$ rpki-client -vvf rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/3230322e38372e3234302e302f32312d3234203d3e203234323032.roa File: 3230322e38372e3234302e302f32312d3234203d3e203234323032.roa (raw, json) Hash identifier: h4LsVnhP761IIN/z9Kk00GAOTaHl3wnyiIWG9ZY5w+g= Subject key identifier: D8:18:95:78:C3:23:22:F1:A1:79:9E:AC:3B:CE:73:C9:D2:F3:15:1E Certificate issuer: /CN=A23D2170DA27C430D1B3E7D124ABD655F46B001F Certificate serial: 11B0E450C5EACE2CF14B8398278A82F7B4B6BB86 Authority key identifier: A2:3D:21:70:DA:27:C4:30:D1:B3:E7:D1:24:AB:D6:55:F4:6B:00:1F Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/3230322e38372e3234302e302f32312d3234203d3e203234323032.roa Signing time: Sun 03 May 2026 02:38:02 +0000 ROA not before: Sun 03 May 2026 02:33:02 +0000 ROA not after: Sun 02 May 2027 02:38:02 +0000 asID: 24202 IP address blocks: 202.87.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.crl rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 01:49:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:b0:e4:50:c5:ea:ce:2c:f1:4b:83:98:27:8a:82:f7:b4:b6:bb:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A23D2170DA27C430D1B3E7D124ABD655F46B001F Validity Not Before: May 3 02:33:02 2026 GMT Not After : May 2 02:38:02 2027 GMT Subject: CN=D8189578C32322F1A1799EAC3BCE73C9D2F3151E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:64:d9:fd:e3:6a:15:ea:fa:14:0d:86:c9:55: 8f:b5:3d:35:9b:5f:70:7d:a1:4e:4d:2f:4e:51:43: 8b:fa:41:57:45:f9:12:23:3a:bc:3c:dc:d6:a6:bc: 49:ae:be:f4:15:9f:91:b7:2c:b8:e3:ca:53:31:57: 4f:3a:b3:ed:8c:aa:11:47:67:72:5a:2a:f3:62:e7: 91:0a:be:8e:4b:0d:bf:4e:91:b0:8c:ed:1c:d7:ec: 37:59:c7:4c:20:2c:15:9c:20:36:12:b4:1b:ea:a1: e8:8d:89:17:37:6a:63:62:92:c0:32:36:17:05:41: 11:31:02:ef:23:62:0e:cc:f3:0a:17:44:36:41:96: 13:3e:d1:69:0b:dd:d2:5d:59:fc:3b:49:0b:13:ec: aa:a0:bf:e8:c2:c7:a2:28:3f:09:87:8c:61:c2:d8: 74:95:a1:8e:f7:34:17:09:d9:f8:89:3d:e7:d1:30: cd:d2:87:16:64:80:b6:be:ed:5b:4f:22:d7:5c:c1: 4b:89:44:4d:84:f7:7a:7f:01:41:8c:01:a0:f6:1f: 21:c3:04:7e:bd:51:33:f0:62:3c:f8:2c:5b:fc:bf: fc:1c:4e:e1:0e:23:a0:aa:1c:06:d7:ae:1f:d8:50: eb:0b:04:2e:ac:9b:a1:6b:e0:9d:09:96:cb:f2:07: 54:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:18:95:78:C3:23:22:F1:A1:79:9E:AC:3B:CE:73:C9:D2:F3:15:1E X509v3 Authority Key Identifier: keyid:A2:3D:21:70:DA:27:C4:30:D1:B3:E7:D1:24:AB:D6:55:F4:6B:00:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/A23D2170DA27C430D1B3E7D124ABD655F46B001F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A23D2170DA27C430D1B3E7D124ABD655F46B001F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/61f02a89-7ee8-4a83-8004-234d914a0fd4/0/3230322e38372e3234302e302f32312d3234203d3e203234323032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.87.240.0/21 Signature Algorithm: sha256WithRSAEncryption 67:e8:6e:51:42:eb:97:01:50:1f:68:04:c8:5f:65:84:10:81: 6f:6c:29:fd:88:2b:ab:db:41:39:09:04:23:c6:35:37:ea:54: 71:0e:cb:61:0f:e4:3e:76:ad:14:91:f3:28:85:3a:cb:f7:ab: b3:2b:76:6e:94:2d:44:3f:36:fa:52:f2:f3:0d:f9:b5:6f:84: ff:fe:40:a7:66:52:b4:8d:86:0a:5c:1c:4b:ff:fc:a8:17:c0: 78:d2:53:7b:63:2d:9b:d8:5c:a3:a4:cd:10:ea:7e:70:84:6a: 23:b4:ab:e3:37:cd:f0:f1:a6:95:8b:32:e5:05:be:a7:67:6b: 10:ff:eb:37:0b:4d:d3:75:ae:d2:83:42:df:3f:42:a4:a6:b7: c2:1a:30:75:69:96:77:77:15:42:53:a0:b5:9f:08:ff:b0:19: 45:6a:63:3a:a5:17:d1:4a:8f:c9:8b:f0:a2:e1:5e:99:87:43: 1c:b5:13:7f:dd:17:1b:9e:a2:4d:1b:d8:97:99:dc:1a:0e:e0: 5f:1e:22:68:90:eb:87:7e:2d:1f:67:f8:cd:a8:50:65:7d:2c: a5:41:68:a9:39:65:e2:7e:23:4e:66:08:90:d0:ce:a7:2a:91: e5:d2:64:0d:80:2f:a4:ce:84:7c:28:db:a0:c4:78:da:ba:75: 7c:b7:63:53 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUEbDkUMXqzizxS4OYJ4qC97S2u4YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTIzRDIxNzBEQTI3QzQzMEQxQjNFN0QxMjRBQkQ2NTVG NDZCMDAxRjAeFw0yNjA1MDMwMjMzMDJaFw0yNzA1MDIwMjM4MDJaMDMxMTAvBgNV BAMTKEQ4MTg5NTc4QzMyMzIyRjFBMTc5OUVBQzNCQ0U3M0M5RDJGMzE1MUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZNn942oV6voUDYbJVY+1PTWb X3B9oU5NL05RQ4v6QVdF+RIjOrw83NamvEmuvvQVn5G3LLjjylMxV086s+2MqhFH Z3JaKvNi55EKvo5LDb9OkbCM7RzX7DdZx0wgLBWcIDYStBvqoeiNiRc3amNiksAy NhcFQRExAu8jYg7M8woXRDZBlhM+0WkL3dJdWfw7SQsT7Kqgv+jCx6IoPwmHjGHC 2HSVoY73NBcJ2fiJPefRMM3ShxZkgLa+7VtPItdcwUuJRE2E93p/AUGMAaD2HyHD BH69UTPwYjz4LFv8v/wcTuEOI6CqHAbXrh/YUOsLBC6sm6Fr4J0JlsvyB1ThAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU2BiVeMMjIvGheZ6sO85zydLzFR4wHwYDVR0j BBgwFoAUoj0hcNonxDDRs+fRJKvWVfRrAB8wDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NjFmMDJhODktN2VlOC00YTgzLTgwMDQtMjM0ZDkxNGEwZmQ0LzAvQTIzRDIxNzBE QTI3QzQzMEQxQjNFN0QxMjRBQkQ2NTVGNDZCMDAxRi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BMjNEMjE3MERBMjdDNDMwRDFCM0U3RDEyNEFCRDY1NUY0NkIw MDFGLmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzYxZjAyYTg5LTdlZTgtNGE4My04 MDA0LTIzNGQ5MTRhMGZkNC8wLzMyMzAzMjJlMzgzNzJlMzIzNDMwMmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzIzNDMyMzAzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8pX8DANBgkqhkiG 9w0BAQsFAAOCAQEAZ+huUULrlwFQH2gEyF9lhBCBb2wp/Ygrq9tBOQkEI8Y1N+pU cQ7LYQ/kPnatFJHzKIU6y/ersyt2bpQtRD82+lLy8w35tW+E//5Ap2ZStI2GClwc S//8qBfAeNJTe2Mtm9hco6TNEOp+cIRqI7Sr4zfN8PGmlYsy5QW+p2drEP/rNwtN 03Wu0oNC3z9CpKa3whowdWmWd3cVQlOgtZ8I/7AZRWpjOqUX0UqPyYvwouFemYdD HLUTf90XG56iTRvYl5ncGg7gXx4iaJDrh34tH2f4zahQZX0spUFoqTll4n4jTmYI kNDOpyqR5dJkDYAvpM6EfCjboMR42rp1fLdjUw== -----END CERTIFICATE-----Generated at Wed May 13 11:35:04 2026 by rpki-client