$ rpki-client -vvf rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3136302e302f32302d3234203d3e203234353236.roa File: 3230322e35382e3136302e302f32302d3234203d3e203234353236.roa (raw, json) Hash identifier: V/iHEE2Ii8SNOk9oIk4Wl3p9bTut1waaMc3vv9GaoqA= Subject key identifier: 8A:9F:C3:5A:FA:83:11:82:EE:9C:C6:5B:99:48:B0:FA:6B:4E:AD:B0 Certificate issuer: /CN=40FAE5A8EC712D9E6DB575D52972B69605542EEC Certificate serial: 610ED6C9CB916E0C5B889906D00F23554C809455 Authority key identifier: 40:FA:E5:A8:EC:71:2D:9E:6D:B5:75:D5:29:72:B6:96:05:54:2E:EC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3136302e302f32302d3234203d3e203234353236.roa Signing time: Sun 03 May 2026 03:00:46 +0000 ROA not before: Sun 03 May 2026 02:55:46 +0000 ROA not after: Sun 02 May 2027 03:00:46 +0000 asID: 24526 IP address blocks: 202.58.160.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.crl rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 04:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:0e:d6:c9:cb:91:6e:0c:5b:88:99:06:d0:0f:23:55:4c:80:94:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40FAE5A8EC712D9E6DB575D52972B69605542EEC Validity Not Before: May 3 02:55:46 2026 GMT Not After : May 2 03:00:46 2027 GMT Subject: CN=8A9FC35AFA831182EE9CC65B9948B0FA6B4EADB0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ae:46:ed:08:86:ac:65:70:ce:00:20:f5:47: 02:19:87:67:90:32:49:be:4f:ef:e4:35:d3:f2:a0: a2:42:58:c4:04:13:88:fe:b2:a9:5e:e3:f3:5d:3c: 81:74:75:ad:05:98:9f:ad:9b:44:a8:7b:e0:22:6c: 1e:d5:58:81:c6:1c:76:1d:07:1a:e8:72:46:e3:9e: 0c:0f:94:fe:fc:c4:25:e8:22:b9:57:57:32:77:35: d7:4c:24:fa:59:11:6b:70:cf:ed:05:43:22:20:77: 11:b2:8b:01:71:04:f1:80:3d:58:85:41:fd:6a:e1: e7:91:9b:82:fd:77:30:a7:ac:3c:88:38:09:19:cf: a8:90:09:b9:9b:fd:d2:07:54:2e:fd:01:9c:24:9b: d2:47:8f:30:65:b4:a9:4d:99:53:28:09:a3:80:0f: 59:74:d9:9b:8b:a7:81:b4:38:86:7b:ec:f6:97:8f: 22:39:9b:fc:16:19:75:17:1a:50:53:5b:91:c8:2b: f2:2b:b1:4a:2f:8a:aa:95:64:40:a3:27:e9:49:ff: f1:47:22:f4:b4:66:f3:75:51:84:e3:41:0b:6d:02: ea:22:ad:dd:a9:79:f8:9f:69:2a:9d:d7:d7:74:9d: 57:e7:a8:40:c3:54:17:cd:35:db:33:20:44:8b:ba: 13:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:9F:C3:5A:FA:83:11:82:EE:9C:C6:5B:99:48:B0:FA:6B:4E:AD:B0 X509v3 Authority Key Identifier: keyid:40:FA:E5:A8:EC:71:2D:9E:6D:B5:75:D5:29:72:B6:96:05:54:2E:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3136302e302f32302d3234203d3e203234353236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.58.160.0/20 Signature Algorithm: sha256WithRSAEncryption 20:b6:74:0b:28:32:e1:7a:d7:3d:a8:cc:f8:c3:ac:e5:9e:8d: 19:e3:8f:08:b0:b3:ef:b1:9f:2f:77:38:0e:89:7a:89:26:00: 0e:fd:33:c0:b1:f4:13:6b:be:b0:02:d5:ac:3f:36:4f:d4:0f: a3:40:cc:aa:a7:67:d3:93:3d:cc:11:40:64:bd:71:48:13:33: e9:e5:6d:23:bf:b5:5c:6c:d1:c9:56:6b:f8:51:3f:34:f7:14: e7:fa:10:8a:d3:b7:51:68:3a:89:b6:7f:af:30:d8:7e:c3:6c: 6d:5d:6b:80:39:c7:85:d8:06:b0:a0:c0:23:5d:e2:4f:6d:7d: 0b:2e:b5:a0:77:15:b9:24:14:b0:c3:f2:24:c6:32:d5:f2:f2: 31:e0:a5:d3:ea:1f:42:a9:7b:28:b8:24:da:38:80:0d:74:f7: 58:bd:69:8a:d3:4f:ac:91:30:a8:e7:32:08:11:c6:ce:e8:42: e4:a4:0e:51:83:10:59:6e:bc:0f:55:c6:89:98:8b:b3:4c:17: 23:6a:1f:7d:55:d9:b9:49:93:08:6e:76:25:9c:63:9a:53:75: 6d:71:8c:ea:36:ed:30:50:39:af:07:26:6a:53:78:d0:e0:9e: e0:38:5a:ba:d0:14:ea:14:a6:04:08:39:97:62:18:02:ec:df: cc:0f:a4:40 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUYQ7WycuRbgxbiJkG0A8jVUyAlFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBGQUU1QThFQzcxMkQ5RTZEQjU3NUQ1Mjk3MkI2OTYw NTU0MkVFQzAeFw0yNjA1MDMwMjU1NDZaFw0yNzA1MDIwMzAwNDZaMDMxMTAvBgNV BAMTKDhBOUZDMzVBRkE4MzExODJFRTlDQzY1Qjk5NDhCMEZBNkI0RUFEQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3rkbtCIasZXDOACD1RwIZh2eQ Mkm+T+/kNdPyoKJCWMQEE4j+sqle4/NdPIF0da0FmJ+tm0Soe+AibB7VWIHGHHYd BxrockbjngwPlP78xCXoIrlXVzJ3NddMJPpZEWtwz+0FQyIgdxGyiwFxBPGAPViF Qf1q4eeRm4L9dzCnrDyIOAkZz6iQCbmb/dIHVC79AZwkm9JHjzBltKlNmVMoCaOA D1l02ZuLp4G0OIZ77PaXjyI5m/wWGXUXGlBTW5HIK/IrsUoviqqVZECjJ+lJ//FH IvS0ZvN1UYTjQQttAuoird2pefifaSqd19d0nVfnqEDDVBfNNdszIESLuhMLAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUip/DWvqDEYLunMZbmUiw+mtOrbAwHwYDVR0j BBgwFoAUQPrlqOxxLZ5ttXXVKXK2lgVULuwwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YjM1MTI5ZTQtMjMyOC00M2QyLWE0NTgtOWQzODI5NjE0ODE1LzAvNDBGQUU1QThF QzcxMkQ5RTZEQjU3NUQ1Mjk3MkI2OTYwNTU0MkVFQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MEZBRTVBOEVDNzEyRDlFNkRCNTc1RDUyOTcyQjY5NjA1NTQy RUVDLmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvL2IzNTEyOWU0LTIzMjgtNDNkMi1h NDU4LTlkMzgyOTYxNDgxNS8wLzMyMzAzMjJlMzUzODJlMzEzNjMwMmUzMDJmMzIz MDJkMzIzNDIwM2QzZTIwMzIzNDM1MzIzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMo6oDANBgkqhkiG 9w0BAQsFAAOCAQEAILZ0Cygy4XrXPajM+MOs5Z6NGeOPCLCz77GfL3c4Dol6iSYA Dv0zwLH0E2u+sALVrD82T9QPo0DMqqdn05M9zBFAZL1xSBMz6eVtI7+1XGzRyVZr +FE/NPcU5/oQitO3UWg6ibZ/rzDYfsNsbV1rgDnHhdgGsKDAI13iT219Cy61oHcV uSQUsMPyJMYy1fLyMeCl0+ofQql7KLgk2jiADXT3WL1pitNPrJEwqOcyCBHGzuhC 5KQOUYMQWW68D1XGiZiLs0wXI2offVXZuUmTCG52JZxjmlN1bXGM6jbtMFA5rwcm alN40OCe4DhautAU6hSmBAg5l2IYAuzfzA+kQA== -----END CERTIFICATE-----Generated at Wed May 13 11:49:54 2026 by rpki-client