$ rpki-client -vvf repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa File: 3135372e36362e3132322e302f32342d3234203d3e203633383538.roa (raw, json) Hash identifier: kg0hS5WVmmpYRWbdfL7SGsHNbdnD8NF+clSnWXU7jw0= Subject key identifier: C4:FA:3F:EF:2D:0E:A2:13:AD:36:8E:72:0F:9D:9D:50:8B:D3:E7:07 Certificate issuer: /CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Certificate serial: 367C6D7F41FC144E1EE4C421A5FA061E11710D29 Authority key identifier: 5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa Signing time: Wed 25 Mar 2026 13:00:00 +0000 ROA not before: Wed 25 Mar 2026 12:55:00 +0000 ROA not after: Wed 24 Mar 2027 13:00:00 +0000 asID: 63858 IP address blocks: 157.66.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 20:05:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:7c:6d:7f:41:fc:14:4e:1e:e4:c4:21:a5:fa:06:1e:11:71:0d:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Validity Not Before: Mar 25 12:55:00 2026 GMT Not After : Mar 24 13:00:00 2027 GMT Subject: CN=C4FA3FEF2D0EA213AD368E720F9D9D508BD3E707 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ea:94:64:75:ce:c6:fb:50:8b:86:6e:d2:5c: 50:e0:95:64:27:98:d2:f7:ed:05:ad:96:50:a1:6e: c9:db:3f:ff:9a:2b:e6:e9:03:fd:65:bc:90:e4:9a: 8f:cb:31:ed:4f:62:81:a1:1e:f8:83:ab:8b:ab:89: 90:7e:ce:5c:15:e2:9e:bd:f3:c2:f5:c9:30:c3:f9: 25:ed:72:1a:51:dc:f3:00:5e:92:21:6f:bf:62:cf: 62:99:6c:02:2d:47:2c:21:86:4b:8e:d0:80:f0:34: 80:0e:ae:04:ca:52:fd:11:ac:28:f6:48:f4:4f:20: 00:95:f8:1f:f4:7d:3a:20:9a:58:49:4d:d4:b7:2a: 0b:dc:d4:52:be:d9:86:9a:bf:2d:94:c9:59:60:bb: fe:de:b8:a1:eb:2b:bd:d1:8f:8b:12:5b:dc:9a:e7: e2:45:9c:45:01:fd:7e:49:e9:72:fa:02:33:e4:29: e4:72:06:c4:51:6f:b7:25:fc:b6:d7:3e:a7:05:29: a0:18:6c:3e:02:57:d6:0a:0c:f1:24:31:22:3d:51: d3:5c:c0:1f:c6:a2:ee:de:04:01:af:4d:a4:5e:2e: 94:32:62:11:8b:b8:04:2e:ac:57:4c:cc:0e:44:00: f2:86:90:41:72:05:8a:76:74:e3:b7:5b:a7:25:ab: 64:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:FA:3F:EF:2D:0E:A2:13:AD:36:8E:72:0F:9D:9D:50:8B:D3:E7:07 X509v3 Authority Key Identifier: keyid:5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/3135372e36362e3132322e302f32342d3234203d3e203633383538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.122.0/24 Signature Algorithm: sha256WithRSAEncryption 21:c6:fe:d2:b5:f3:bd:56:8b:8b:6b:37:53:30:2d:de:45:23: 5f:c0:df:a7:e4:2d:fa:30:e8:8e:fb:b4:22:45:b4:9e:60:48: 55:86:cc:38:96:39:55:ec:7b:2f:d7:25:cb:57:39:30:73:41: 70:38:6a:89:fc:9c:57:e9:6f:e6:56:bd:83:fd:4f:d2:41:44: d8:c8:01:19:73:aa:a7:f0:cd:f4:b0:3b:9d:0d:5b:96:7a:97: 89:e3:70:49:bb:ba:2d:25:8a:8a:06:7f:fe:85:bd:5c:39:9a: 69:77:66:6f:d6:bb:84:79:5c:ce:ab:75:3f:0a:2f:d3:7b:23: 05:34:75:cd:1d:f9:35:ee:17:5c:24:e8:15:7b:69:74:6e:a1: 22:02:28:87:61:ec:ba:b1:bb:bc:03:ac:e6:83:22:1e:c7:90: 51:c6:1e:ff:aa:b9:d9:88:c6:79:03:93:31:91:0a:26:9f:bc: 27:c5:d5:6c:a3:4b:87:d9:04:80:c0:8a:c1:f5:91:84:e0:93: e6:c5:ce:36:1a:2d:85:04:7d:7a:80:70:c4:fa:ad:22:1e:9e: 43:6f:ef:58:90:34:09:db:74:ca:e2:4a:4a:1c:af:2d:b2:b1: 20:fd:e7:51:18:13:08:6e:62:cf:42:78:bc:65:7a:99:65:7a: cb:57:c3:b5 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUNnxtf0H8FE4e5MQhpfoGHhFxDSkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RE NEE5ODRFQjAeFw0yNjAzMjUxMjU1MDBaFw0yNzAzMjQxMzAwMDBaMDMxMTAvBgNV BAMTKEM0RkEzRkVGMkQwRUEyMTNBRDM2OEU3MjBGOUQ5RDUwOEJEM0U3MDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy6pRkdc7G+1CLhm7SXFDglWQn mNL37QWtllChbsnbP/+aK+bpA/1lvJDkmo/LMe1PYoGhHviDq4uriZB+zlwV4p69 88L1yTDD+SXtchpR3PMAXpIhb79iz2KZbAItRywhhkuO0IDwNIAOrgTKUv0RrCj2 SPRPIACV+B/0fTogmlhJTdS3Kgvc1FK+2Yaavy2UyVlgu/7euKHrK73Rj4sSW9ya 5+JFnEUB/X5J6XL6AjPkKeRyBsRRb7cl/LbXPqcFKaAYbD4CV9YKDPEkMSI9UdNc wB/Gou7eBAGvTaReLpQyYhGLuAQurFdMzA5EAPKGkEFyBYp2dOO3W6clq2SDAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUxPo/7y0OohOtNo5yD52dUIvT5wcwHwYDVR0j BBgwFoAUWo1N7F/Cm+biSQRi9YCQPdSphOswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZWNmNWQ5NC03ZjFmLTQzYmYtYjdhYS0yMjBmMGMxNTZlYzAvMC81QThENERFQzVG QzI5QkU2RTI0OTA0NjJGNTgwOTAzREQ0QTk4NEVCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvNUE4RDRERUM1RkMyOUJFNkUyNDkwNDYyRjU4MDkwM0RENEE5 ODRFQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NlY2Y1ZDk0LTdmMWYtNDNiZi1i N2FhLTIyMGYwYzE1NmVjMC8wLzMxMzUzNzJlMzYzNjJlMzEzMjMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzYzMzM4MzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ1CejANBgkqhkiG 9w0BAQsFAAOCAQEAIcb+0rXzvVaLi2s3UzAt3kUjX8Dfp+Qt+jDojvu0IkW0nmBI VYbMOJY5Vex7L9cly1c5MHNBcDhqifycV+lv5la9g/1P0kFE2MgBGXOqp/DN9LA7 nQ1blnqXieNwSbu6LSWKigZ//oW9XDmaaXdmb9a7hHlczqt1Pwov03sjBTR1zR35 Ne4XXCToFXtpdG6hIgIoh2HsurG7vAOs5oMiHseQUcYe/6q52YjGeQOTMZEKJp+8 J8XVbKNLh9kEgMCKwfWRhOCT5sXONhothQR9eoBwxPqtIh6eQ2/vWJA0Cdt0yuJK ShyvLbKxIP3nURgTCG5iz0J4vGV6mWV6y1fDtQ== -----END CERTIFICATE-----Generated at Fri Mar 27 01:57:02 2026 by rpki-client