$ rpki-client -vvf repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa File: 3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa (raw, json) Hash identifier: /XQcveyg4jv0OLVMXGF7RkM1OgqinZHYHqjopRTiyzg= Subject key identifier: CC:B7:85:FE:E1:F3:A0:9C:25:F7:A0:17:44:BB:E3:B9:8D:3E:C4:04 Certificate issuer: /CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Certificate serial: 6366B1301C568D90F1F37DD7647564810D7549FF Authority key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject info access: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa Signing time: Fri 03 Oct 2025 07:02:56 +0000 ROA not before: Fri 03 Oct 2025 06:57:56 +0000 ROA not after: Fri 02 Oct 2026 07:02:56 +0000 asID: 152790 IP address blocks: 160.20.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 21:35:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:66:b1:30:1c:56:8d:90:f1:f3:7d:d7:64:75:64:81:0d:75:49:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Validity Not Before: Oct 3 06:57:56 2025 GMT Not After : Oct 2 07:02:56 2026 GMT Subject: CN=CCB785FEE1F3A09C25F7A01744BBE3B98D3EC404 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:06:d1:28:38:39:1a:44:f1:d0:fb:ab:92:16: df:4a:1e:f7:e5:17:7e:a8:56:f8:ab:a1:1e:46:13: b8:78:4b:a9:e4:b0:8d:1e:5e:88:e6:8e:f3:3e:f5: 20:62:e3:e8:ab:ce:72:0a:c6:c5:a4:0d:95:4f:09: 6a:d1:5b:2e:86:a4:db:4e:50:c1:ed:58:0d:0f:06: 8d:22:ea:fe:e9:c4:15:3b:9f:a8:b6:6a:57:c1:4f: 9d:aa:f2:1f:a9:d9:23:a3:23:b6:22:86:e1:95:d8: b7:8e:3d:4a:0c:7d:7b:c2:90:6d:dc:1e:d8:4a:f1: 89:f7:f1:9c:d6:d8:f6:e1:6a:ca:5f:ba:06:7e:01: 20:5e:68:01:0d:f5:21:01:d4:c9:8c:55:0d:e5:da: 99:9e:6f:66:db:c7:ed:6e:05:70:4d:34:5a:dc:38: ba:e7:4d:ab:03:e2:dd:0e:79:45:56:7d:96:d5:33: f8:e0:50:dd:d6:09:0d:86:b8:42:1f:c6:0e:ab:21: b3:56:55:f5:d3:2b:10:9e:d2:41:a0:fc:2e:ca:4c: 21:75:bd:cd:44:b7:fe:69:fb:64:b1:50:48:af:10: 56:e5:2c:67:28:d8:3b:80:97:55:45:54:84:6f:b2: 7e:25:4f:f5:65:16:9f:2b:11:33:ec:2b:99:11:82: 7f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B7:85:FE:E1:F3:A0:9C:25:F7:A0:17:44:BB:E3:B9:8D:3E:C4:04 X509v3 Authority Key Identifier: keyid:D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/3136302e32302e3130342e302f32342d3234203d3e20313532373930.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.104.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:03:e2:ba:b5:69:d6:25:29:d6:34:84:e7:f7:85:c8:a9:6a: ca:81:06:e6:6b:35:d4:dc:ef:2b:44:e0:30:0a:6f:4f:0c:44: 71:8b:01:0a:7a:87:35:c7:fb:c0:f0:ab:b9:e1:41:c2:73:b1: 37:e5:e4:57:c0:a7:67:3d:96:c7:94:ef:d0:6b:12:b0:07:c5: d4:3f:c9:c0:a5:d2:a2:12:24:0b:61:22:f7:60:72:31:d2:ec: 72:0f:2f:7d:2e:bd:eb:92:e4:64:c3:06:2f:c2:55:2f:e4:f9: 9a:27:ea:aa:11:82:8d:06:4b:f3:e2:ae:87:3d:ea:a5:d3:b2: 23:1f:8a:48:a9:22:97:70:7a:49:e6:03:a5:c5:b1:4c:4d:74: a9:1c:f5:a4:f3:b3:ae:8d:54:62:a3:dc:61:08:db:93:66:a7: ee:9f:87:d6:c9:e5:89:51:1c:43:b4:c9:97:0c:6f:29:87:b7: 0f:2d:80:10:a5:96:c8:1f:6d:71:62:d5:d8:c8:87:3a:4f:67: 59:9a:01:d1:8a:f9:8e:2b:23:af:aa:8c:d3:42:5c:fb:21:36: ad:b3:51:b6:68:d7:b7:98:6b:98:7a:bc:8a:f3:a3:3e:9c:ad: a9:22:e4:9f:5e:a2:82:e7:d2:e0:dc:7d:b7:4c:85:9e:6a:e8: 3d:6b:b1:66 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUY2axMBxWjZDx833XZHVkgQ11Sf8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkx M0REQjI1NzAeFw0yNTEwMDMwNjU3NTZaFw0yNjEwMDIwNzAyNTZaMDMxMTAvBgNV BAMTKENDQjc4NUZFRTFGM0EwOUMyNUY3QTAxNzQ0QkJFM0I5OEQzRUM0MDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHBtEoODkaRPHQ+6uSFt9KHvfl F36oVviroR5GE7h4S6nksI0eXojmjvM+9SBi4+irznIKxsWkDZVPCWrRWy6GpNtO UMHtWA0PBo0i6v7pxBU7n6i2alfBT52q8h+p2SOjI7YihuGV2LeOPUoMfXvCkG3c HthK8Yn38ZzW2PbhaspfugZ+ASBeaAEN9SEB1MmMVQ3l2pmeb2bbx+1uBXBNNFrc OLrnTasD4t0OeUVWfZbVM/jgUN3WCQ2GuEIfxg6rIbNWVfXTKxCe0kGg/C7KTCF1 vc1Et/5p+2SxUEivEFblLGco2DuAl1VFVIRvsn4lT/VlFp8rETPsK5kRgn95AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUzLeF/uHzoJwl96AXRLvjuY0+xAQwHwYDVR0j BBgwFoAU0jfeog1zs/IWuYM2uoMH2RPdslcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m YmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMC9EMjM3REVBMjBE NzNCM0YyMTZCOTgzMzZCQTgzMDdEOTEzRERCMjU3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDIzN0RFQTIwRDczQjNGMjE2Qjk4MzM2QkE4MzA3RDkxM0RE QjI1Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZiYjVmYTRhLWJlYTYtNDY0Zi1i NDA5LTExZDlhMzc2MWE2Yy8wLzMxMzYzMDJlMzIzMDJlMzEzMDM0MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzczOTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBRoMA0GCSqG SIb3DQEBCwUAA4IBAQBcA+K6tWnWJSnWNITn94XIqWrKgQbmazXU3O8rROAwCm9P DERxiwEKeoc1x/vA8Ku54UHCc7E35eRXwKdnPZbHlO/QaxKwB8XUP8nApdKiEiQL YSL3YHIx0uxyDy99Lr3rkuRkwwYvwlUv5PmaJ+qqEYKNBkvz4q6HPeql07IjH4pI qSKXcHpJ5gOlxbFMTXSpHPWk87OujVRio9xhCNuTZqfun4fWyeWJURxDtMmXDG8p h7cPLYAQpZbIH21xYtXYyIc6T2dZmgHRivmOKyOvqozTQlz7ITats1G2aNe3mGuY eryK86M+nK2pIuSfXqKC59Lg3H23TIWeaug9a7Fm -----END CERTIFICATE-----Generated at Tue Oct 21 00:48:03 2025 by rpki-client