$ rpki-client -vvf rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa File: 3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa (raw, json) Hash identifier: PRQ0wyh257Ie4C2D9c8Ywf6UyKXsn9qs6MWo6/u5E68= Subject key identifier: 29:88:24:EF:E0:B6:A7:88:A9:BF:FF:37:CC:24:98:B0:42:33:B9:75 Certificate issuer: /CN=98FBC9C110EF2F9B4553D613927F55774E076EA9 Certificate serial: 2AE00C2BD9E1FCF05D7557998910AAC7F96F5513 Authority key identifier: 98:FB:C9:C1:10:EF:2F:9B:45:53:D6:13:92:7F:55:77:4E:07:6E:A9 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa Signing time: Sun 03 May 2026 02:28:02 +0000 ROA not before: Sun 03 May 2026 02:23:02 +0000 ROA not after: Sun 02 May 2027 02:28:02 +0000 asID: 152431 IP address blocks: 157.20.230.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.crl rsync://rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:e0:0c:2b:d9:e1:fc:f0:5d:75:57:99:89:10:aa:c7:f9:6f:55:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98FBC9C110EF2F9B4553D613927F55774E076EA9 Validity Not Before: May 3 02:23:02 2026 GMT Not After : May 2 02:28:02 2027 GMT Subject: CN=298824EFE0B6A788A9BFFF37CC2498B04233B975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ea:27:f1:cf:9f:02:f6:13:f5:e1:ed:15:8d: c8:9d:a1:83:1b:23:1e:f1:20:c1:fb:51:a2:ee:08: 6f:68:0e:d7:56:6b:1c:0b:25:d9:ff:f4:8e:14:76: ce:c5:70:cd:c7:b1:27:91:b2:67:19:ed:1e:7c:a6: 07:26:3d:2f:b7:db:3a:f2:e6:8b:96:da:8d:cd:f1: 9c:9a:15:57:09:95:02:b9:29:87:79:b3:1e:d7:1c: d5:f5:75:49:23:84:51:a8:f4:d4:4d:67:4b:f0:8b: 20:c2:83:8c:dc:5f:2f:83:ac:ba:47:bf:e9:78:80: 41:ff:05:ee:09:e8:73:41:9c:f9:50:a1:92:94:ce: 5a:87:0f:9d:34:82:9c:1b:ce:a3:27:b8:56:d5:2f: 80:21:1d:01:38:1b:9f:91:17:b3:1d:0d:fb:5f:a1: f2:81:05:e3:7f:27:b4:83:7c:8b:d9:ad:3f:89:19: d1:42:80:a4:74:e2:8f:c4:75:1c:9d:5d:73:e6:eb: 12:99:bd:ca:6e:05:02:31:ef:12:f6:36:b7:b7:a1: 49:13:9c:f4:df:5d:e3:bd:a2:8b:f7:8a:ef:d9:d6: 07:37:74:14:8f:dd:a9:2e:56:f5:fd:af:00:5d:16: fe:aa:95:1a:23:ed:be:d7:7e:a5:76:9e:af:61:bb: 0a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:88:24:EF:E0:B6:A7:88:A9:BF:FF:37:CC:24:98:B0:42:33:B9:75 X509v3 Authority Key Identifier: keyid:98:FB:C9:C1:10:EF:2F:9B:45:53:D6:13:92:7F:55:77:4E:07:6E:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/98FBC9C110EF2F9B4553D613927F55774E076EA9.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3cf0a77c-3928-4130-a098-b437572d722c/0/3135372e32302e3233302e302f32332d3234203d3e20313532343331.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.230.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:d1:51:fe:6f:72:84:95:2d:e1:7e:08:db:d5:5f:1f:d4:18: 69:db:75:9f:50:87:a6:26:9a:26:cf:25:28:17:46:cd:a7:7f: a6:be:52:40:94:13:84:71:0a:a7:ae:c5:f2:52:ce:27:ad:d3: bc:51:05:9d:fc:da:f6:34:57:55:77:4d:e9:73:2d:bd:f5:89: 08:0b:11:2c:d4:59:7d:03:0f:80:b3:d6:4c:8f:83:8f:90:30: 7b:24:29:e2:88:db:0d:c6:7d:37:9c:eb:5d:55:df:f7:8c:f6: 45:9d:e1:c2:0c:6b:47:eb:88:a3:2a:3f:3b:2b:09:5c:c9:f6: eb:9d:c2:e2:a5:1e:75:28:98:60:b1:9c:76:5a:d0:f9:81:f1: c8:ef:78:41:a2:a1:13:c4:99:d3:92:8f:bf:e7:7c:9c:77:b6: 6a:34:1f:b2:11:87:60:f6:70:e0:e0:99:35:94:2f:a9:de:62: df:f5:23:32:e2:f8:4d:2e:9c:83:fc:c4:a4:e0:fa:67:f3:2e: 7c:46:17:93:fe:f8:39:8b:33:20:ac:21:b7:e6:0b:aa:28:78: 3c:9d:f2:c8:64:e7:12:d0:5d:8c:76:f3:18:31:29:2f:6b:67: 79:dd:65:e5:ea:f5:ef:9c:0f:b5:58:c0:03:c5:04:6b:e7:d1: a1:d5:a8:e7 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUKuAMK9nh/PBddVeZiRCqx/lvVRMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOThGQkM5QzExMEVGMkY5QjQ1NTNENjEzOTI3RjU1Nzc0 RTA3NkVBOTAeFw0yNjA1MDMwMjIzMDJaFw0yNzA1MDIwMjI4MDJaMDMxMTAvBgNV BAMTKDI5ODgyNEVGRTBCNkE3ODhBOUJGRkYzN0NDMjQ5OEIwNDIzM0I5NzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi6ifxz58C9hP14e0VjcidoYMb Ix7xIMH7UaLuCG9oDtdWaxwLJdn/9I4Uds7FcM3HsSeRsmcZ7R58pgcmPS+32zry 5ouW2o3N8ZyaFVcJlQK5KYd5sx7XHNX1dUkjhFGo9NRNZ0vwiyDCg4zcXy+DrLpH v+l4gEH/Be4J6HNBnPlQoZKUzlqHD500gpwbzqMnuFbVL4AhHQE4G5+RF7MdDftf ofKBBeN/J7SDfIvZrT+JGdFCgKR04o/EdRydXXPm6xKZvcpuBQIx7xL2Nre3oUkT nPTfXeO9oov3iu/Z1gc3dBSP3akuVvX9rwBdFv6qlRoj7b7XfqV2nq9huwopAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUKYgk7+C2p4ipv/83zCSYsEIzuXUwHwYDVR0j BBgwFoAUmPvJwRDvL5tFU9YTkn9Vd04HbqkwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v M2NmMGE3N2MtMzkyOC00MTMwLWEwOTgtYjQzNzU3MmQ3MjJjLzAvOThGQkM5QzEx MEVGMkY5QjQ1NTNENjEzOTI3RjU1Nzc0RTA3NkVBOS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC85OEZCQzlDMTEwRUYyRjlCNDU1M0Q2MTM5MjdGNTU3NzRFMDc2 RUE5LmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzNjZjBhNzdjLTM5MjgtNDEzMC1h MDk4LWI0Mzc1NzJkNzIyYy8wLzMxMzUzNzJlMzIzMDJlMzIzMzMwMmUzMDJmMzIz MzJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRTmMA0GCSqG SIb3DQEBCwUAA4IBAQAv0VH+b3KElS3hfgjb1V8f1Bhp23WfUIemJpomzyUoF0bN p3+mvlJAlBOEcQqnrsXyUs4nrdO8UQWd/Nr2NFdVd03pcy299YkICxEs1Fl9Aw+A s9ZMj4OPkDB7JCniiNsNxn03nOtdVd/3jPZFneHCDGtH64ijKj87KwlcyfbrncLi pR51KJhgsZx2WtD5gfHI73hBoqETxJnTko+/53ycd7ZqNB+yEYdg9nDg4Jk1lC+p 3mLf9SMy4vhNLpyD/MSk4Ppn8y58RheT/vg5izMgrCG35guqKHg8nfLIZOcS0F2M dvMYMSkva2d53WXl6vXvnA+1WMADxQRr59Gh1ajn -----END CERTIFICATE-----Generated at Wed May 13 06:00:57 2026 by rpki-client