$ rpki-client -vvf rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/3135372e32302e3232322e302f32342d3234203d3e20313532343337.roa File: 3135372e32302e3232322e302f32342d3234203d3e20313532343337.roa (raw, json) Hash identifier: EKUa1vnxpRzh4ZDuHDfZ4gRqG//+vsL4hxhqb+zan3U= Subject key identifier: 8F:55:5F:35:C9:E3:10:A8:98:A4:CF:CC:C1:08:72:56:FE:C5:0F:7F Certificate issuer: /CN=AF2070B1260531FBF069F7AE728D1824E0197266 Certificate serial: 7D75CEF0CB8E375AEF51D9F7904A836976AF609D Authority key identifier: AF:20:70:B1:26:05:31:FB:F0:69:F7:AE:72:8D:18:24:E0:19:72:66 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF2070B1260531FBF069F7AE728D1824E0197266.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/3135372e32302e3232322e302f32342d3234203d3e20313532343337.roa Signing time: Sun 03 May 2026 02:56:00 +0000 ROA not before: Sun 03 May 2026 02:51:00 +0000 ROA not after: Sun 02 May 2027 02:56:00 +0000 asID: 152437 IP address blocks: 157.20.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/AF2070B1260531FBF069F7AE728D1824E0197266.crl rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/AF2070B1260531FBF069F7AE728D1824E0197266.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF2070B1260531FBF069F7AE728D1824E0197266.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:75:ce:f0:cb:8e:37:5a:ef:51:d9:f7:90:4a:83:69:76:af:60:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF2070B1260531FBF069F7AE728D1824E0197266 Validity Not Before: May 3 02:51:00 2026 GMT Not After : May 2 02:56:00 2027 GMT Subject: CN=8F555F35C9E310A898A4CFCCC1087256FEC50F7F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:54:99:e1:e3:c6:1a:37:5a:9f:63:00:1a:1e: 01:f8:ec:4b:34:eb:b5:9c:a1:b9:e9:6c:d0:d2:f8: 7f:da:6b:8a:66:9a:83:c8:af:5a:fd:70:5e:fb:45: 0e:68:3a:5e:a9:c4:06:30:c9:dc:a1:c2:7e:97:a5: d2:c8:f6:8b:de:27:87:b8:d6:3a:19:95:7d:31:fe: 81:6a:d5:62:77:4b:23:31:62:e6:5a:32:45:bd:35: 32:06:93:bc:19:5a:a9:64:55:c2:03:f3:13:9d:b9: 77:e2:bb:75:63:53:f1:f9:c4:4a:9a:b5:70:e1:30: a8:ca:11:60:cc:d1:e1:3c:49:54:2e:15:a6:29:b5: b5:b7:17:ac:63:52:d1:d3:88:80:45:87:da:9c:d2: 97:63:af:f6:cd:08:ff:86:c8:41:87:93:00:9e:05: 37:59:d2:99:27:4f:93:1d:78:56:b4:72:a0:b7:5a: 5f:7e:c0:be:e8:b5:87:e7:ba:57:f4:27:b7:63:f2: 27:d9:64:2d:c8:6d:70:c2:a3:60:96:41:e5:39:c9: b1:ed:ff:da:a4:db:5c:b9:b2:48:98:79:23:8a:06: 01:24:79:0f:f4:d3:92:4b:bd:f4:b3:9a:4b:37:85: 82:ba:9f:01:73:2a:a2:95:27:dc:42:f0:f1:0a:be: 15:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:55:5F:35:C9:E3:10:A8:98:A4:CF:CC:C1:08:72:56:FE:C5:0F:7F X509v3 Authority Key Identifier: keyid:AF:20:70:B1:26:05:31:FB:F0:69:F7:AE:72:8D:18:24:E0:19:72:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/AF2070B1260531FBF069F7AE728D1824E0197266.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AF2070B1260531FBF069F7AE728D1824E0197266.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/3135372e32302e3232322e302f32342d3234203d3e20313532343337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.222.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:cd:cb:03:b7:ff:93:b2:6c:b2:86:4c:9d:e9:c5:b2:99:98: 23:b9:00:8c:0f:3f:6c:b1:c2:5b:94:b6:db:99:85:ed:6c:3a: 92:b5:a0:55:7e:f3:bf:33:7a:c0:1d:09:d0:80:a7:46:09:49: 90:5a:5b:b6:ca:35:0a:08:80:1f:dd:88:d2:86:02:87:86:38: a1:4c:1f:e6:f3:91:12:65:40:8d:7d:7b:f0:08:dd:d7:e9:57: 7c:74:13:1a:9d:e2:85:33:3c:ec:a8:0b:23:b7:f3:86:12:e1: 04:cc:01:4e:a3:1e:52:db:f6:86:7f:a5:cb:6e:ff:35:5b:94: 3d:38:43:3c:60:99:a1:f1:36:5a:f3:96:68:af:77:2c:f6:19: c2:d0:ef:ab:f7:6d:7a:fd:f4:dd:04:70:87:45:55:cd:f2:4e: a8:92:4b:75:e0:bc:c9:db:bb:38:ed:eb:e0:a0:f5:e1:3e:ba: ff:97:07:2e:f9:25:30:e2:4c:f6:ba:3d:34:a5:fd:46:5e:8b: 17:17:5a:87:7e:4d:9b:47:ed:62:52:83:25:05:fd:63:de:76: 2c:0d:41:4e:24:c6:a8:fd:3a:35:e4:ec:75:7b:8c:f4:c5:b2: b0:06:8d:33:64:00:3a:7b:ba:b8:84:9c:f2:16:1e:7a:48:53: 03:de:7e:a1 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUfXXO8MuON1rvUdn3kEqDaXavYJ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUYyMDcwQjEyNjA1MzFGQkYwNjlGN0FFNzI4RDE4MjRF MDE5NzI2NjAeFw0yNjA1MDMwMjUxMDBaFw0yNzA1MDIwMjU2MDBaMDMxMTAvBgNV BAMTKDhGNTU1RjM1QzlFMzEwQTg5OEE0Q0ZDQ0MxMDg3MjU2RkVDNTBGN0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFVJnh48YaN1qfYwAaHgH47Es0 67WcobnpbNDS+H/aa4pmmoPIr1r9cF77RQ5oOl6pxAYwydyhwn6XpdLI9oveJ4e4 1joZlX0x/oFq1WJ3SyMxYuZaMkW9NTIGk7wZWqlkVcID8xOduXfiu3VjU/H5xEqa tXDhMKjKEWDM0eE8SVQuFaYptbW3F6xjUtHTiIBFh9qc0pdjr/bNCP+GyEGHkwCe BTdZ0pknT5MdeFa0cqC3Wl9+wL7otYfnulf0J7dj8ifZZC3IbXDCo2CWQeU5ybHt /9qk21y5skiYeSOKBgEkeQ/005JLvfSzmks3hYK6nwFzKqKVJ9xC8PEKvhUpAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUj1VfNcnjEKiYpM/MwQhyVv7FD38wHwYDVR0j BBgwFoAUryBwsSYFMfvwafeuco0YJOAZcmYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YTFmMTVhMWQtNWRhYy00Y2M5LTgxMWEtZTQ5Y2I0ZTdiY2UxLzAvQUYyMDcwQjEy NjA1MzFGQkYwNjlGN0FFNzI4RDE4MjRFMDE5NzI2Ni5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMC9BRjIwNzBCMTI2MDUzMUZCRjA2OUY3QUU3MjhEMTgyNEUwMTk3 MjY2LmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvL2ExZjE1YTFkLTVkYWMtNGNjOS04 MTFhLWU0OWNiNGU3YmNlMS8wLzMxMzUzNzJlMzIzMDJlMzIzMjMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMzM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTeMA0GCSqG SIb3DQEBCwUAA4IBAQA6zcsDt/+Tsmyyhkyd6cWymZgjuQCMDz9sscJblLbbmYXt bDqStaBVfvO/M3rAHQnQgKdGCUmQWlu2yjUKCIAf3YjShgKHhjihTB/m85ESZUCN fXvwCN3X6Vd8dBManeKFMzzsqAsjt/OGEuEEzAFOox5S2/aGf6XLbv81W5Q9OEM8 YJmh8TZa85Zor3cs9hnC0O+r9216/fTdBHCHRVXN8k6okkt14LzJ27s47evgoPXh Prr/lwcu+SUw4kz2uj00pf1GXosXF1qHfk2bR+1iUoMlBf1j3nYsDUFOJMao/To1 5Ox1e4z0xbKwBo0zZAA6e7q4hJzyFh56SFMD3n6h -----END CERTIFICATE-----Generated at Wed May 13 00:21:15 2026 by rpki-client