$ rpki-client -vvf repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139372e302f32342d3234203d3e20313533313037.roa File: 3136302e32352e3139372e302f32342d3234203d3e20313533313037.roa (raw, json) Hash identifier: xdI7HWpC7S6F3YsdhXQZOI+Bb5mAqBVyTqf6Y1GJCkg= Subject key identifier: 6B:82:1F:CB:72:5D:FB:18:A3:98:FE:E6:6F:D4:74:15:81:60:4B:35 Certificate issuer: /CN=4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659 Certificate serial: 43AAC26C9A3AD798A5DF9CBD54B2F9F552646CC3 Authority key identifier: 4A:CE:0A:DD:BB:5B:F3:B4:9B:1C:DA:5A:23:10:CF:06:B3:34:A6:59 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139372e302f32342d3234203d3e20313533313037.roa Signing time: Tue 23 Sep 2025 07:01:16 +0000 ROA not before: Tue 23 Sep 2025 06:56:16 +0000 ROA not after: Tue 22 Sep 2026 07:01:16 +0000 asID: 153107 IP address blocks: 160.25.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.crl rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:aa:c2:6c:9a:3a:d7:98:a5:df:9c:bd:54:b2:f9:f5:52:64:6c:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659 Validity Not Before: Sep 23 06:56:16 2025 GMT Not After : Sep 22 07:01:16 2026 GMT Subject: CN=6B821FCB725DFB18A398FEE66FD4741581604B35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a5:e1:cd:c9:4e:f7:d4:67:b6:3e:1a:30:86: 60:67:ba:69:78:40:5e:e4:cf:72:bd:c3:b1:bf:16: e0:b6:7e:64:4f:3b:79:99:5a:a0:b1:17:05:4c:05: 18:47:1c:b9:13:40:b1:68:13:42:0d:ff:30:06:5f: 97:f2:6e:19:eb:05:cc:8d:e4:b0:a0:00:03:a4:ab: 98:98:4a:1a:96:c4:01:fd:51:92:fd:a4:44:29:64: 65:17:d5:20:48:26:a9:49:53:39:51:12:5a:03:2d: 3d:d7:12:57:52:a1:28:1f:c0:c6:72:2f:a2:67:4c: 24:ac:f6:62:77:23:e2:8e:f6:7f:9a:ce:e6:a9:82: e4:e3:30:cb:f4:bc:80:3e:99:98:b6:8b:36:7b:03: 37:3d:fa:27:fc:13:f2:68:91:5b:1c:4b:f8:5e:fa: c1:bd:59:03:8a:99:16:71:72:8e:9d:71:84:dc:79: 1d:f8:81:ca:64:ae:f4:a6:f9:74:45:60:99:51:66: 43:2d:5e:af:f6:31:e9:79:dc:e9:85:59:41:6d:3e: 1b:fd:b2:49:bc:51:ec:a2:a9:69:f4:98:5e:d6:3a: 50:dd:11:e6:6e:7b:52:a5:34:c9:e0:57:00:be:aa: b1:7b:bc:4e:0d:8f:f8:f2:7b:e2:d2:5d:b6:bd:6d: 70:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:82:1F:CB:72:5D:FB:18:A3:98:FE:E6:6F:D4:74:15:81:60:4B:35 X509v3 Authority Key Identifier: keyid:4A:CE:0A:DD:BB:5B:F3:B4:9B:1C:DA:5A:23:10:CF:06:B3:34:A6:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/4ACE0ADDBB5BF3B49B1CDA5A2310CF06B334A659.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bb69d667-17a4-4fdd-9c57-1122033ef999/0/3136302e32352e3139372e302f32342d3234203d3e20313533313037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.197.0/24 Signature Algorithm: sha256WithRSAEncryption 03:97:d4:0a:1b:f9:79:5d:40:5b:98:bf:9c:d5:73:e4:2f:e7: 03:e0:25:07:70:44:cc:48:3b:e1:03:8e:9d:4c:fe:42:f4:f1: 25:02:ae:0e:2f:4b:34:31:5b:6c:1f:38:84:e2:52:0f:7a:ea: 05:e8:07:72:02:8d:2c:db:83:ac:80:f5:f6:29:56:20:f0:ab: 81:a5:e6:a1:4a:59:ce:82:ff:ee:06:90:bd:82:e5:2c:c8:9f: a0:1b:9f:39:4b:39:15:58:d8:f1:9a:d0:a6:73:84:6c:ca:d9: 98:33:16:6c:be:40:06:af:85:5f:ec:a4:c7:ed:1a:f3:f4:65: 69:36:72:4a:b0:a7:c7:45:2d:ad:ff:63:d0:bb:e3:75:be:4d: 07:ad:b5:bb:2a:6a:f3:c4:88:5c:48:eb:c1:09:da:11:3b:8b: 16:3c:98:f5:e6:df:3b:04:3e:8e:8e:9c:63:20:69:3f:12:2c: 89:cc:9e:61:ad:a2:70:c6:8b:76:0d:9b:5a:9a:ba:45:44:8f: 3c:16:05:c2:23:bc:13:0a:af:d4:a3:24:34:6e:07:92:cc:20: 43:bc:3d:9c:5f:a7:de:b4:71:df:a3:30:b3:99:4a:c0:d3:ba: f0:23:6f:e1:1d:65:71:42:95:0b:11:c5:2f:c6:3f:c3:ab:14: 7a:f7:36:7a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQ6rCbJo615il35y9VLL59VJkbMMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEFDRTBBRERCQjVCRjNCNDlCMUNEQTVBMjMxMENGMDZC MzM0QTY1OTAeFw0yNTA5MjMwNjU2MTZaFw0yNjA5MjIwNzAxMTZaMDMxMTAvBgNV BAMTKDZCODIxRkNCNzI1REZCMThBMzk4RkVFNjZGRDQ3NDE1ODE2MDRCMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTpeHNyU731Ge2PhowhmBnuml4 QF7kz3K9w7G/FuC2fmRPO3mZWqCxFwVMBRhHHLkTQLFoE0IN/zAGX5fybhnrBcyN 5LCgAAOkq5iYShqWxAH9UZL9pEQpZGUX1SBIJqlJUzlREloDLT3XEldSoSgfwMZy L6JnTCSs9mJ3I+KO9n+azuapguTjMMv0vIA+mZi2izZ7Azc9+if8E/JokVscS/he +sG9WQOKmRZxco6dcYTceR34gcpkrvSm+XRFYJlRZkMtXq/2Mel53OmFWUFtPhv9 skm8UeyiqWn0mF7WOlDdEeZue1KlNMngVwC+qrF7vE4Nj/jye+LSXba9bXCPAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUa4Ify3Jd+xijmP7mb9R0FYFgSzUwHwYDVR0j BBgwFoAUSs4K3btb87SbHNpaIxDPBrM0plkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YjY5ZDY2Ny0xN2E0LTRmZGQtOWM1Ny0xMTIyMDMzZWY5OTkvMC80QUNFMEFEREJC NUJGM0I0OUIxQ0RBNUEyMzEwQ0YwNkIzMzRBNjU5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNEFDRTBBRERCQjVCRjNCNDlCMUNEQTVBMjMxMENGMDZCMzM0 QTY1OS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiNjlkNjY3LTE3YTQtNGZkZC05 YzU3LTExMjIwMzNlZjk5OS8wLzMxMzYzMDJlMzIzNTJlMzEzOTM3MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzEzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBnFMA0GCSqG SIb3DQEBCwUAA4IBAQADl9QKG/l5XUBbmL+c1XPkL+cD4CUHcETMSDvhA46dTP5C 9PElAq4OL0s0MVtsHziE4lIPeuoF6AdyAo0s24OsgPX2KVYg8KuBpeahSlnOgv/u BpC9guUsyJ+gG585SzkVWNjxmtCmc4RsytmYMxZsvkAGr4Vf7KTH7Rrz9GVpNnJK sKfHRS2t/2PQu+N1vk0HrbW7KmrzxIhcSOvBCdoRO4sWPJj15t87BD6OjpxjIGk/ EiyJzJ5hraJwxot2DZtamrpFRI88FgXCI7wTCq/UoyQ0bgeSzCBDvD2cX6fetHHf ozCzmUrA07rwI2/hHWVxQpULEcUvxj/DqxR69zZ6 -----END CERTIFICATE-----Generated at Tue Oct 21 00:13:21 2025 by rpki-client