$ rpki-client -vvf repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3130362e302f32332d3233203d3e203234353235.roa File: 3131342e3139392e3130362e302f32332d3233203d3e203234353235.roa (raw, json) Hash identifier: 0VjQNL/BZaYHtHGdjAKpnxuQX766NuHTXXxZ9OpkvpE= Subject key identifier: 23:8D:52:89:71:D3:44:E7:7E:C9:80:78:BA:74:62:3A:82:1B:10:5C Certificate issuer: /CN=ADCB9F9DF56E90B39B5344118194104F46A83702 Certificate serial: 08F6B78E377839E22551FA3F59CD07F87A1D09DF Authority key identifier: AD:CB:9F:9D:F5:6E:90:B3:9B:53:44:11:81:94:10:4F:46:A8:37:02 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3130362e302f32332d3233203d3e203234353235.roa Signing time: Tue 24 Mar 2026 09:02:50 +0000 ROA not before: Tue 24 Mar 2026 08:57:50 +0000 ROA not after: Tue 23 Mar 2027 09:02:50 +0000 asID: 24525 IP address blocks: 114.199.106.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.crl rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 16:25:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:f6:b7:8e:37:78:39:e2:25:51:fa:3f:59:cd:07:f8:7a:1d:09:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADCB9F9DF56E90B39B5344118194104F46A83702 Validity Not Before: Mar 24 08:57:50 2026 GMT Not After : Mar 23 09:02:50 2027 GMT Subject: CN=238D528971D344E77EC98078BA74623A821B105C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:31:1d:58:5e:94:e3:3a:5b:9d:32:58:38:59: 6f:f3:bb:8b:10:8f:48:d6:94:b5:42:fb:34:09:5e: 79:c0:29:29:c2:49:8a:11:eb:50:08:49:88:4d:2e: 97:1f:92:6b:1b:d4:ff:cd:c7:d3:5a:f8:01:7a:f3: 95:11:c8:4f:56:94:8b:52:a2:11:27:10:5e:f8:2e: de:98:14:f3:db:cf:04:d9:e6:44:f6:22:a4:fe:70: ba:b2:1b:ab:17:ab:68:80:47:75:dd:81:76:5b:9d: fd:25:9d:d0:b8:b9:3b:40:e5:e1:67:e4:fc:f5:3a: 1e:6c:fa:9f:24:b2:38:79:e1:e8:95:c0:6e:ca:a8: 94:d7:4e:61:c5:4c:96:e2:74:96:80:61:44:72:6a: 09:e0:51:b4:02:d6:8f:46:4d:41:03:d4:aa:c1:06: 95:d9:2a:3b:d3:c4:4b:58:f4:91:23:61:15:e1:1f: f1:45:83:c6:c4:e0:1c:c6:7c:6d:b2:e2:d6:63:e5: 01:25:56:65:0a:20:14:1b:bb:05:7a:90:9f:76:f7: 1e:15:5b:db:48:3d:7c:0e:ea:d1:64:a5:46:7e:29: 2e:ac:77:cd:92:ad:d9:75:c0:6a:60:a1:a2:61:f5: 62:87:96:29:c5:1c:1d:ff:ea:f3:1f:bc:5f:91:04: 49:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:8D:52:89:71:D3:44:E7:7E:C9:80:78:BA:74:62:3A:82:1B:10:5C X509v3 Authority Key Identifier: keyid:AD:CB:9F:9D:F5:6E:90:B3:9B:53:44:11:81:94:10:4F:46:A8:37:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/ADCB9F9DF56E90B39B5344118194104F46A83702.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/ADCB9F9DF56E90B39B5344118194104F46A83702.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d1f4fd38-7826-4201-9f9b-1d7c76aa24dd/0/3131342e3139392e3130362e302f32332d3233203d3e203234353235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 114.199.106.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:96:16:63:ce:5f:51:ec:8d:03:29:dc:ad:2e:aa:bd:f8:3c: 2f:bc:8e:9c:7a:d1:75:15:fc:bf:c4:a6:77:d2:5d:28:b4:e7: 68:bf:38:d4:78:2b:f7:81:04:1a:e9:09:03:70:41:88:bb:5e: 35:2c:bb:8d:c1:ba:91:fc:db:17:47:19:20:c2:38:0e:90:34: cc:1a:f1:22:ef:a9:eb:7f:ec:2c:ee:f2:a8:37:49:14:e6:93: 02:1f:a6:69:eb:fa:1f:85:46:76:91:28:5e:af:d4:b2:05:ca: 60:53:0f:2b:c4:bb:b7:a7:c5:0c:a7:5e:b0:58:c1:78:ec:8c: 1d:24:61:84:7a:80:ef:33:4f:23:9b:9c:73:2f:d7:40:25:5b: 0e:ad:7d:47:9f:b5:cb:1a:93:47:de:b6:17:05:11:25:8d:17: 85:39:b3:f7:60:20:fe:20:d2:0a:93:a0:5f:d8:01:ad:58:f1: 18:da:93:5d:6d:59:af:3d:89:50:1a:48:39:17:be:92:73:49: 4d:81:e2:44:26:44:37:43:87:96:35:f7:06:f2:29:99:34:44: 5f:02:29:01:f4:bc:26:73:84:94:c7:34:47:78:7f:93:24:c7: e8:61:1d:b8:75:1c:4c:ca:00:c7:9b:f3:43:54:40:56:7a:30: 3b:87:1f:0e -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUCPa3jjd4OeIlUfo/Wc0H+HodCd8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQURDQjlGOURGNTZFOTBCMzlCNTM0NDExODE5NDEwNEY0 NkE4MzcwMjAeFw0yNjAzMjQwODU3NTBaFw0yNzAzMjMwOTAyNTBaMDMxMTAvBgNV BAMTKDIzOEQ1Mjg5NzFEMzQ0RTc3RUM5ODA3OEJBNzQ2MjNBODIxQjEwNUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8MR1YXpTjOludMlg4WW/zu4sQ j0jWlLVC+zQJXnnAKSnCSYoR61AISYhNLpcfkmsb1P/Nx9Na+AF685URyE9WlItS ohEnEF74Lt6YFPPbzwTZ5kT2IqT+cLqyG6sXq2iAR3XdgXZbnf0lndC4uTtA5eFn 5Pz1Oh5s+p8ksjh54eiVwG7KqJTXTmHFTJbidJaAYURyagngUbQC1o9GTUED1KrB BpXZKjvTxEtY9JEjYRXhH/FFg8bE4BzGfG2y4tZj5QElVmUKIBQbuwV6kJ929x4V W9tIPXwO6tFkpUZ+KS6sd82Srdl1wGpgoaJh9WKHlinFHB3/6vMfvF+RBEn7AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUI41SiXHTROd+yYB4unRiOoIbEFwwHwYDVR0j BBgwFoAUrcufnfVukLObU0QRgZQQT0aoNwIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k MWY0ZmQzOC03ODI2LTQyMDEtOWY5Yi0xZDdjNzZhYTI0ZGQvMC9BRENCOUY5REY1 NkU5MEIzOUI1MzQ0MTE4MTk0MTA0RjQ2QTgzNzAyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQURDQjlGOURGNTZFOTBCMzlCNTM0NDExODE5NDEwNEY0NkE4 MzcwMi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxZjRmZDM4LTc4MjYtNDIwMS05 ZjliLTFkN2M3NmFhMjRkZC8wLzMxMzEzNDJlMzEzOTM5MmUzMTMwMzYyZTMwMmYz MjMzMmQzMjMzMjAzZDNlMjAzMjM0MzUzMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBcsdqMA0GCSqG SIb3DQEBCwUAA4IBAQCMlhZjzl9R7I0DKdytLqq9+DwvvI6cetF1Ffy/xKZ30l0o tOdovzjUeCv3gQQa6QkDcEGIu141LLuNwbqR/NsXRxkgwjgOkDTMGvEi76nrf+ws 7vKoN0kU5pMCH6Zp6/ofhUZ2kSher9SyBcpgUw8rxLu3p8UMp16wWMF47IwdJGGE eoDvM08jm5xzL9dAJVsOrX1Hn7XLGpNH3rYXBREljReFObP3YCD+INIKk6Bf2AGt WPEY2pNdbVmvPYlQGkg5F76Sc0lNgeJEJkQ3Q4eWNfcG8imZNERfAikB9Lwmc4SU xzRHeH+TJMfoYR24dRxMygDHm/NDVEBWejA7hx8O -----END CERTIFICATE-----Generated at Thu Mar 26 16:18:56 2026 by rpki-client