$ rpki-client -vvf repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e3132392e3233312e302f32342d3234203d3e20313332363339.roa File: 3130332e3132392e3233312e302f32342d3234203d3e20313332363339.roa (raw, json) Hash identifier: jWc0sz86L+eDtr+nDMgQgH+2S7uRf5Y8Wu7u8v4zz0Q= Subject key identifier: 31:8A:32:A6:EB:B3:43:82:F6:3E:D5:26:EA:0D:16:02:AA:3E:7E:E7 Certificate issuer: /CN=523EE8D6F461B8FD4106F482C46C1029B1013145 Certificate serial: 5C67EA10B2C4689C63E730AF30C7BD92BB82989A Authority key identifier: 52:3E:E8:D6:F4:61:B8:FD:41:06:F4:82:C4:6C:10:29:B1:01:31:45 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e3132392e3233312e302f32342d3234203d3e20313332363339.roa Signing time: Wed 25 Jun 2025 14:01:17 +0000 ROA not before: Wed 25 Jun 2025 13:56:17 +0000 ROA not after: Wed 24 Jun 2026 14:01:17 +0000 asID: 132639 IP address blocks: 103.129.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.crl rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:67:ea:10:b2:c4:68:9c:63:e7:30:af:30:c7:bd:92:bb:82:98:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=523EE8D6F461B8FD4106F482C46C1029B1013145 Validity Not Before: Jun 25 13:56:17 2025 GMT Not After : Jun 24 14:01:17 2026 GMT Subject: CN=318A32A6EBB34382F63ED526EA0D1602AA3E7EE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:b0:55:5f:70:21:bb:30:a1:17:94:07:52:7a: cb:e5:b5:d9:7e:85:c5:73:2f:fe:02:23:c6:b2:e9: a4:5c:1d:87:00:c3:f9:cd:fb:41:24:02:a7:68:19: 30:8f:f1:f6:58:4a:de:1c:9a:f5:f2:61:4e:54:25: 2c:30:ab:ad:bd:61:97:a7:03:0d:97:c5:04:a0:1d: 23:16:eb:28:e3:5b:3b:b9:ff:0a:b5:8b:e7:3a:1b: 3f:77:4c:8f:62:51:af:2a:77:a6:22:6a:03:d3:10: 3a:dc:1e:eb:63:e0:21:03:c8:1f:2b:44:39:7d:63: fa:fe:a6:2e:14:dc:45:58:d4:a7:ac:25:8d:31:d6: 2d:fe:2d:6d:13:5a:27:49:a5:95:70:93:94:e6:26: 28:ed:de:7d:c5:48:67:51:f3:6b:59:26:14:12:75: c8:75:cd:da:58:97:2d:37:9d:d2:06:5c:3b:57:8e: 4a:4c:e6:ac:8e:61:e6:aa:82:05:89:c6:a5:a2:c4: d0:68:66:25:ee:88:c3:9a:fc:6e:51:5d:3f:ea:2d: 8c:67:84:de:b1:f0:2b:82:53:bb:8d:8a:b4:f2:c5: 35:94:fa:ca:5c:37:fa:5b:1e:50:c9:ae:7c:73:5a: c0:96:ca:c0:81:27:2d:03:6b:9a:2e:67:13:53:9d: 72:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:8A:32:A6:EB:B3:43:82:F6:3E:D5:26:EA:0D:16:02:AA:3E:7E:E7 X509v3 Authority Key Identifier: keyid:52:3E:E8:D6:F4:61:B8:FD:41:06:F4:82:C4:6C:10:29:B1:01:31:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/523EE8D6F461B8FD4106F482C46C1029B1013145.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/523EE8D6F461B8FD4106F482C46C1029B1013145.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6aa42742-89d2-49bb-8a3e-294c368971f5/0/3130332e3132392e3233312e302f32342d3234203d3e20313332363339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.231.0/24 Signature Algorithm: sha256WithRSAEncryption 04:ff:83:11:66:a8:58:f3:1c:01:6a:bd:74:f7:4e:02:63:8f: 11:e2:6c:ab:72:40:16:0d:f1:c0:91:66:6f:c6:a3:6a:9f:f2: 0d:41:9e:6b:de:6c:ba:70:e4:10:79:6c:24:7b:12:85:4b:a6: 2d:02:8f:34:77:04:0a:2c:46:f1:2a:79:ae:91:5e:46:18:5b: 90:99:b2:44:69:18:b6:5b:e6:e3:b6:8f:c8:94:01:a9:08:e6: d7:36:0b:21:ea:45:5c:08:5a:5f:c8:4e:17:86:61:0f:64:b1: e8:30:df:22:e0:1f:dd:7d:16:13:67:00:ef:1e:4d:16:a9:cc: e6:04:30:5b:ce:67:96:03:06:ad:f5:6c:9f:78:57:4e:62:78: 68:de:18:d7:68:6e:ac:69:0c:dc:75:88:2f:6a:09:6e:71:5c: 8d:e6:e8:28:84:51:6e:37:90:39:85:1b:15:bb:21:65:48:0e: c0:45:3c:83:a9:4f:81:0b:e4:08:42:29:a3:a6:1f:8f:26:61: cd:a1:65:01:b4:69:7e:67:ef:c1:6e:88:4a:8c:fe:be:9d:6e: 65:ba:57:03:94:d8:d8:d1:09:98:b8:c9:38:84:9c:7a:f7:ca: aa:43:4e:c6:c0:6d:fd:da:d7:cd:f7:9d:ee:a8:98:6a:84:8a: 56:ea:8d:3e -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUXGfqELLEaJxj5zCvMMe9kruCmJowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTIzRUU4RDZGNDYxQjhGRDQxMDZGNDgyQzQ2QzEwMjlC MTAxMzE0NTAeFw0yNTA2MjUxMzU2MTdaFw0yNjA2MjQxNDAxMTdaMDMxMTAvBgNV BAMTKDMxOEEzMkE2RUJCMzQzODJGNjNFRDUyNkVBMEQxNjAyQUEzRTdFRTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPsFVfcCG7MKEXlAdSesvltdl+ hcVzL/4CI8ay6aRcHYcAw/nN+0EkAqdoGTCP8fZYSt4cmvXyYU5UJSwwq629YZen Aw2XxQSgHSMW6yjjWzu5/wq1i+c6Gz93TI9iUa8qd6YiagPTEDrcHutj4CEDyB8r RDl9Y/r+pi4U3EVY1KesJY0x1i3+LW0TWidJpZVwk5TmJijt3n3FSGdR82tZJhQS dch1zdpYly03ndIGXDtXjkpM5qyOYeaqggWJxqWixNBoZiXuiMOa/G5RXT/qLYxn hN6x8CuCU7uNirTyxTWU+spcN/pbHlDJrnxzWsCWysCBJy0Da5ouZxNTnXKdAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUMYoypuuzQ4L2PtUm6g0WAqo+fucwHwYDVR0j BBgwFoAUUj7o1vRhuP1BBvSCxGwQKbEBMUUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 YWE0Mjc0Mi04OWQyLTQ5YmItOGEzZS0yOTRjMzY4OTcxZjUvMC81MjNFRThENkY0 NjFCOEZENDEwNkY0ODJDNDZDMTAyOUIxMDEzMTQ1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNTIzRUU4RDZGNDYxQjhGRDQxMDZGNDgyQzQ2QzEwMjlCMTAx MzE0NS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZhYTQyNzQyLTg5ZDItNDliYi04 YTNlLTI5NGMzNjg5NzFmNS8wLzMxMzAzMzJlMzEzMjM5MmUzMjMzMzEyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzIzNjMzMzkucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngecwDQYJ KoZIhvcNAQELBQADggEBAAT/gxFmqFjzHAFqvXT3TgJjjxHibKtyQBYN8cCRZm/G o2qf8g1BnmvebLpw5BB5bCR7EoVLpi0CjzR3BAosRvEqea6RXkYYW5CZskRpGLZb 5uO2j8iUAakI5tc2CyHqRVwIWl/ITheGYQ9ksegw3yLgH919FhNnAO8eTRapzOYE MFvOZ5YDBq31bJ94V05ieGjeGNdobqxpDNx1iC9qCW5xXI3m6CiEUW43kDmFGxW7 IWVIDsBFPIOpT4EL5AhCKaOmH48mYc2hZQG0aX5n78FuiEqM/r6dbmW6VwOU2NjR CZi4yTiEnHr3yqpDTsbAbf3a1833ne6omGqEilbqjT4= -----END CERTIFICATE-----Generated at Wed Jul 23 23:45:33 2025 by rpki-client