$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3138302e302f32342d3234203d3e203633383539.roa File: 3135382e3134302e3138302e302f32342d3234203d3e203633383539.roa (raw, json) Hash identifier: 6L1VPHwYhQ4ZsO+TdZ0YfdGkvUpmejL5Uu1qBxEmo8Y= Subject key identifier: 8D:A9:E8:65:A6:B7:B1:9D:E0:D6:4F:70:35:87:7C:43:00:38:4E:16 Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 3098D22B1DE6FBE6281A595504786CD72C173B7E Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3138302e302f32342d3234203d3e203633383539.roa Signing time: Sun 13 Jul 2025 10:00:02 +0000 ROA not before: Sun 13 Jul 2025 09:55:02 +0000 ROA not after: Sun 12 Jul 2026 10:00:02 +0000 asID: 63859 IP address blocks: 158.140.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 18:41:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:98:d2:2b:1d:e6:fb:e6:28:1a:59:55:04:78:6c:d7:2c:17:3b:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Jul 13 09:55:02 2025 GMT Not After : Jul 12 10:00:02 2026 GMT Subject: CN=8DA9E865A6B7B19DE0D64F7035877C4300384E16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:27:b2:1d:37:0a:96:e1:cf:62:2e:b5:7f:f5: 53:a9:d4:2e:6b:a1:82:0e:3b:65:cb:ec:e5:b9:f0: 67:08:9c:dc:5c:5a:1e:72:a0:b9:57:be:f6:27:0e: fc:85:19:fd:01:ea:93:39:6b:ed:54:50:d5:f1:eb: bf:4a:16:18:88:69:94:86:54:49:71:a3:ae:dd:0b: 32:3b:6d:d0:2e:a5:a3:d6:ed:90:7a:0b:4c:c0:c5: 89:45:e8:d8:fa:dd:b5:6d:35:24:c2:59:d4:59:ba: 96:e9:29:ab:95:ca:72:7e:df:bb:b5:57:bc:1a:15: 45:e1:ec:dc:05:63:8b:bd:8c:43:4b:db:b1:8e:6e: a2:00:8c:cb:eb:1e:3e:6a:77:ef:61:d8:6f:0d:e1: e2:3d:4c:b1:a8:b3:db:06:d2:aa:55:1d:74:ab:ee: 15:14:3b:64:65:96:6b:ec:57:1e:eb:41:6d:70:47: 23:09:5c:e6:1a:8d:53:d3:5e:af:1b:36:b0:0d:5c: ff:c2:f7:1b:51:f5:80:a4:43:b1:79:bd:56:4e:a1: 65:a0:8c:3a:0b:c9:e1:98:13:cf:53:9b:71:e9:e5: 46:56:57:f3:00:90:26:d2:82:85:b7:81:c3:8e:65: a3:19:73:d3:d0:ca:8a:8f:fc:bb:d3:45:17:ef:1c: 92:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:A9:E8:65:A6:B7:B1:9D:E0:D6:4F:70:35:87:7C:43:00:38:4E:16 X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3138302e302f32342d3234203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.180.0/24 Signature Algorithm: sha256WithRSAEncryption 77:26:a7:f6:2c:33:ac:48:3c:7d:53:1c:e9:20:cd:54:b3:b5: b0:82:3f:1d:33:79:c6:23:4b:0d:01:fc:36:9d:0d:4a:66:0a: 98:b1:0b:0f:f5:25:b0:23:fe:ac:2c:e2:be:19:44:19:40:8e: d0:f0:2d:70:b8:3e:ac:eb:71:49:f7:8a:fe:76:79:8c:bc:d2: 85:9f:9a:5e:1b:69:fa:b8:d7:83:14:43:0f:d7:15:9b:cf:67: cc:fb:38:72:bd:13:b2:37:63:e1:4a:17:d6:11:a1:b9:52:17: be:c5:13:14:3f:c1:6e:f5:bb:13:be:38:a4:d6:73:96:64:fd: 86:8d:3c:71:80:7d:8a:d2:f3:20:21:16:fc:49:6d:14:cd:d9: 63:37:60:c9:47:d2:18:b9:f6:08:50:a5:bf:1f:76:40:ff:3f: 3a:90:6e:51:88:e9:17:3b:8d:87:01:de:12:3e:27:85:48:b4: 6e:b9:d4:24:d5:01:6a:e5:a9:a4:2b:78:34:5e:3b:64:c6:82: ec:65:db:bd:bc:0e:a8:ad:27:9c:dd:79:33:98:84:c6:0a:d7: bf:9d:1d:61:c2:5b:64:9b:25:e7:de:09:13:1f:50:bb:18:5a: ac:c2:a1:23:8c:e5:f2:16:9b:fc:df:69:ac:db:f2:a6:15:ad: ab:90:a3:0b -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUMJjSKx3m++YoGllVBHhs1ywXO34wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNTA3MTMwOTU1MDJaFw0yNjA3MTIxMDAwMDJaMDMxMTAvBgNV BAMTKDhEQTlFODY1QTZCN0IxOURFMEQ2NEY3MDM1ODc3QzQzMDAzODRFMTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfJ7IdNwqW4c9iLrV/9VOp1C5r oYIOO2XL7OW58GcInNxcWh5yoLlXvvYnDvyFGf0B6pM5a+1UUNXx679KFhiIaZSG VElxo67dCzI7bdAupaPW7ZB6C0zAxYlF6Nj63bVtNSTCWdRZupbpKauVynJ+37u1 V7waFUXh7NwFY4u9jENL27GObqIAjMvrHj5qd+9h2G8N4eI9TLGos9sG0qpVHXSr 7hUUO2RllmvsVx7rQW1wRyMJXOYajVPTXq8bNrANXP/C9xtR9YCkQ7F5vVZOoWWg jDoLyeGYE89Tm3Hp5UZWV/MAkCbSgoW3gcOOZaMZc9PQyoqP/LvTRRfvHJKnAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUjanoZaa3sZ3g1k9wNYd8QwA4ThYwHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM4MzAyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoy0MA0GCSqG SIb3DQEBCwUAA4IBAQB3Jqf2LDOsSDx9UxzpIM1Us7Wwgj8dM3nGI0sNAfw2nQ1K ZgqYsQsP9SWwI/6sLOK+GUQZQI7Q8C1wuD6s63FJ94r+dnmMvNKFn5peG2n6uNeD FEMP1xWbz2fM+zhyvROyN2PhShfWEaG5Uhe+xRMUP8Fu9bsTvjik1nOWZP2GjTxx gH2K0vMgIRb8SW0UzdljN2DJR9IYufYIUKW/H3ZA/z86kG5RiOkXO42HAd4SPieF SLRuudQk1QFq5amkK3g0XjtkxoLsZdu9vA6orSec3XkzmITGCte/nR1hwltkmyXn 3gkTH1C7GFqswqEjjOXyFpv832ms2/KmFa2rkKML -----END CERTIFICATE-----Generated at Sun Oct 26 22:57:43 2025 by rpki-client