$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/3230332e3136312e32302e302f32342d3234203d3e20313333383430.roa File: 3230332e3136312e32302e302f32342d3234203d3e20313333383430.roa (raw, json) Hash identifier: YZ9gLc+KaWEgvMxRekGnlvZET/50LrXbNrDTpZYZ2Lc= Subject key identifier: 5A:1A:65:76:BE:92:A8:E2:3B:53:EB:E0:CE:82:F3:E6:BA:D9:5C:83 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 1BBE6A386738CD88BCAB0B2B172741D8F1821D5B Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/3230332e3136312e32302e302f32342d3234203d3e20313333383430.roa Signing time: Sun 03 May 2026 02:48:03 +0000 ROA not before: Sun 03 May 2026 02:43:03 +0000 ROA not after: Sun 02 May 2027 02:48:03 +0000 asID: 133840 IP address blocks: 203.161.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:be:6a:38:67:38:cd:88:bc:ab:0b:2b:17:27:41:d8:f1:82:1d:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:43:03 2026 GMT Not After : May 2 02:48:03 2027 GMT Subject: CN=5A1A6576BE92A8E23B53EBE0CE82F3E6BAD95C83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:51:69:cc:e2:10:8e:d6:05:24:f6:8b:1d:8f: b7:9c:98:42:37:80:d0:6b:b8:9b:ec:13:5b:9b:15: a3:67:f4:c9:93:e6:9f:d8:74:10:22:1e:da:84:fc: 5b:0c:67:e4:f3:34:b4:e9:fe:28:73:fa:c7:fd:80: 6e:00:a2:e3:98:ba:5c:33:38:1a:53:b7:75:40:c0: f2:9b:88:02:54:88:6b:d1:63:87:e8:70:0a:4b:a2: c1:a6:78:41:87:16:e7:23:37:38:24:7a:13:84:9a: c3:cd:21:b1:74:56:13:94:eb:19:5c:72:86:fb:e8: ee:6a:c5:56:4e:f6:6a:ec:7a:dd:cd:bc:72:1f:65: fd:b3:10:29:6c:6e:ba:0a:6b:0d:83:31:95:4f:46: e4:ad:af:02:71:49:27:96:5a:9f:d0:45:1a:5f:42: 22:1b:96:3f:ff:55:a8:eb:14:d6:8b:59:e2:e2:65: 8e:0b:01:6c:21:4d:88:00:a0:b0:8e:d8:41:d8:e3: c3:3d:92:02:2f:18:7e:9c:5a:a5:2b:4d:30:9a:2e: 26:c1:82:18:28:10:cd:68:a8:11:05:42:ff:81:21: 33:6a:29:37:02:7e:be:9e:3d:ff:33:27:a1:5b:c1: 5d:49:89:32:41:b8:83:e0:2a:fa:10:b8:c7:85:e5: fa:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:1A:65:76:BE:92:A8:E2:3B:53:EB:E0:CE:82:F3:E6:BA:D9:5C:83 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/3230332e3136312e32302e302f32342d3234203d3e20313333383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.161.20.0/24 Signature Algorithm: sha256WithRSAEncryption 78:08:65:cc:cf:ee:62:3a:9f:f5:6d:a5:83:f2:4b:d1:7a:37: dd:b4:08:cb:c5:e3:8d:41:4c:39:bc:2f:a2:5e:66:e0:09:dc: 22:b4:1b:70:bc:8a:ea:75:d5:9d:3d:93:55:fb:bb:30:12:35: 3b:fa:36:0e:3a:a0:41:9b:4e:36:d6:6b:36:e8:81:da:5f:f0: 2a:4a:9e:f9:41:01:b0:8e:44:bf:26:b6:b3:86:07:02:27:fb: f8:11:df:28:1f:55:f6:1d:af:a1:28:27:68:c4:35:81:45:6a: fb:40:47:9f:be:1d:6d:22:4a:c3:12:4a:0c:46:e8:38:4a:53: d2:a6:2d:e7:14:69:99:6c:5d:df:5f:41:53:08:77:e8:f6:bc: ba:fb:ad:57:f2:dd:94:03:95:d7:52:32:d8:0e:8d:44:59:16: e0:2f:a6:0e:4e:7f:1c:22:60:50:63:dd:6a:e2:24:be:68:d5: 35:6d:c5:be:80:23:3e:3a:7d:67:65:76:1c:e5:2e:61:80:cb: 89:fd:0a:99:a9:ab:00:3c:ac:02:9a:d0:2c:39:4f:67:5c:25: 04:74:ff:4c:93:4e:45:db:af:ec:58:da:fd:31:bb:ba:80:94: a8:7a:49:04:23:7e:24:04:88:f7:87:b9:25:5f:01:47:0a:bc: 38:27:c5:58 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUG75qOGc4zYi8qwsrFydB2PGCHVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQzMDNaFw0yNzA1MDIwMjQ4MDNaMDMxMTAvBgNV BAMTKDVBMUE2NTc2QkU5MkE4RTIzQjUzRUJFMENFODJGM0U2QkFEOTVDODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGUWnM4hCO1gUk9osdj7ecmEI3 gNBruJvsE1ubFaNn9MmT5p/YdBAiHtqE/FsMZ+TzNLTp/ihz+sf9gG4AouOYulwz OBpTt3VAwPKbiAJUiGvRY4focApLosGmeEGHFucjNzgkehOEmsPNIbF0VhOU6xlc cob76O5qxVZO9mrset3NvHIfZf2zEClsbroKaw2DMZVPRuStrwJxSSeWWp/QRRpf QiIblj//VajrFNaLWeLiZY4LAWwhTYgAoLCO2EHY48M9kgIvGH6cWqUrTTCaLibB ghgoEM1oqBEFQv+BITNqKTcCfr6ePf8zJ6FbwV1JiTJBuIPgKvoQuMeF5fr3AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUWhpldr6SqOI7U+vgzoLz5rrZXIMwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzAzMzJlMzEzNjMxMmUzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzMzMzgzNDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy6EUMA0GCSqG SIb3DQEBCwUAA4IBAQB4CGXMz+5iOp/1baWD8kvRejfdtAjLxeONQUw5vC+iXmbg CdwitBtwvIrqddWdPZNV+7swEjU7+jYOOqBBm0421ms26IHaX/AqSp75QQGwjkS/ JrazhgcCJ/v4Ed8oH1X2Ha+hKCdoxDWBRWr7QEefvh1tIkrDEkoMRug4SlPSpi3n FGmZbF3fX0FTCHfo9ry6+61X8t2UA5XXUjLYDo1EWRbgL6YOTn8cImBQY91q4iS+ aNU1bcW+gCM+On1nZXYc5S5hgMuJ/QqZqasAPKwCmtAsOU9nXCUEdP9Mk05F26/s WNr9Mbu6gJSoekkEI34kBIj3h7klXwFHCrw4J8VY -----END CERTIFICATE-----Generated at Wed May 13 02:19:24 2026 by rpki-client