$ rpki-client -vvf repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/3136302e32302e3235302e302f32342d3234203d3e20313532383132.roa File: 3136302e32302e3235302e302f32342d3234203d3e20313532383132.roa (raw, json) Hash identifier: TgOS2DIzKKN1li7GhbP8QE2EiuFzEQeHETrSLQ8zd80= Subject key identifier: 7D:35:D1:2E:B3:8A:5C:81:B2:0A:EB:D5:B0:D2:26:FB:CD:09:E3:1B Certificate issuer: /CN=23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C Certificate serial: 61F2B3FE47BD993C008E5B67F931B5D105985024 Authority key identifier: 23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/3136302e32302e3235302e302f32342d3234203d3e20313532383132.roa Signing time: Tue 23 Sep 2025 05:01:00 +0000 ROA not before: Tue 23 Sep 2025 04:56:00 +0000 ROA not after: Tue 22 Sep 2026 05:01:00 +0000 asID: 152812 IP address blocks: 160.20.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.crl rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 21:16:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:f2:b3:fe:47:bd:99:3c:00:8e:5b:67:f9:31:b5:d1:05:98:50:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C Validity Not Before: Sep 23 04:56:00 2025 GMT Not After : Sep 22 05:01:00 2026 GMT Subject: CN=7D35D12EB38A5C81B20AEBD5B0D226FBCD09E31B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9c:12:4d:8d:83:c1:50:f9:b7:54:21:b0:7b: fc:51:73:ef:a0:fc:8c:f6:80:7f:9a:2f:37:21:08: ce:23:2a:40:10:6d:0d:64:8a:2b:c2:06:79:aa:72: db:f6:ab:00:60:7c:ab:85:9a:cd:0e:75:80:91:ab: cd:6e:a7:13:f5:81:3c:cb:dd:34:68:3b:16:67:4f: ba:3e:6f:4e:29:d3:cc:5b:f0:33:ee:4f:ba:22:43: fa:d1:dd:d5:78:f9:c7:4d:2b:07:1e:a5:9a:c5:90: 26:e2:d0:78:3f:e6:89:5b:96:ce:59:c0:99:b6:53: 2d:a7:26:0b:b5:20:5c:67:fd:82:ae:b1:14:38:08: 38:52:90:18:88:c9:47:e6:1c:3f:09:e0:87:25:47: 5c:0e:80:44:5b:33:89:13:8d:02:a1:e2:c7:e2:48: 15:52:bd:55:4e:b0:7f:15:5f:bd:b5:82:97:91:bf: 93:28:a5:c0:1b:33:cf:ee:42:aa:83:56:61:07:06: 7b:77:8e:34:b8:df:62:ca:fc:87:b5:bf:9a:90:3d: 12:d6:35:80:d2:2a:03:ba:8d:3d:6e:53:83:f5:8a: f5:71:cb:23:ec:d6:a5:b6:b9:34:ae:e9:50:b4:4f: e1:67:22:03:03:5a:4b:f0:df:9b:27:3c:06:2d:37: 31:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:35:D1:2E:B3:8A:5C:81:B2:0A:EB:D5:B0:D2:26:FB:CD:09:E3:1B X509v3 Authority Key Identifier: keyid:23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/3136302e32302e3235302e302f32342d3234203d3e20313532383132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.250.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:43:a0:d3:d1:de:d9:72:8d:35:41:7d:37:68:89:3b:b8:21: 6a:0f:67:93:d5:fb:9d:17:b6:92:68:e4:86:f6:1c:39:84:e2: 47:e4:ea:0e:62:9b:9c:aa:12:b0:37:be:2c:0e:69:be:f2:dd: 59:67:7d:74:2b:ca:e0:19:9a:39:e9:1e:41:69:54:99:55:2a: 9a:a1:ef:ed:83:d5:aa:a7:2e:1e:cf:7e:ad:54:53:c8:06:a4: 29:3f:33:d8:a9:3a:da:e7:db:7e:ab:e3:86:7f:a6:91:ff:b1: 07:43:7f:2f:95:a3:7e:e8:f6:81:07:0a:4f:9b:8a:c6:35:ab: 27:64:60:6a:80:ef:73:14:ac:4e:2a:60:aa:ea:91:aa:41:53: 45:4b:4b:74:be:42:71:bc:9d:f0:be:0c:90:6e:fc:3a:dc:76: a8:71:c0:05:bb:dd:cc:b2:f2:0d:62:a0:b0:53:bf:24:41:44: 09:2c:a7:89:ad:c1:ee:1e:68:50:c0:49:f7:d9:7a:72:83:b3: 47:82:d2:67:87:f9:99:fa:81:7a:f5:e2:9f:b7:21:b5:11:20: ec:60:73:2a:35:3c:34:d7:b0:61:5f:20:a0:56:32:21:f0:71: bc:4b:53:bc:ad:18:f9:00:05:60:af:09:9c:d7:71:c0:9e:b4: 7d:81:8b:e5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYfKz/ke9mTwAjltn+TG10QWYUCQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjNCRThDRUE2MTk0MDZGOUQ4NjBCMUY5N0VFOEY3RUQ3 N0U4RUU3QzAeFw0yNTA5MjMwNDU2MDBaFw0yNjA5MjIwNTAxMDBaMDMxMTAvBgNV BAMTKDdEMzVEMTJFQjM4QTVDODFCMjBBRUJENUIwRDIyNkZCQ0QwOUUzMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7nBJNjYPBUPm3VCGwe/xRc++g /Iz2gH+aLzchCM4jKkAQbQ1kiivCBnmqctv2qwBgfKuFms0OdYCRq81upxP1gTzL 3TRoOxZnT7o+b04p08xb8DPuT7oiQ/rR3dV4+cdNKwcepZrFkCbi0Hg/5olbls5Z wJm2Uy2nJgu1IFxn/YKusRQ4CDhSkBiIyUfmHD8J4IclR1wOgERbM4kTjQKh4sfi SBVSvVVOsH8VX721gpeRv5MopcAbM8/uQqqDVmEHBnt3jjS432LK/Ie1v5qQPRLW NYDSKgO6jT1uU4P1ivVxyyPs1qW2uTSu6VC0T+FnIgMDWkvw35snPAYtNzHbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUfTXRLrOKXIGyCuvVsNIm+80J4xswHwYDVR0j BBgwFoAUI76M6mGUBvnYYLH5fuj37Xfo7nwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i YmVkNmRjNC1kMzhiLTQ0YmEtOWYwYi00Mjg0NTViMjc2ZWUvMC8yM0JFOENFQTYx OTQwNkY5RDg2MEIxRjk3RUU4RjdFRDc3RThFRTdDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMjNCRThDRUE2MTk0MDZGOUQ4NjBCMUY5N0VFOEY3RUQ3N0U4 RUU3Qy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiZWQ2ZGM0LWQzOGItNDRiYS05 ZjBiLTQyODQ1NWIyNzZlZS8wLzMxMzYzMDJlMzIzMDJlMzIzNTMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzgzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBT6MA0GCSqG SIb3DQEBCwUAA4IBAQAdQ6DT0d7Zco01QX03aIk7uCFqD2eT1fudF7aSaOSG9hw5 hOJH5OoOYpucqhKwN74sDmm+8t1ZZ310K8rgGZo56R5BaVSZVSqaoe/tg9Wqpy4e z36tVFPIBqQpPzPYqTra59t+q+OGf6aR/7EHQ38vlaN+6PaBBwpPm4rGNasnZGBq gO9zFKxOKmCq6pGqQVNFS0t0vkJxvJ3wvgyQbvw63HaoccAFu93MsvINYqCwU78k QUQJLKeJrcHuHmhQwEn32Xpyg7NHgtJnh/mZ+oF69eKftyG1ESDsYHMqNTw017Bh XyCgVjIh8HG8S1O8rRj5AAVgrwmc13HAnrR9gYvl -----END CERTIFICATE-----Generated at Mon Oct 20 19:43:16 2025 by rpki-client