$ rpki-client -vvf rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/34332e3234392e3230392e302f32342d3234203d3e203435323938.roa File: 34332e3234392e3230392e302f32342d3234203d3e203435323938.roa (raw, json) Hash identifier: Oh9cxi5p6iQswDt1z3HcVSgsz/hpYoB1rM1HgaAvh+M= Subject key identifier: D3:31:6C:D5:0D:A6:9C:0C:D5:08:71:86:00:77:84:4E:88:03:BE:51 Certificate issuer: /CN=4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0 Certificate serial: 4272474FC40772221AAF3B8AB5452029FB24D6FE Authority key identifier: 4A:4E:AE:6D:F7:EB:F8:D5:B4:40:4D:BA:E4:87:48:CC:F2:70:F7:A0 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/34332e3234392e3230392e302f32342d3234203d3e203435323938.roa Signing time: Sun 03 May 2026 02:39:44 +0000 ROA not before: Sun 03 May 2026 02:34:44 +0000 ROA not after: Sun 02 May 2027 02:39:44 +0000 asID: 45298 IP address blocks: 43.249.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.crl rsync://rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 04:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:72:47:4f:c4:07:72:22:1a:af:3b:8a:b5:45:20:29:fb:24:d6:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0 Validity Not Before: May 3 02:34:44 2026 GMT Not After : May 2 02:39:44 2027 GMT Subject: CN=D3316CD50DA69C0CD50871860077844E8803BE51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:db:1a:0c:20:a2:12:05:92:e1:cb:d9:95:49: 2a:3b:84:ea:26:90:bf:63:e4:e5:01:80:a1:ba:31: 22:79:87:42:58:ec:c2:0d:34:cc:d2:5d:b0:4d:22: 43:fc:90:3c:78:b4:70:08:9e:1a:2b:46:af:7a:7e: d3:a4:fd:21:d1:30:e2:2e:ed:b3:7d:4c:79:1a:b2: f5:57:7b:24:38:82:37:83:89:aa:f1:09:96:9c:c2: d9:bc:ac:51:45:3d:1a:00:26:df:d6:d9:66:e3:57: 1c:28:96:13:d0:61:5b:7b:9c:e7:47:6f:be:e2:06: f3:19:af:8f:6c:c3:af:67:77:83:cf:b4:88:68:08: 8d:eb:48:cb:07:01:6b:76:84:53:4d:16:e6:ae:3e: e2:3b:8e:36:b1:90:34:74:96:79:78:30:e5:71:09: 65:a1:cd:7c:0b:d4:72:61:fa:a0:60:98:e6:fa:7b: 57:0c:7b:ee:0e:20:65:3e:db:c1:5d:9c:7d:d2:ae: 51:46:81:74:cf:b6:5e:c3:eb:d7:7c:82:99:ba:e9: 82:8a:0d:bf:a4:97:9b:00:90:36:9c:cd:1d:fc:70: d9:0f:1d:90:34:90:7f:d0:29:33:7f:7a:d3:de:25: 5a:a2:c8:f1:8a:a9:17:fc:7f:29:85:05:d7:6f:0b: 6f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:31:6C:D5:0D:A6:9C:0C:D5:08:71:86:00:77:84:4E:88:03:BE:51 X509v3 Authority Key Identifier: keyid:4A:4E:AE:6D:F7:EB:F8:D5:B4:40:4D:BA:E4:87:48:CC:F2:70:F7:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/4A4EAE6DF7EBF8D5B4404DBAE48748CCF270F7A0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/65ec25e4-9aa8-4bef-9097-c0bec0b266a7/0/34332e3234392e3230392e302f32342d3234203d3e203435323938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.209.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:60:58:f9:99:13:36:1b:92:0b:d9:5b:69:47:18:24:7e:7c: 45:f2:ff:4e:76:60:64:7a:27:3b:83:23:50:4f:0b:08:17:02: 17:d6:2f:af:97:b8:06:2d:fb:c7:3f:35:8f:c5:59:bf:bc:0e: a9:01:52:6f:8e:9d:9b:44:87:77:f9:0d:e1:48:b2:8c:5b:49: 6a:1b:aa:00:7b:6b:c8:ff:8d:67:b6:57:f7:85:93:67:03:15: 5f:d6:d5:35:f2:c1:41:d2:42:be:2a:fd:bd:3f:a1:06:4c:5f: 12:f4:f7:39:49:4b:2a:d7:47:ca:c0:4f:dd:63:ba:8b:c1:c8: ec:14:3b:9d:eb:13:6b:b1:fb:8a:54:fc:30:07:4e:be:0d:23: 25:5b:6d:9f:12:85:d3:ba:d8:e3:03:b3:f4:ea:27:82:b1:52: 35:9c:63:bf:7e:d4:b0:55:19:2e:c1:41:04:29:a0:06:68:46: 50:48:03:dc:2f:fe:80:9e:b4:05:25:af:3d:a6:33:7d:84:5c: ac:8d:e7:10:d3:02:4f:3e:b6:67:af:07:80:ed:af:dd:64:11: d7:6c:3d:a4:d5:52:11:7a:2d:4e:68:07:47:b8:86:88:a3:e8: e4:bc:f0:4e:0b:9c:80:d8:01:45:66:1f:89:21:cd:cb:43:6e: a8:b2:93:52 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUQnJHT8QHciIarzuKtUUgKfsk1v4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEE0RUFFNkRGN0VCRjhENUI0NDA0REJBRTQ4NzQ4Q0NG MjcwRjdBMDAeFw0yNjA1MDMwMjM0NDRaFw0yNzA1MDIwMjM5NDRaMDMxMTAvBgNV BAMTKEQzMzE2Q0Q1MERBNjlDMENENTA4NzE4NjAwNzc4NDRFODgwM0JFNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD32xoMIKISBZLhy9mVSSo7hOom kL9j5OUBgKG6MSJ5h0JY7MINNMzSXbBNIkP8kDx4tHAInhorRq96ftOk/SHRMOIu 7bN9THkasvVXeyQ4gjeDiarxCZacwtm8rFFFPRoAJt/W2WbjVxwolhPQYVt7nOdH b77iBvMZr49sw69nd4PPtIhoCI3rSMsHAWt2hFNNFuauPuI7jjaxkDR0lnl4MOVx CWWhzXwL1HJh+qBgmOb6e1cMe+4OIGU+28FdnH3SrlFGgXTPtl7D69d8gpm66YKK Db+kl5sAkDaczR38cNkPHZA0kH/QKTN/etPeJVqiyPGKqRf8fymFBddvC2/LAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU0zFs1Q2mnAzVCHGGAHeETogDvlEwHwYDVR0j BBgwFoAUSk6ubffr+NW0QE265IdIzPJw96AwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NjVlYzI1ZTQtOWFhOC00YmVmLTkwOTctYzBiZWMwYjI2NmE3LzAvNEE0RUFFNkRG N0VCRjhENUI0NDA0REJBRTQ4NzQ4Q0NGMjcwRjdBMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80QTRFQUU2REY3RUJGOEQ1QjQ0MDREQkFFNDg3NDhDQ0YyNzBG N0EwLmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzY1ZWMyNWU0LTlhYTgtNGJlZi05 MDk3LWMwYmVjMGIyNjZhNy8wLzM0MzMyZTMyMzQzOTJlMzIzMDM5MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzQzNTMyMzkzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACv50TANBgkqhkiG 9w0BAQsFAAOCAQEAfmBY+ZkTNhuSC9lbaUcYJH58RfL/TnZgZHonO4MjUE8LCBcC F9Yvr5e4Bi37xz81j8VZv7wOqQFSb46dm0SHd/kN4UiyjFtJahuqAHtryP+NZ7ZX 94WTZwMVX9bVNfLBQdJCvir9vT+hBkxfEvT3OUlLKtdHysBP3WO6i8HI7BQ7nesT a7H7ilT8MAdOvg0jJVttnxKF07rY4wOz9OongrFSNZxjv37UsFUZLsFBBCmgBmhG UEgD3C/+gJ60BSWvPaYzfYRcrI3nENMCTz62Z68HgO2v3WQR12w9pNVSEXotTmgH R7iGiKPo5LzwTgucgNgBRWYfiSHNy0NuqLKTUg== -----END CERTIFICATE-----Generated at Wed May 13 07:56:52 2026 by rpki-client