$ rpki-client -vvf rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3137362e302f32312d3234203d3e203234353236.roa File: 3230322e35382e3137362e302f32312d3234203d3e203234353236.roa (raw, json) Hash identifier: tD3lCHzhXlz3IQI/wt9ZY4yLokS7e0eiL2Sj3ZiczNw= Subject key identifier: 16:F8:F4:50:C5:27:87:54:74:13:CA:31:FF:8E:55:D4:9D:CB:84:30 Certificate issuer: /CN=40FAE5A8EC712D9E6DB575D52972B69605542EEC Certificate serial: 0F4553CDD812FD9DAA3295541EAF8621D5BA5465 Authority key identifier: 40:FA:E5:A8:EC:71:2D:9E:6D:B5:75:D5:29:72:B6:96:05:54:2E:EC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3137362e302f32312d3234203d3e203234353236.roa Signing time: Sun 03 May 2026 03:00:45 +0000 ROA not before: Sun 03 May 2026 02:55:45 +0000 ROA not after: Sun 02 May 2027 03:00:45 +0000 asID: 24526 IP address blocks: 202.58.176.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.crl rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 04:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:45:53:cd:d8:12:fd:9d:aa:32:95:54:1e:af:86:21:d5:ba:54:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40FAE5A8EC712D9E6DB575D52972B69605542EEC Validity Not Before: May 3 02:55:45 2026 GMT Not After : May 2 03:00:45 2027 GMT Subject: CN=16F8F450C52787547413CA31FF8E55D49DCB8430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:b1:81:af:82:15:c1:1d:f3:49:b1:ed:72:c4: 79:f4:80:69:64:57:d4:31:5b:69:52:47:47:5d:e2: ae:76:eb:7b:00:ae:a9:62:64:73:57:8f:ec:24:d6: 53:e2:ff:e1:ab:4e:38:75:a9:6e:52:98:a9:77:cf: f9:9b:61:e9:4f:85:30:a8:26:87:d2:fa:a2:fa:cb: 50:20:94:f3:00:0a:c3:c9:0d:b1:50:13:9f:aa:89: 6f:5a:94:29:2c:63:00:ff:86:c0:68:a4:68:3e:ed: 8a:38:f7:51:6a:37:6f:bb:38:b7:85:62:cb:cc:05: c2:ce:34:c0:54:0f:03:e0:49:41:1d:c7:d0:59:c9: 87:08:bf:b6:33:08:36:df:59:08:9c:e9:47:62:8f: fe:c1:32:44:fb:6e:06:96:90:01:3b:73:d1:94:33: 0d:46:38:9b:cd:eb:01:bd:cd:f5:81:bf:c5:24:5c: 02:93:c9:88:7b:75:d1:b2:4f:a5:e0:05:f9:93:2d: 7d:41:c4:27:ee:7c:b3:e5:4c:62:3a:1e:3f:6e:02: 2a:09:28:f9:aa:c1:b4:80:ac:0b:cf:92:9d:36:13: 6c:e1:66:37:40:e0:d7:ff:ad:11:f6:dc:43:c3:09: a2:5d:52:71:2f:b1:f2:6f:82:77:0f:97:76:3e:2d: 63:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F8:F4:50:C5:27:87:54:74:13:CA:31:FF:8E:55:D4:9D:CB:84:30 X509v3 Authority Key Identifier: keyid:40:FA:E5:A8:EC:71:2D:9E:6D:B5:75:D5:29:72:B6:96:05:54:2E:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/40FAE5A8EC712D9E6DB575D52972B69605542EEC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/40FAE5A8EC712D9E6DB575D52972B69605542EEC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/b35129e4-2328-43d2-a458-9d3829614815/0/3230322e35382e3137362e302f32312d3234203d3e203234353236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.58.176.0/21 Signature Algorithm: sha256WithRSAEncryption 04:63:08:92:fd:58:2c:a4:2f:2a:d7:92:32:0b:1c:da:08:1c: 60:52:3f:dd:ab:ab:08:c9:8f:52:75:cb:38:19:75:01:60:af: fd:ce:e0:f3:89:f5:89:14:5a:99:fa:cf:3f:2d:84:6d:5a:c3: 09:12:6b:21:01:88:b8:21:87:5f:5a:71:69:b7:a3:af:05:96: cc:29:6b:a2:8e:26:0f:4e:d5:c7:e4:98:96:06:6b:33:15:61: 00:79:15:7f:fa:4d:cf:80:bf:4f:82:da:a6:ed:85:1c:b9:d8: ba:c0:72:9c:71:26:60:4f:c8:1c:9b:11:97:ef:de:82:40:3c: 81:78:32:1f:ec:39:84:23:89:7f:32:d2:5d:49:4c:a6:8f:07: 40:e9:3f:74:20:c0:39:ca:70:53:51:53:97:71:ae:14:06:69: 7c:32:a6:e0:1a:fa:dc:c6:b6:75:c3:15:98:e0:30:2b:60:03: 79:5c:76:56:12:be:89:b5:68:64:ee:5a:27:c2:6b:05:af:f6: 3b:6d:5d:14:89:de:32:06:8f:17:39:3f:31:4d:d3:64:9d:68: 3d:c2:a5:b1:b2:bc:df:8f:4f:c8:8e:a1:43:a8:9c:5f:36:32: b7:22:80:7d:42:bc:8f:87:30:d6:c2:0b:3b:f9:1f:81:c8:46: 4a:0d:df:32 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUD0VTzdgS/Z2qMpVUHq+GIdW6VGUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDBGQUU1QThFQzcxMkQ5RTZEQjU3NUQ1Mjk3MkI2OTYw NTU0MkVFQzAeFw0yNjA1MDMwMjU1NDVaFw0yNzA1MDIwMzAwNDVaMDMxMTAvBgNV BAMTKDE2RjhGNDUwQzUyNzg3NTQ3NDEzQ0EzMUZGOEU1NUQ0OURDQjg0MzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMsYGvghXBHfNJse1yxHn0gGlk V9QxW2lSR0dd4q5263sArqliZHNXj+wk1lPi/+GrTjh1qW5SmKl3z/mbYelPhTCo JofS+qL6y1AglPMACsPJDbFQE5+qiW9alCksYwD/hsBopGg+7Yo491FqN2+7OLeF YsvMBcLONMBUDwPgSUEdx9BZyYcIv7YzCDbfWQic6Udij/7BMkT7bgaWkAE7c9GU Mw1GOJvN6wG9zfWBv8UkXAKTyYh7ddGyT6XgBfmTLX1BxCfufLPlTGI6Hj9uAioJ KPmqwbSArAvPkp02E2zhZjdA4Nf/rRH23EPDCaJdUnEvsfJvgncPl3Y+LWPdAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUFvj0UMUnh1R0E8ox/45V1J3LhDAwHwYDVR0j BBgwFoAUQPrlqOxxLZ5ttXXVKXK2lgVULuwwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YjM1MTI5ZTQtMjMyOC00M2QyLWE0NTgtOWQzODI5NjE0ODE1LzAvNDBGQUU1QThF QzcxMkQ5RTZEQjU3NUQ1Mjk3MkI2OTYwNTU0MkVFQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MEZBRTVBOEVDNzEyRDlFNkRCNTc1RDUyOTcyQjY5NjA1NTQy RUVDLmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvL2IzNTEyOWU0LTIzMjgtNDNkMi1h NDU4LTlkMzgyOTYxNDgxNS8wLzMyMzAzMjJlMzUzODJlMzEzNzM2MmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzIzNDM1MzIzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8o6sDANBgkqhkiG 9w0BAQsFAAOCAQEABGMIkv1YLKQvKteSMgsc2ggcYFI/3aurCMmPUnXLOBl1AWCv /c7g84n1iRRamfrPPy2EbVrDCRJrIQGIuCGHX1pxabejrwWWzClroo4mD07Vx+SY lgZrMxVhAHkVf/pNz4C/T4Lapu2FHLnYusBynHEmYE/IHJsRl+/egkA8gXgyH+w5 hCOJfzLSXUlMpo8HQOk/dCDAOcpwU1FTl3GuFAZpfDKm4Br63Ma2dcMVmOAwK2AD eVx2VhK+ibVoZO5aJ8JrBa/2O21dFIneMgaPFzk/MU3TZJ1oPcKlsbK8349PyI6h Q6icXzYytyKAfUK8j4cw1sILO/kfgchGSg3fMg== -----END CERTIFICATE-----Generated at Wed May 13 13:23:56 2026 by rpki-client