$ rpki-client -vvf repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/3135372e31302e3232322e302f32332d3234203d3e20313431383938.roa File: 3135372e31302e3232322e302f32332d3234203d3e20313431383938.roa (raw, json) Hash identifier: vGh2St9nX3pCTUIzzPcvPvpTzzNgw/FhkJ2xWSsEdQ0= Subject key identifier: 53:9E:47:4C:95:4D:36:94:ED:C8:3A:31:E0:4F:8C:11:7A:D3:4D:4B Certificate issuer: /CN=CEB4F9AE3476630AAF22F4CD42CE606BB4444140 Certificate serial: 1FDC39371D67F731BE5E4D438B3049E2C3B3E47D Authority key identifier: CE:B4:F9:AE:34:76:63:0A:AF:22:F4:CD:42:CE:60:6B:B4:44:41:40 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/3135372e31302e3232322e302f32332d3234203d3e20313431383938.roa Signing time: Wed 25 Mar 2026 21:00:00 +0000 ROA not before: Wed 25 Mar 2026 20:55:00 +0000 ROA not after: Wed 24 Mar 2027 21:00:00 +0000 asID: 141898 IP address blocks: 157.10.222.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.crl rsync://repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 21:56:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:dc:39:37:1d:67:f7:31:be:5e:4d:43:8b:30:49:e2:c3:b3:e4:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEB4F9AE3476630AAF22F4CD42CE606BB4444140 Validity Not Before: Mar 25 20:55:00 2026 GMT Not After : Mar 24 21:00:00 2027 GMT Subject: CN=539E474C954D3694EDC83A31E04F8C117AD34D4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cd:06:bc:1d:a9:c8:69:13:06:ee:63:88:91: 92:e1:58:fe:cc:9c:01:f8:fd:ea:7f:c5:9b:48:7d: d2:e4:ae:ae:39:b1:74:d1:1f:2f:a3:e5:38:11:54: 8b:6d:12:28:0c:21:31:10:e5:21:d0:0e:cc:26:10: e8:1f:9c:14:89:87:99:4e:be:98:1d:fa:86:3d:32: 9d:81:7b:d4:85:3d:08:f8:00:43:82:6f:20:8a:9c: 39:82:9c:99:8b:68:75:aa:48:e3:f6:0f:5a:ca:68: eb:ca:3b:6f:a8:03:14:58:05:e5:63:44:82:fa:96: 22:6c:7a:59:bb:e3:03:8b:a3:f1:49:28:72:36:56: 91:97:d7:0c:2f:d4:0a:2e:4e:89:ab:b9:b2:d5:d6: 1a:a3:c9:ec:40:31:d7:14:0c:35:7a:cf:3f:1d:e4: 22:d9:16:53:68:0c:ae:8e:1d:c0:6a:b4:d4:3f:01: 43:e5:86:bd:0e:96:0c:39:1b:1b:61:b5:e0:bf:e1: 17:a8:99:de:9f:d4:cc:67:f2:f8:d6:6d:29:c8:d1: 66:2b:a3:6b:b0:ee:88:cf:d0:86:c7:45:df:bb:e8: e7:53:e1:eb:bf:de:7f:24:53:93:a4:c6:85:42:0a: ae:29:14:81:66:41:33:2b:a7:58:7d:df:81:e3:e4: 73:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:9E:47:4C:95:4D:36:94:ED:C8:3A:31:E0:4F:8C:11:7A:D3:4D:4B X509v3 Authority Key Identifier: keyid:CE:B4:F9:AE:34:76:63:0A:AF:22:F4:CD:42:CE:60:6B:B4:44:41:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/CEB4F9AE3476630AAF22F4CD42CE606BB4444140.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ca376a6e-3eca-4f73-8d15-d1ddee91ff98/0/3135372e31302e3232322e302f32332d3234203d3e20313431383938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.222.0/23 Signature Algorithm: sha256WithRSAEncryption 87:5e:e4:20:73:f2:6d:00:8b:03:41:e3:16:45:8e:07:42:65: 5c:73:95:7c:62:1c:ff:60:fc:c0:e2:ea:43:cd:5e:55:0b:5f: ce:58:50:6d:e6:92:1a:03:42:0d:7d:b5:8f:d4:4e:f9:06:9b: 53:03:06:98:3a:f8:95:ef:ed:6f:cd:a2:93:17:db:9a:ef:02: d3:56:a3:a0:d7:93:99:75:b9:1e:bf:52:b9:0c:7f:40:37:46: 7e:b6:e8:f6:fe:e3:2f:62:c1:b6:4b:5f:f5:0c:89:b0:f1:41: 26:53:e6:4d:ed:0a:f7:0c:03:3d:39:f7:d6:f4:de:19:44:ab: 27:e6:4e:3a:e1:06:ae:13:1c:f1:db:0a:a2:81:46:ab:37:1c: 02:c2:84:a4:c0:93:33:84:d0:02:a2:b5:13:86:b0:f0:17:ab: d3:d1:3f:ad:8a:39:f6:30:34:8d:c1:3f:e2:6f:e9:3c:d6:64: b5:a4:88:56:a3:f0:9f:51:16:4b:ee:11:0c:6a:a2:c5:df:ee: 01:32:b0:f2:dd:87:c3:a3:d9:58:09:82:fa:13:ec:38:17:5c: 98:09:07:eb:34:5f:47:6a:a1:0d:26:82:a2:5c:bf:66:64:d7: b5:65:a6:11:ea:d9:ae:e6:e1:7e:10:0b:60:ce:6a:01:a0:b0: 77:5d:e2:7a -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUH9w5Nx1n9zG+Xk1DizBJ4sOz5H0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VCNEY5QUUzNDc2NjMwQUFGMjJGNENENDJDRTYwNkJC NDQ0NDE0MDAeFw0yNjAzMjUyMDU1MDBaFw0yNzAzMjQyMTAwMDBaMDMxMTAvBgNV BAMTKDUzOUU0NzRDOTU0RDM2OTRFREM4M0EzMUUwNEY4QzExN0FEMzRENEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyzQa8HanIaRMG7mOIkZLhWP7M nAH4/ep/xZtIfdLkrq45sXTRHy+j5TgRVIttEigMITEQ5SHQDswmEOgfnBSJh5lO vpgd+oY9Mp2Be9SFPQj4AEOCbyCKnDmCnJmLaHWqSOP2D1rKaOvKO2+oAxRYBeVj RIL6liJselm74wOLo/FJKHI2VpGX1wwv1AouTomrubLV1hqjyexAMdcUDDV6zz8d 5CLZFlNoDK6OHcBqtNQ/AUPlhr0Olgw5GxthteC/4Reomd6f1Mxn8vjWbSnI0WYr o2uw7ojP0IbHRd+76OdT4eu/3n8kU5OkxoVCCq4pFIFmQTMrp1h934Hj5HMZAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUU55HTJVNNpTtyDox4E+MEXrTTUswHwYDVR0j BBgwFoAUzrT5rjR2YwqvIvTNQs5ga7REQUAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j YTM3NmE2ZS0zZWNhLTRmNzMtOGQxNS1kMWRkZWU5MWZmOTgvMC9DRUI0RjlBRTM0 NzY2MzBBQUYyMkY0Q0Q0MkNFNjA2QkI0NDQ0MTQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQ0VCNEY5QUUzNDc2NjMwQUFGMjJGNENENDJDRTYwNkJCNDQ0 NDE0MC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NhMzc2YTZlLTNlY2EtNGY3My04 ZDE1LWQxZGRlZTkxZmY5OC8wLzMxMzUzNzJlMzEzMDJlMzIzMjMyMmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNDMxMzgzOTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnQreMA0GCSqG SIb3DQEBCwUAA4IBAQCHXuQgc/JtAIsDQeMWRY4HQmVcc5V8Yhz/YPzA4upDzV5V C1/OWFBt5pIaA0INfbWP1E75BptTAwaYOviV7+1vzaKTF9ua7wLTVqOg15OZdbke v1K5DH9AN0Z+tuj2/uMvYsG2S1/1DImw8UEmU+ZN7Qr3DAM9OffW9N4ZRKsn5k46 4QauExzx2wqigUarNxwCwoSkwJMzhNACorUThrDwF6vT0T+tijn2MDSNwT/ib+k8 1mS1pIhWo/CfURZL7hEMaqLF3+4BMrDy3YfDo9lYCYL6E+w4F1yYCQfrNF9HaqEN JoKiXL9mZNe1ZaYR6tmu5uF+EAtgzmoBoLB3XeJ6 -----END CERTIFICATE-----Generated at Thu Mar 26 15:22:08 2026 by rpki-client