$ rpki-client -vvf repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/3130332e3135332e33342e302f32332d3234203d3e20313430343532.roa File: 3130332e3135332e33342e302f32332d3234203d3e20313430343532.roa (raw, json) Hash identifier: DOlg8/LY/J8VlLg8q8vs0YMPL93NGt0bpyLPSkqCW/A= Subject key identifier: 60:62:21:9A:12:46:D6:C5:DF:5B:6C:0C:AC:5B:BB:3C:05:AF:9A:F0 Certificate issuer: /CN=B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7 Certificate serial: 60A22C256990C19B4B4D3B9205D7B0DFDF50A1D9 Authority key identifier: B5:91:05:9B:6A:F2:F5:D6:6E:BB:D1:40:31:DA:23:E5:AA:FC:64:F7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/3130332e3135332e33342e302f32332d3234203d3e20313430343532.roa Signing time: Wed 11 Mar 2026 17:08:08 +0000 ROA not before: Wed 11 Mar 2026 17:03:08 +0000 ROA not after: Wed 10 Mar 2027 17:08:08 +0000 asID: 140452 IP address blocks: 103.153.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.crl rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 12:29:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:a2:2c:25:69:90:c1:9b:4b:4d:3b:92:05:d7:b0:df:df:50:a1:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7 Validity Not Before: Mar 11 17:03:08 2026 GMT Not After : Mar 10 17:08:08 2027 GMT Subject: CN=6062219A1246D6C5DF5B6C0CAC5BBB3C05AF9AF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6f:ae:90:65:92:04:a8:ef:cf:36:4f:5e:3f: 4f:40:51:38:af:a9:95:63:e9:cf:54:2e:4e:45:d5: 33:2a:00:63:63:57:f4:21:0b:f3:7c:ea:3b:9c:01: d9:68:5a:cf:eb:2c:c6:d1:b5:c5:ac:69:ae:50:ff: dd:dd:da:02:a9:a9:9f:f5:af:33:da:59:da:ce:b2: 23:e4:50:39:9d:f4:9d:5a:0d:43:7b:12:2a:90:b7: f0:3c:b1:f4:30:ad:cc:77:e5:47:6d:3d:65:fb:b9: ba:7d:97:da:61:78:94:a9:0d:41:86:09:48:3e:d6: 84:e3:fd:7b:67:20:98:03:f3:44:f1:11:88:90:de: cd:31:6a:91:f3:77:b5:fa:cb:a5:74:25:48:50:79: c3:10:36:ef:59:c8:d6:f5:90:6e:d9:86:3f:8c:5d: 4f:5b:e5:ff:43:06:d4:86:51:67:be:39:36:85:05: 7a:14:0d:d9:06:1a:6d:a8:f2:1d:b7:17:f8:47:78: d1:cd:b9:83:28:e1:ea:79:d4:9c:a7:44:55:87:ca: 78:9c:61:55:60:22:b1:7d:e5:a2:39:5e:05:51:6a: b3:49:a7:3a:f1:e5:86:bb:07:d3:6b:b6:97:a8:63: e3:a0:df:4e:53:43:9a:e8:6c:91:ae:ae:63:e4:bf: ec:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:62:21:9A:12:46:D6:C5:DF:5B:6C:0C:AC:5B:BB:3C:05:AF:9A:F0 X509v3 Authority Key Identifier: keyid:B5:91:05:9B:6A:F2:F5:D6:6E:BB:D1:40:31:DA:23:E5:AA:FC:64:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/3130332e3135332e33342e302f32332d3234203d3e20313430343532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.153.34.0/23 Signature Algorithm: sha256WithRSAEncryption bb:9c:d3:d9:37:c4:70:a4:cf:9f:b1:db:49:ff:be:14:4d:24: 1c:ba:47:ce:7a:27:ec:44:d6:fb:18:aa:f3:20:30:ed:de:e1: 84:5a:d2:9e:9b:ae:04:5e:97:19:f7:d9:5f:3b:a4:04:fe:f0: 56:64:3a:bf:b0:8a:95:8d:67:5c:c0:10:95:97:ac:75:08:d7: 7e:32:e5:87:fb:4b:14:01:29:1b:58:7c:6a:dc:47:57:cc:7f: 2d:9f:ef:c9:e3:8d:17:3f:36:b3:03:5b:28:e7:59:e4:77:5d: b4:df:c6:db:e2:d5:2d:5f:56:1c:58:03:b4:8c:3e:9e:21:a2: cf:e5:9a:c3:ec:18:d4:f6:5c:a3:bd:b1:50:e0:bb:a3:a9:62: 38:ea:22:73:3a:cd:76:2d:bc:19:8e:63:50:d2:34:2b:6e:22: 3c:f3:ff:9d:73:4f:d6:ca:c0:fc:49:e3:10:0a:ad:47:5b:0e: bb:5e:85:bc:aa:d5:48:9a:ce:e9:6b:27:0a:8d:af:fe:55:c6: 18:f4:b5:91:84:5f:f8:ce:77:a7:e2:7b:37:1b:08:dd:80:b7: 8b:12:67:74:7a:b3:ce:9d:83:c8:df:3c:fb:9a:6e:c4:ae:40: 99:4f:fd:b5:bf:96:6c:de:79:fd:81:dd:14:fa:35:98:67:fd: ce:6c:61:0c -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYKIsJWmQwZtLTTuSBdew399QodkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjU5MTA1OUI2QUYyRjVENjZFQkJEMTQwMzFEQTIzRTVB QUZDNjRGNzAeFw0yNjAzMTExNzAzMDhaFw0yNzAzMTAxNzA4MDhaMDMxMTAvBgNV BAMTKDYwNjIyMTlBMTI0NkQ2QzVERjVCNkMwQ0FDNUJCQjNDMDVBRjlBRjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9b66QZZIEqO/PNk9eP09AUTiv qZVj6c9ULk5F1TMqAGNjV/QhC/N86jucAdloWs/rLMbRtcWsaa5Q/93d2gKpqZ/1 rzPaWdrOsiPkUDmd9J1aDUN7EiqQt/A8sfQwrcx35UdtPWX7ubp9l9pheJSpDUGG CUg+1oTj/XtnIJgD80TxEYiQ3s0xapHzd7X6y6V0JUhQecMQNu9ZyNb1kG7Zhj+M XU9b5f9DBtSGUWe+OTaFBXoUDdkGGm2o8h23F/hHeNHNuYMo4ep51JynRFWHynic YVVgIrF95aI5XgVRarNJpzrx5Ya7B9NrtpeoY+Og305TQ5robJGurmPkv+zLAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUYGIhmhJG1sXfW2wMrFu7PAWvmvAwHwYDVR0j BBgwFoAUtZEFm2ry9dZuu9FAMdoj5ar8ZPcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGM0MWMxYS1lMDg4LTRlZjYtOWQyOC04MTRjNjE0NTZkMzAvMC9CNTkxMDU5QjZB RjJGNUQ2NkVCQkQxNDAzMURBMjNFNUFBRkM2NEY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjU5MTA1OUI2QUYyRjVENjZFQkJEMTQwMzFEQTIzRTVBQUZD NjRGNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkYzQxYzFhLWUwODgtNGVmNi05 ZDI4LTgxNGM2MTQ1NmQzMC8wLzMxMzAzMzJlMzEzNTMzMmUzMzM0MmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNDMwMzQzNTMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5kiMA0GCSqG SIb3DQEBCwUAA4IBAQC7nNPZN8RwpM+fsdtJ/74UTSQcukfOeifsRNb7GKrzIDDt 3uGEWtKem64EXpcZ99lfO6QE/vBWZDq/sIqVjWdcwBCVl6x1CNd+MuWH+0sUASkb WHxq3EdXzH8tn+/J440XPzazA1so51nkd12038bb4tUtX1YcWAO0jD6eIaLP5ZrD 7BjU9lyjvbFQ4LujqWI46iJzOs12LbwZjmNQ0jQrbiI88/+dc0/WysD8SeMQCq1H Ww67XoW8qtVIms7paycKja/+VcYY9LWRhF/4znen4ns3GwjdgLeLEmd0erPOnYPI 3zz7mm7ErkCZT/21v5Zs3nn9gd0U+jWYZ/3ObGEM -----END CERTIFICATE-----Generated at Thu Mar 26 15:03:56 2026 by rpki-client