLFbdBJzhbKCFcMIwHwYDVR0j BBgwFoAUSs4K3btb87SbHNpaIxDPBrM0plkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YjY5ZDY2Ny0xN2E0LTRmZGQtOWM1Ny0xMTIyMDMzZWY5OTkvMC80QUNFMEFEREJC NUJGM0I0OUIxQ0RBNUEyMzEwQ0YwNkIzMzRBNjU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNEFDRTBBRERCQjVCRjNCNDlCMUNEQTVBMjMxMENGMDZCMzM0 QTY1OS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiNjlkNjY3LTE3YTQtNGZkZC05 YzU3LTExMjIwMzNlZjk5OS8wLzMxMzYzMDJlMzIzNTJlMzEzOTM2MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzEzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBnEMA0GCSqG SIb3DQEBCwUAA4IBAQCNQ7saWfwMkGA/bK9DGd2CcY/Ua07EcokdCNRvDd/spLgG hgVN+J+x5FRppwup9tXr0WZFbVke/vdy9zW2A381sE2kM7oOiXw1Ks1wu6AzF3yR eOF05eouzBaFJP3ij7c+ofSvMFfYGtZp4b8HrQHDHfsjWVHOYzVkm2waJBdlUf/z t9QIgL3wxWanoXIv97daHVkUY3qXyTC9J8x8A66+/HEjd7riP5XsJTZaHfHasEbG UtVBJ0MRE9QOE//IzAaF+KdkGf0UL0ofcQzvckBgbrDjz5sOIgiX0gNR5gIFIOLj 8gYJalYJ6D2ivQqztq2RaaQmzpdkhXpGtBikFWwT -----END CERTIFICATE-----Generated at Tue Oct 21 00:08:34 2025 by rpki-client