$ rpki-client -vvf repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131352e302f32342d3234203d3e20313533303731.roa File: 3136302e32352e3131352e302f32342d3234203d3e20313533303731.roa (raw, json) Hash identifier: DxrvBG2EwoDi5CWPRxZjQftZXgHK8QtqiBt20+LN2E8= Subject key identifier: 0C:CB:87:95:B5:6C:6E:47:C0:30:81:BA:24:FC:53:7F:C3:3C:5A:60 Certificate issuer: /CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Certificate serial: 3342BD32236FC35279BB441A300710E816936192 Authority key identifier: F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131352e302f32342d3234203d3e20313533303731.roa Signing time: Sun 12 Oct 2025 13:00:01 +0000 ROA not before: Sun 12 Oct 2025 12:55:01 +0000 ROA not after: Sun 11 Oct 2026 13:00:01 +0000 asID: 153071 IP address blocks: 160.25.115.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 16:49:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:42:bd:32:23:6f:c3:52:79:bb:44:1a:30:07:10:e8:16:93:61:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F91B50B9BD34481B7AED3341ECBE67B1731B3908 Validity Not Before: Oct 12 12:55:01 2025 GMT Not After : Oct 11 13:00:01 2026 GMT Subject: CN=0CCB8795B56C6E47C03081BA24FC537FC33C5A60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:43:8d:0c:a7:68:5d:f1:e9:be:70:30:7b:1b: 21:4d:5c:dc:1f:72:bd:7f:79:3a:74:7d:19:7f:58: 9d:c5:b6:f7:fc:c5:91:c2:08:31:aa:98:21:88:d2: aa:bf:d9:77:68:86:f5:10:2e:41:3c:d9:96:25:f1: 53:4c:83:b4:a3:68:dc:bd:aa:68:57:89:b9:f3:74: af:04:50:5e:84:87:7b:85:93:0c:f8:6a:c1:04:41: 47:18:1b:a6:66:8b:6e:54:f7:96:d5:b0:9e:f2:99: 5d:ca:b6:10:9a:12:f5:3f:10:eb:ac:24:a5:0c:96: 23:f2:d5:c8:7d:f9:b1:41:15:32:80:db:b8:52:bf: c9:90:e7:75:36:6f:e2:38:ce:b9:86:65:2d:4a:cb: 0d:25:d0:ef:f5:31:f0:93:17:18:a0:fd:7c:03:b0: 81:cd:2e:d2:06:5b:0f:8c:38:e2:c1:bf:78:0c:65: 42:73:fb:0d:2b:be:ad:c4:7a:85:63:9f:17:47:af: 81:02:d5:56:c2:84:54:32:af:3c:a6:15:69:ba:99: 74:39:7a:40:d8:3f:d8:1c:ac:ce:28:1f:41:be:22: 98:72:7e:96:0c:b8:40:74:65:fc:f4:58:c8:61:31: 2c:5b:3d:54:56:63:3f:fc:de:a4:fd:41:34:4b:ba: 31:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:CB:87:95:B5:6C:6E:47:C0:30:81:BA:24:FC:53:7F:C3:3C:5A:60 X509v3 Authority Key Identifier: keyid:F9:1B:50:B9:BD:34:48:1B:7A:ED:33:41:EC:BE:67:B1:73:1B:39:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/F91B50B9BD34481B7AED3341ECBE67B1731B3908.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/F91B50B9BD34481B7AED3341ECBE67B1731B3908.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/3136302e32352e3131352e302f32342d3234203d3e20313533303731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.115.0/24 Signature Algorithm: sha256WithRSAEncryption ac:70:19:a9:8a:2d:07:a2:7f:47:ea:e3:6a:c1:c6:c7:16:df: 6a:96:ba:33:6d:86:5f:ca:cc:40:32:59:4c:b7:b5:d8:fc:9f: ee:e7:18:7f:d8:b3:bc:e8:3d:35:20:c7:22:34:45:e7:e5:b2: e7:1c:01:a1:40:88:4d:34:eb:43:e9:b1:f9:63:9c:22:da:ca: 17:f3:c7:44:95:a0:90:01:8a:71:53:8c:d4:a4:c7:a2:1d:7c: 7d:3d:4e:ee:ef:f0:2a:87:58:a7:92:e9:36:54:e6:56:fa:95: 9e:bd:98:b0:94:3a:b9:e6:c8:30:2a:ab:58:46:4a:77:b4:53: 30:29:17:2b:ce:91:7f:71:b4:92:a4:7c:32:84:92:dd:1c:d1: 21:47:24:f1:8f:3e:66:8d:46:21:43:8c:79:16:77:35:f9:a6: 97:6a:5d:f3:6d:0f:0e:37:d9:7f:4c:7c:58:91:3d:86:28:6f: 06:f5:b5:91:0a:aa:52:ce:54:db:29:88:d3:21:e6:4e:e3:65: 5c:7e:0a:d9:ff:f2:68:0b:cb:cb:c0:91:d2:1f:a6:18:c7:01: b2:4d:06:dd:cd:d5:b5:4c:2a:d7:cd:d6:00:42:7d:e9:4e:af: 13:c3:8c:3f:9a:c0:74:a7:0e:fc:76:11:b5:4a:a2:a1:0c:ec: 8f:17:48:89 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUM0K9MiNvw1J5u0QaMAcQ6BaTYZIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3 MzFCMzkwODAeFw0yNTEwMTIxMjU1MDFaFw0yNjEwMTExMzAwMDFaMDMxMTAvBgNV BAMTKDBDQ0I4Nzk1QjU2QzZFNDdDMDMwODFCQTI0RkM1MzdGQzMzQzVBNjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBQ40Mp2hd8em+cDB7GyFNXNwf cr1/eTp0fRl/WJ3Ftvf8xZHCCDGqmCGI0qq/2XdohvUQLkE82ZYl8VNMg7SjaNy9 qmhXibnzdK8EUF6Eh3uFkwz4asEEQUcYG6Zmi25U95bVsJ7ymV3KthCaEvU/EOus JKUMliPy1ch9+bFBFTKA27hSv8mQ53U2b+I4zrmGZS1Kyw0l0O/1MfCTFxig/XwD sIHNLtIGWw+MOOLBv3gMZUJz+w0rvq3EeoVjnxdHr4EC1VbChFQyrzymFWm6mXQ5 ekDYP9gcrM4oH0G+IphyfpYMuEB0Zfz0WMhhMSxbPVRWYz/83qT9QTRLujGbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUDMuHlbVsbkfAMIG6JPxTf8M8WmAwHwYDVR0j BBgwFoAU+RtQub00SBt67TNB7L5nsXMbOQgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j Njc4NjBlMy02YWQ4LTQ3YTUtOTRjMC05M2ZmZDI0NzI4NjUvMC9GOTFCNTBCOUJE MzQ0ODFCN0FFRDMzNDFFQ0JFNjdCMTczMUIzOTA4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRjkxQjUwQjlCRDM0NDgxQjdBRUQzMzQxRUNCRTY3QjE3MzFC MzkwOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2Nzg2MGUzLTZhZDgtNDdhNS05 NGMwLTkzZmZkMjQ3Mjg2NS8wLzMxMzYzMDJlMzIzNTJlMzEzMTM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBlzMA0GCSqG SIb3DQEBCwUAA4IBAQCscBmpii0Hon9H6uNqwcbHFt9qlrozbYZfysxAMllMt7XY /J/u5xh/2LO86D01IMciNEXn5bLnHAGhQIhNNOtD6bH5Y5wi2soX88dElaCQAYpx U4zUpMeiHXx9PU7u7/Aqh1inkuk2VOZW+pWevZiwlDq55sgwKqtYRkp3tFMwKRcr zpF/cbSSpHwyhJLdHNEhRyTxjz5mjUYhQ4x5Fnc1+aaXal3zbQ8ON9l/THxYkT2G KG8G9bWRCqpSzlTbKYjTIeZO42VcfgrZ//JoC8vLwJHSH6YYxwGyTQbdzdW1TCrX zdYAQn3pTq8Tw4w/msB0pw78dhG1SqKhDOyPF0iJ -----END CERTIFICATE-----Generated at Tue Oct 21 09:19:14 2025 by rpki-client