$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa File: 3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa (raw, json) Hash identifier: 12MVtcg0osCIzu7HUQmcuNjU9YTN4ZeCpSy+EAt2AGg= Subject key identifier: 80:B8:A3:64:E2:BD:33:76:EE:B1:43:55:F0:FF:E7:C7:E6:24:E7:A8 Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 2FBF78AD31FBA0D406680140B86E5B78A6785C32 Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa Signing time: Sun 13 Jul 2025 12:00:05 +0000 ROA not before: Sun 13 Jul 2025 11:55:05 +0000 ROA not after: Sun 12 Jul 2026 12:00:05 +0000 asID: 63859 IP address blocks: 158.140.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 16:47:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:bf:78:ad:31:fb:a0:d4:06:68:01:40:b8:6e:5b:78:a6:78:5c:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Jul 13 11:55:05 2025 GMT Not After : Jul 12 12:00:05 2026 GMT Subject: CN=80B8A364E2BD3376EEB14355F0FFE7C7E624E7A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:b9:25:d0:21:1c:a2:6e:3f:5c:7f:fc:2d:0f: 77:ab:81:2d:68:c2:b2:33:76:6a:d6:3b:19:6f:6d: b3:28:93:f0:cd:b5:fd:1e:68:e4:a6:e2:2b:5a:d8: a2:ec:dd:2e:83:5b:58:aa:7f:50:15:a1:33:ce:56: 03:2f:00:a7:51:66:8e:31:ff:1c:91:1e:96:d6:95: b5:ba:d2:db:94:ca:c6:d7:28:24:f4:68:99:5d:ba: c0:f6:ab:b0:4c:6e:49:41:a7:ad:85:a1:a8:14:2d: 1b:b5:1f:2a:4d:0f:70:d7:28:11:b7:bc:e8:29:82: cf:ac:49:e6:1c:65:67:d7:1c:3c:59:e6:20:9b:ad: 10:bc:48:ce:ea:d4:5c:f0:57:04:6f:72:62:67:8b: 69:2b:39:9b:98:55:84:d4:f5:d6:8e:3c:8f:cb:c8: 6b:15:e2:31:3d:c7:82:38:ef:46:02:df:aa:42:4c: 71:7e:7a:93:6f:49:17:a6:6d:03:18:5a:46:32:4a: 9c:5e:64:0e:2c:dd:2b:cb:36:6e:53:99:21:3a:42: 6a:9a:e2:56:48:ae:99:54:35:08:7e:c9:3d:bf:5b: 5a:49:89:b9:45:84:7b:87:4a:a4:37:21:61:e7:07: 5f:6a:6e:16:ff:6c:79:4e:ee:d5:32:de:c5:ec:bd: bb:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:B8:A3:64:E2:BD:33:76:EE:B1:43:55:F0:FF:E7:C7:E6:24:E7:A8 X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137322e302f32342d3234203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.172.0/24 Signature Algorithm: sha256WithRSAEncryption 2a:d9:bd:4a:f9:aa:86:c6:ec:aa:b1:4e:02:45:f8:99:3f:c3: 85:d8:74:59:ed:20:f8:3c:ab:3f:a3:6e:b9:47:3d:1d:7a:11: 40:d6:13:c0:1e:3e:c4:bd:00:b4:52:f7:5c:57:c7:27:49:62: 4e:b8:a5:9d:c3:5e:03:45:f1:d7:ab:ad:17:fb:27:da:2f:c7: 9b:ad:74:9c:1b:89:27:f7:ba:4a:a7:ce:31:66:94:a6:73:fb: 7c:18:0c:e4:95:55:9f:13:4a:5d:d2:c7:ac:4b:2f:10:e8:8e: 35:35:c8:c4:45:cd:53:33:b6:d7:47:01:6f:94:ea:09:0d:9a: 85:cd:25:70:02:ad:3e:eb:8d:5b:8b:f7:a7:6a:f4:ee:86:8c: 58:60:69:9d:14:af:89:bd:19:79:10:ee:7b:4d:f6:89:98:fe: 84:3a:85:f2:f8:6e:1d:9d:61:b3:9d:21:a2:59:03:a3:93:bd: 61:bd:66:a9:05:5f:56:5f:8c:6d:74:e2:ce:ac:f3:9c:43:e7: eb:f3:c9:31:52:32:88:e6:51:f6:3e:bb:9a:51:84:21:c2:cb: 7e:0d:be:14:2b:7e:7c:66:bc:11:5e:7c:6c:b2:59:64:50:41: de:ac:ab:bb:af:4b:60:d4:5a:bf:70:0d:b3:b6:4e:63:ba:c7: ec:f7:cb:f7 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUL794rTH7oNQGaAFAuG5beKZ4XDIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNTA3MTMxMTU1MDVaFw0yNjA3MTIxMjAwMDVaMDMxMTAvBgNV BAMTKDgwQjhBMzY0RTJCRDMzNzZFRUIxNDM1NUYwRkZFN0M3RTYyNEU3QTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDouSXQIRyibj9cf/wtD3ergS1o wrIzdmrWOxlvbbMok/DNtf0eaOSm4ita2KLs3S6DW1iqf1AVoTPOVgMvAKdRZo4x /xyRHpbWlbW60tuUysbXKCT0aJldusD2q7BMbklBp62FoagULRu1HypND3DXKBG3 vOgpgs+sSeYcZWfXHDxZ5iCbrRC8SM7q1FzwVwRvcmJni2krOZuYVYTU9daOPI/L yGsV4jE9x4I470YC36pCTHF+epNvSRembQMYWkYySpxeZA4s3SvLNm5TmSE6Qmqa 4lZIrplUNQh+yT2/W1pJiblFhHuHSqQ3IWHnB19qbhb/bHlO7tUy3sXsvbuTAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUgLijZOK9M3busUNV8P/nx+Yk56gwHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM3MzIyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoysMA0GCSqG SIb3DQEBCwUAA4IBAQAq2b1K+aqGxuyqsU4CRfiZP8OF2HRZ7SD4PKs/o265Rz0d ehFA1hPAHj7EvQC0UvdcV8cnSWJOuKWdw14DRfHXq60X+yfaL8ebrXScG4kn97pK p84xZpSmc/t8GAzklVWfE0pd0sesSy8Q6I41NcjERc1TM7bXRwFvlOoJDZqFzSVw Aq0+641bi/enavTuhoxYYGmdFK+JvRl5EO57TfaJmP6EOoXy+G4dnWGznSGiWQOj k71hvWapBV9WX4xtdOLOrPOcQ+fr88kxUjKI5lH2PruaUYQhwst+Db4UK358ZrwR XnxssllkUEHerKu7r0tg1Fq/cA2ztk5jusfs98v3 -----END CERTIFICATE-----Generated at Mon Jul 21 14:45:08 2025 by rpki-client