$ rpki-client -vvf repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/34352e3234392e3232352e302f32342d3234203d3e20313532303237.roa File: 34352e3234392e3232352e302f32342d3234203d3e20313532303237.roa (raw, json) Hash identifier: C52489RC5C7/6xA/AFGhqaTac2q7UpLljZUsc+WdOYU= Subject key identifier: E2:A4:6A:02:9F:9A:B4:79:52:E4:E4:B8:D0:04:59:8B:14:AC:62:41 Certificate issuer: /CN=30D21A97E1EED902F151C3022374D979F0A4A7EF Certificate serial: 07393D03A3B5450F637B17D31769BEEB38D069CA Authority key identifier: 30:D2:1A:97:E1:EE:D9:02:F1:51:C3:02:23:74:D9:79:F0:A4:A7:EF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/30D21A97E1EED902F151C3022374D979F0A4A7EF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/34352e3234392e3232352e302f32342d3234203d3e20313532303237.roa Signing time: Sat 11 Oct 2025 07:00:01 +0000 ROA not before: Sat 11 Oct 2025 06:55:01 +0000 ROA not after: Sat 10 Oct 2026 07:00:01 +0000 asID: 152027 IP address blocks: 45.249.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/30D21A97E1EED902F151C3022374D979F0A4A7EF.crl rsync://repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/30D21A97E1EED902F151C3022374D979F0A4A7EF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/30D21A97E1EED902F151C3022374D979F0A4A7EF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 07:05:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:39:3d:03:a3:b5:45:0f:63:7b:17:d3:17:69:be:eb:38:d0:69:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30D21A97E1EED902F151C3022374D979F0A4A7EF Validity Not Before: Oct 11 06:55:01 2025 GMT Not After : Oct 10 07:00:01 2026 GMT Subject: CN=E2A46A029F9AB47952E4E4B8D004598B14AC6241 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b6:94:d7:4d:c8:fa:bc:f9:c5:05:7d:d8:2c: 0f:49:7c:38:ab:10:b6:be:bc:e0:fc:35:4f:4f:64: e9:c8:52:4a:94:fe:5e:fe:93:1b:1e:1a:af:41:7e: 30:c9:33:da:07:35:db:fa:c5:1f:81:52:2f:a8:78: 24:b9:46:74:12:c2:64:70:f1:1b:e4:8c:14:68:f3: 9e:18:b1:db:9c:e0:d0:e7:0d:8f:7d:94:89:ef:89: 69:f1:7c:37:e9:24:c6:77:9c:20:34:e8:75:4f:08: 34:ab:80:fb:f5:ac:70:ee:89:72:65:4b:34:17:0d: ec:93:d3:03:be:62:74:7d:b7:9b:4f:57:74:12:71: da:5e:73:b1:4b:f2:4e:35:b1:d6:d4:33:be:ce:00: 45:52:74:16:aa:13:1e:b2:c7:70:27:95:04:f2:95: 88:bf:d9:69:d8:a3:12:60:44:e8:b6:e9:82:64:52: 42:44:5e:ce:78:42:07:27:98:3e:b5:a6:70:eb:f9: 30:c9:b1:54:20:c6:3d:46:a4:f4:4a:c5:9b:56:7f: 0b:9d:31:9a:c6:14:35:cd:43:43:1a:50:0c:df:93: 40:4d:13:05:33:0b:5b:d0:03:01:1e:eb:f9:5d:a9: 6a:35:c0:62:09:e9:3c:aa:14:1d:9e:3a:e7:2b:e2: c6:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:A4:6A:02:9F:9A:B4:79:52:E4:E4:B8:D0:04:59:8B:14:AC:62:41 X509v3 Authority Key Identifier: keyid:30:D2:1A:97:E1:EE:D9:02:F1:51:C3:02:23:74:D9:79:F0:A4:A7:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/30D21A97E1EED902F151C3022374D979F0A4A7EF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/30D21A97E1EED902F151C3022374D979F0A4A7EF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d9b899ac-4870-4e28-8e4e-2c23752a4a60/0/34352e3234392e3232352e302f32342d3234203d3e20313532303237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.249.225.0/24 Signature Algorithm: sha256WithRSAEncryption 52:a4:9d:93:3a:90:9c:a9:91:57:8c:0f:fe:b5:72:ee:2c:5e: d4:cd:2b:cc:5f:41:ec:30:65:39:75:5c:96:64:c6:db:33:ac: f7:96:d6:ca:0d:ee:3c:6c:f2:ed:3c:32:75:a4:c1:cf:ab:0b: df:53:82:ae:77:cc:7c:3a:d7:c9:f9:d0:f4:b8:20:2d:01:20: ce:84:f6:97:88:69:3f:d4:38:55:88:e5:8e:ab:72:29:a4:69: d5:a1:d0:25:22:af:61:88:1a:d8:43:61:b5:0c:2f:2b:a7:35: c3:1f:52:ed:c9:88:a4:db:d7:74:79:c3:47:97:82:16:53:cb: bb:a1:fd:3b:15:fb:fd:c8:57:e1:63:ce:b9:15:15:58:82:da: 01:85:b9:91:6b:d1:fc:55:41:39:0f:cc:58:84:52:93:59:99: f3:2f:9c:7f:9a:ec:ad:0e:d7:9a:60:7a:99:1f:63:c5:fc:a7: 0b:dc:36:68:15:0b:54:76:78:7f:db:9f:57:97:42:77:36:b2: 9f:8d:04:fa:08:48:1e:85:07:3e:50:5a:b7:42:d1:18:0a:ae: 50:4f:3a:1f:dc:9b:a9:5f:04:5a:de:6b:58:0a:7e:a8:f3:7e: 24:00:33:a8:49:69:63:fe:3b:04:a1:0c:7e:4c:99:90:c0:3f: 0d:9a:55:27 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUBzk9A6O1RQ9jexfTF2m+6zjQacowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzBEMjFBOTdFMUVFRDkwMkYxNTFDMzAyMjM3NEQ5NzlG MEE0QTdFRjAeFw0yNTEwMTEwNjU1MDFaFw0yNjEwMTAwNzAwMDFaMDMxMTAvBgNV BAMTKEUyQTQ2QTAyOUY5QUI0Nzk1MkU0RTRCOEQwMDQ1OThCMTRBQzYyNDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2tpTXTcj6vPnFBX3YLA9JfDir ELa+vOD8NU9PZOnIUkqU/l7+kxseGq9BfjDJM9oHNdv6xR+BUi+oeCS5RnQSwmRw 8RvkjBRo854Ysduc4NDnDY99lInviWnxfDfpJMZ3nCA06HVPCDSrgPv1rHDuiXJl SzQXDeyT0wO+YnR9t5tPV3QScdpec7FL8k41sdbUM77OAEVSdBaqEx6yx3AnlQTy lYi/2WnYoxJgROi26YJkUkJEXs54QgcnmD61pnDr+TDJsVQgxj1GpPRKxZtWfwud MZrGFDXNQ0MaUAzfk0BNEwUzC1vQAwEe6/ldqWo1wGIJ6TyqFB2eOucr4saPAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU4qRqAp+atHlS5OS40ARZixSsYkEwHwYDVR0j BBgwFoAUMNIal+Hu2QLxUcMCI3TZefCkp+8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k OWI4OTlhYy00ODcwLTRlMjgtOGU0ZS0yYzIzNzUyYTRhNjAvMC8zMEQyMUE5N0Ux RUVEOTAyRjE1MUMzMDIyMzc0RDk3OUYwQTRBN0VGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzBEMjFBOTdFMUVFRDkwMkYxNTFDMzAyMjM3NEQ5NzlGMEE0 QTdFRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q5Yjg5OWFjLTQ4NzAtNGUyOC04 ZTRlLTJjMjM3NTJhNGE2MC8wLzM0MzUyZTMyMzQzOTJlMzIzMjM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzAzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALfnhMA0GCSqG SIb3DQEBCwUAA4IBAQBSpJ2TOpCcqZFXjA/+tXLuLF7UzSvMX0HsMGU5dVyWZMbb M6z3ltbKDe48bPLtPDJ1pMHPqwvfU4Kud8x8OtfJ+dD0uCAtASDOhPaXiGk/1DhV iOWOq3IppGnVodAlIq9hiBrYQ2G1DC8rpzXDH1LtyYik29d0ecNHl4IWU8u7of07 Ffv9yFfhY865FRVYgtoBhbmRa9H8VUE5D8xYhFKTWZnzL5x/muytDteaYHqZH2PF /KcL3DZoFQtUdnh/259Xl0J3NrKfjQT6CEgehQc+UFq3QtEYCq5QTzof3JupXwRa 3mtYCn6o834kADOoSWlj/jsEoQx+TJmQwD8NmlUn -----END CERTIFICATE-----Generated at Mon Oct 20 13:24:25 2025 by rpki-client