$ rpki-client -vvf rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/3230322e382e32382e302f32342d3234203d3e203435373234.roa File: 3230322e382e32382e302f32342d3234203d3e203435373234.roa (raw, json) Hash identifier: WosTloIyziln5PL7ehnM5NRi5lB1Tbc4uPNxmDzbd8Y= Subject key identifier: 88:A7:FB:71:7E:9E:B4:9B:DC:EF:C8:18:6E:E3:B0:3B:A1:3C:41:A8 Certificate issuer: /CN=DCDFEB9B3070531BD7F0166776A9BD790D8156F3 Certificate serial: 2CFDB52B55F3B14751D7B4B8F580B4005160C0E8 Authority key identifier: DC:DF:EB:9B:30:70:53:1B:D7:F0:16:67:76:A9:BD:79:0D:81:56:F3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/3230322e382e32382e302f32342d3234203d3e203435373234.roa Signing time: Sun 03 May 2026 03:11:48 +0000 ROA not before: Sun 03 May 2026 03:06:48 +0000 ROA not after: Sun 02 May 2027 03:11:48 +0000 asID: 45724 IP address blocks: 202.8.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.crl rsync://rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 21:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:fd:b5:2b:55:f3:b1:47:51:d7:b4:b8:f5:80:b4:00:51:60:c0:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DCDFEB9B3070531BD7F0166776A9BD790D8156F3 Validity Not Before: May 3 03:06:48 2026 GMT Not After : May 2 03:11:48 2027 GMT Subject: CN=88A7FB717E9EB49BDCEFC8186EE3B03BA13C41A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:96:0d:ef:98:02:31:2e:32:0e:dd:7b:7f:5f: 7c:36:1f:ce:61:db:c6:ff:52:16:7c:f3:65:b8:fa: ff:ea:e1:48:49:75:d5:79:3b:1d:5a:64:60:61:f4: 82:35:67:51:fd:fa:8e:c0:d2:20:dd:0a:8a:d8:e7: fa:e2:4d:a6:eb:10:ee:dc:22:52:a7:d9:55:18:4e: ba:73:22:cb:36:7a:9f:d5:fb:f2:33:f8:32:b8:26: 43:8b:86:cd:42:a6:4b:5b:87:9d:08:2c:b0:91:e3: e6:19:19:ef:a3:86:9d:16:08:50:df:05:0d:dc:9c: e4:40:81:69:2f:38:18:31:f3:3f:d0:53:4c:f1:55: d8:25:8b:8f:52:5b:75:fe:d3:9a:ea:be:23:bc:fc: 31:64:2a:ef:31:16:ab:94:79:7c:72:89:09:8b:9c: be:00:38:6e:9e:78:d0:b2:62:6c:ea:b7:c0:09:43: c7:c2:fe:c7:78:a4:05:b8:c9:ae:03:a9:e8:82:d6: d6:5e:bc:e3:8b:cb:a1:af:70:09:08:92:df:18:3d: 62:2e:36:8d:5c:9d:cd:f9:aa:0e:3b:9e:61:a8:a7: 61:20:93:b5:ff:95:18:bc:81:d9:a8:1b:f3:ec:82: 97:56:84:6e:e4:78:a3:bc:ff:72:ad:ad:c8:de:fe: 33:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:A7:FB:71:7E:9E:B4:9B:DC:EF:C8:18:6E:E3:B0:3B:A1:3C:41:A8 X509v3 Authority Key Identifier: keyid:DC:DF:EB:9B:30:70:53:1B:D7:F0:16:67:76:A9:BD:79:0D:81:56:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DCDFEB9B3070531BD7F0166776A9BD790D8156F3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/deb8b889-3b3d-4ef5-ad70-5b1045eff393/0/3230322e382e32382e302f32342d3234203d3e203435373234.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.8.28.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:74:f6:18:4e:b1:96:f5:5e:7f:a9:5f:82:13:65:9f:a5:e3: 75:c8:cf:94:3a:45:d0:84:19:ac:d5:47:21:47:44:ff:f4:7f: b4:85:d2:36:95:6d:91:8a:21:64:c5:3e:f9:63:19:d7:d5:e9: 97:87:a5:07:28:e3:cc:1a:53:bb:ac:cf:2a:62:d6:b1:7d:02: ef:e2:d6:f0:fa:65:47:29:d1:38:9c:5f:b9:cb:0e:67:cd:47: 5d:c8:47:9e:ca:bc:29:03:a1:9d:e0:2f:90:fb:4e:66:83:13: 66:5a:3c:82:dd:35:11:ab:1d:a0:ae:f9:8f:14:ac:4f:69:24: d2:3a:ca:c0:04:db:dc:09:1e:b2:2c:7c:46:39:0a:10:ac:b6: 0c:11:3c:a5:2f:c5:31:bf:67:95:25:c9:ed:d7:9b:41:cc:ea: 7f:4f:ee:56:b9:f7:99:bf:e1:bf:8a:16:a8:be:a0:e6:75:f1: 44:65:61:bd:98:78:a6:cd:2b:af:79:49:62:e6:ad:aa:59:3f: 19:09:d1:ba:53:53:67:d5:d2:31:9e:ca:4d:f4:61:90:7d:30: 66:1d:1b:1b:7c:fc:02:51:da:24:a0:ab:4d:2b:3a:c7:a1:04: 23:de:ec:a6:b0:f3:95:eb:ad:35:89:47:1b:21:ac:af:e6:0e: be:31:4b:78 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIULP21K1XzsUdR17S49YC0AFFgwOgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRENERkVCOUIzMDcwNTMxQkQ3RjAxNjY3NzZBOUJENzkw RDgxNTZGMzAeFw0yNjA1MDMwMzA2NDhaFw0yNzA1MDIwMzExNDhaMDMxMTAvBgNV BAMTKDg4QTdGQjcxN0U5RUI0OUJEQ0VGQzgxODZFRTNCMDNCQTEzQzQxQTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCflg3vmAIxLjIO3Xt/X3w2H85h 28b/UhZ882W4+v/q4UhJddV5Ox1aZGBh9II1Z1H9+o7A0iDdCorY5/riTabrEO7c IlKn2VUYTrpzIss2ep/V+/Iz+DK4JkOLhs1Cpktbh50ILLCR4+YZGe+jhp0WCFDf BQ3cnORAgWkvOBgx8z/QU0zxVdgli49SW3X+05rqviO8/DFkKu8xFquUeXxyiQmL nL4AOG6eeNCyYmzqt8AJQ8fC/sd4pAW4ya4DqeiC1tZevOOLy6GvcAkIkt8YPWIu No1cnc35qg47nmGop2Egk7X/lRi8gdmoG/PsgpdWhG7keKO8/3Ktrcje/jM1AgMB AAGjggItMIICKTAdBgNVHQ4EFgQUiKf7cX6etJvc78gYbuOwO6E8QagwHwYDVR0j BBgwFoAU3N/rmzBwUxvX8BZndqm9eQ2BVvMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZGViOGI4ODktM2IzZC00ZWY1LWFkNzAtNWIxMDQ1ZWZmMzkzLzAvRENERkVCOUIz MDcwNTMxQkQ3RjAxNjY3NzZBOUJENzkwRDgxNTZGMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EQ0RGRUI5QjMwNzA1MzFCRDdGMDE2Njc3NkE5QkQ3OTBEODE1 NkYzLmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsGAQUFBzALhn9yc3luYzov L3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vZGViOGI4ODktM2IzZC00ZWY1LWFk NzAtNWIxMDQ1ZWZmMzkzLzAvMzIzMDMyMmUzODJlMzIzODJlMzAyZjMyMzQyZDMy MzQyMDNkM2UyMDM0MzUzNzMyMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKCBwwDQYJKoZIhvcNAQEL BQADggEBAF109hhOsZb1Xn+pX4ITZZ+l43XIz5Q6RdCEGazVRyFHRP/0f7SF0jaV bZGKIWTFPvljGdfV6ZeHpQco48waU7uszypi1rF9Au/i1vD6ZUcp0TicX7nLDmfN R13IR57KvCkDoZ3gL5D7TmaDE2ZaPILdNRGrHaCu+Y8UrE9pJNI6ysAE29wJHrIs fEY5ChCstgwRPKUvxTG/Z5Ulye3Xm0HM6n9P7la595m/4b+KFqi+oOZ18URlYb2Y eKbNK695SWLmrapZPxkJ0bpTU2fV0jGeyk30YZB9MGYdGxt8/AJR2iSgq00rOseh BCPe7Kaw85XrrTWJRxshrK/mDr4xS3g= -----END CERTIFICATE-----Generated at Wed May 13 04:08:36 2026 by rpki-client