$ rpki-client -vvf repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3130332e3233362e3138382e302f32322d3234203d3e203633383738.roa File: 3130332e3233362e3138382e302f32322d3234203d3e203633383738.roa (raw, json) Hash identifier: IK+u+i97z9eMvyQxyRqv23SPg6t3j5oWeOL0K/ItAE0= Subject key identifier: F5:23:41:2A:AB:F8:3C:1B:C9:0F:BB:CA:DE:45:CB:21:EB:95:32:40 Certificate issuer: /CN=3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2 Certificate serial: 0A47D94DB77FCB4DC2591A7726185C6194C6BD97 Authority key identifier: 3A:0E:A2:A2:1C:E4:23:A2:4D:4D:08:AD:C1:08:69:F1:2C:9A:D4:A2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3130332e3233362e3138382e302f32322d3234203d3e203633383738.roa Signing time: Fri 04 Jul 2025 11:02:20 +0000 ROA not before: Fri 04 Jul 2025 10:57:20 +0000 ROA not after: Fri 03 Jul 2026 11:02:20 +0000 asID: 63878 IP address blocks: 103.236.188.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.crl rsync://repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 14:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:47:d9:4d:b7:7f:cb:4d:c2:59:1a:77:26:18:5c:61:94:c6:bd:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2 Validity Not Before: Jul 4 10:57:20 2025 GMT Not After : Jul 3 11:02:20 2026 GMT Subject: CN=F523412AABF83C1BC90FBBCADE45CB21EB953240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:52:67:6d:d6:21:64:ae:09:d0:dd:ff:3a:a6: 45:fd:4e:4b:03:c9:89:37:05:e1:94:79:a5:fa:cf: f1:60:17:30:86:47:91:21:6d:5c:bf:1c:f0:25:b7: ce:53:8f:5c:ed:38:7a:cf:a5:49:45:43:06:12:d3: e6:c9:1e:50:e7:bd:e3:58:f6:03:1e:29:98:7e:f4: d3:05:9e:e2:d4:2c:3b:29:81:ee:30:fd:31:88:9e: 96:08:b2:85:0b:55:5b:18:38:6b:1a:63:26:26:8f: 9f:ab:5e:10:44:d7:be:68:f1:b3:cc:bb:c1:33:26: 88:38:76:9a:65:aa:95:7b:88:54:7e:d9:a3:c2:2d: 97:55:09:56:f3:bc:46:8a:64:9f:fa:f6:65:33:cb: 80:91:2d:a9:cd:36:ac:08:e8:1f:95:b2:63:49:eb: 96:78:b2:c1:6b:df:01:49:77:dd:f1:a3:25:44:9e: 11:37:18:ad:18:89:bd:3c:f8:8c:01:e5:9a:51:91: 27:f7:80:30:18:df:7b:c5:f0:58:8d:64:f6:d2:82: eb:2f:01:38:50:25:51:29:73:b6:ea:93:d7:48:5f: ed:ee:a9:2a:14:cf:c9:c0:bb:d6:c1:3c:87:51:c4: 99:82:81:89:ac:47:53:02:b2:eb:04:f2:4d:21:0a: 5f:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:23:41:2A:AB:F8:3C:1B:C9:0F:BB:CA:DE:45:CB:21:EB:95:32:40 X509v3 Authority Key Identifier: keyid:3A:0E:A2:A2:1C:E4:23:A2:4D:4D:08:AD:C1:08:69:F1:2C:9A:D4:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3A0EA2A21CE423A24D4D08ADC10869F12C9AD4A2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4261fabb-d46f-4f8c-8100-714c20e7b3ca/0/3130332e3233362e3138382e302f32322d3234203d3e203633383738.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.236.188.0/22 Signature Algorithm: sha256WithRSAEncryption 14:0e:79:ce:71:58:2e:26:5b:5d:c7:ca:04:25:84:ff:09:b1: 26:84:2f:79:29:73:b7:14:42:05:c6:04:dc:a5:8f:11:d3:83: d1:7d:de:92:95:d6:8a:8b:7a:31:8c:eb:03:49:27:20:c1:55: 6e:be:01:7d:fd:0f:4d:0e:75:0b:14:b6:78:94:dd:ce:83:4a: 9e:32:93:28:14:ef:0e:8d:89:39:14:60:af:c9:23:b5:ac:d7: b7:0a:e5:f5:9f:1c:88:a2:74:c7:ab:88:34:4b:b9:cb:15:56: ae:2d:d0:6a:ad:39:b8:3e:82:1c:fe:7b:31:f1:de:58:bf:74: ce:1e:b2:9b:27:c1:ee:55:50:19:6d:ef:1c:ce:42:b2:8f:56: 5e:f4:1d:9f:90:56:86:ae:88:f1:e6:c2:b8:eb:b3:81:43:7b: 2f:a5:4c:33:d5:dd:07:bb:68:6a:65:ad:f1:59:b7:91:b9:74: 5a:0f:b5:01:4b:58:ef:f5:ee:1b:21:c1:e9:1b:84:a6:5b:29: 4b:76:cd:99:9d:8d:64:e4:a9:1b:fd:da:cc:46:c9:c1:b6:e2: 6a:3b:46:58:31:63:1e:af:6c:74:63:19:b6:5f:df:45:37:ec: a9:38:95:2c:67:0d:48:ae:84:90:fc:77:9c:7c:0f:de:51:a9: b0:3d:b9:2f -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUCkfZTbd/y03CWRp3JhhcYZTGvZcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0EwRUEyQTIxQ0U0MjNBMjRENEQwOEFEQzEwODY5RjEy QzlBRDRBMjAeFw0yNTA3MDQxMDU3MjBaFw0yNjA3MDMxMTAyMjBaMDMxMTAvBgNV BAMTKEY1MjM0MTJBQUJGODNDMUJDOTBGQkJDQURFNDVDQjIxRUI5NTMyNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIUmdt1iFkrgnQ3f86pkX9TksD yYk3BeGUeaX6z/FgFzCGR5EhbVy/HPAlt85Tj1ztOHrPpUlFQwYS0+bJHlDnveNY 9gMeKZh+9NMFnuLULDspge4w/TGInpYIsoULVVsYOGsaYyYmj5+rXhBE175o8bPM u8EzJog4dpplqpV7iFR+2aPCLZdVCVbzvEaKZJ/69mUzy4CRLanNNqwI6B+VsmNJ 65Z4ssFr3wFJd93xoyVEnhE3GK0Yib08+IwB5ZpRkSf3gDAY33vF8FiNZPbSgusv AThQJVEpc7bqk9dIX+3uqSoUz8nAu9bBPIdRxJmCgYmsR1MCsusE8k0hCl8jAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU9SNBKqv4PBvJD7vK3kXLIeuVMkAwHwYDVR0j BBgwFoAUOg6iohzkI6JNTQitwQhp8Sya1KIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 MjYxZmFiYi1kNDZmLTRmOGMtODEwMC03MTRjMjBlN2IzY2EvMC8zQTBFQTJBMjFD RTQyM0EyNEQ0RDA4QURDMTA4NjlGMTJDOUFENEEyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0EwRUEyQTIxQ0U0MjNBMjRENEQwOEFEQzEwODY5RjEyQzlB RDRBMi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQyNjFmYWJiLWQ0NmYtNGY4Yy04 MTAwLTcxNGMyMGU3YjNjYS8wLzMxMzAzMzJlMzIzMzM2MmUzMTM4MzgyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzNjMzMzgzNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+y8MA0GCSqG SIb3DQEBCwUAA4IBAQAUDnnOcVguJltdx8oEJYT/CbEmhC95KXO3FEIFxgTcpY8R 04PRfd6SldaKi3oxjOsDSScgwVVuvgF9/Q9NDnULFLZ4lN3Og0qeMpMoFO8OjYk5 FGCvySO1rNe3CuX1nxyIonTHq4g0S7nLFVauLdBqrTm4PoIc/nsx8d5Yv3TOHrKb J8HuVVAZbe8czkKyj1Ze9B2fkFaGrojx5sK467OBQ3svpUwz1d0Hu2hqZa3xWbeR uXRaD7UBS1jv9e4bIcHpG4SmWylLds2ZnY1k5Kkb/drMRsnBtuJqO0ZYMWMer2x0 Yxm2X99FN+ypOJUsZw1IroSQ/HecfA/eUamwPbkv -----END CERTIFICATE-----Generated at Mon Jul 21 14:34:03 2025 by rpki-client