$ rpki-client -vvf repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/3131382e39312e3132382e302f32312d3234203d3e203234313935.roa File: 3131382e39312e3132382e302f32312d3234203d3e203234313935.roa (raw, json) Hash identifier: yiPIGsDISayK97qWqm2UWsTxEHdxKETOsL8gSiwFMjA= Subject key identifier: 88:84:C5:6D:DD:84:3A:B3:B0:C4:D1:C0:93:11:CF:6C:D5:80:08:E6 Certificate issuer: /CN=1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946 Certificate serial: 3564D9CC5500FC37F3E5BA7059CF38C951789DD2 Authority key identifier: 1F:CD:47:FB:4B:D7:29:E2:2E:4F:EE:FC:E5:B6:1B:4E:1C:7F:E9:46 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/3131382e39312e3132382e302f32312d3234203d3e203234313935.roa Signing time: Sat 12 Jul 2025 09:00:00 +0000 ROA not before: Sat 12 Jul 2025 08:55:00 +0000 ROA not after: Sat 11 Jul 2026 09:00:00 +0000 asID: 24195 IP address blocks: 118.91.128.0/21 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.crl rsync://repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 08:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:64:d9:cc:55:00:fc:37:f3:e5:ba:70:59:cf:38:c9:51:78:9d:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946 Validity Not Before: Jul 12 08:55:00 2025 GMT Not After : Jul 11 09:00:00 2026 GMT Subject: CN=8884C56DDD843AB3B0C4D1C09311CF6CD58008E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:71:f0:f7:4d:7a:52:1b:6e:5e:5c:bb:53:bb: 8e:32:e2:53:3f:55:71:88:d4:5d:66:51:26:dd:78: 08:23:87:c9:a2:89:a8:30:c5:66:f3:36:11:25:99: 49:1a:b0:35:14:ad:3e:98:de:ae:66:07:f0:fc:18: dd:d2:c0:11:9d:aa:0a:e6:48:da:3a:f2:44:9a:5f: 47:ea:39:c7:ae:81:5f:fb:7f:8c:ae:af:fd:39:56: 7b:87:e6:d8:3a:38:fc:5a:ab:31:e7:fc:8e:af:22: 89:4f:42:6e:d8:d7:e0:94:4c:07:42:0a:c6:cc:6b: 0b:ce:91:e0:95:43:32:5e:ee:8b:ce:ed:17:f3:51: 65:70:65:29:dd:b0:6a:66:39:3c:5c:16:8d:c4:dc: f2:e1:f7:64:39:d8:fc:9d:c8:70:ae:3b:a7:ec:39: ac:2a:01:27:43:dd:6d:a9:10:ca:7b:6e:17:fb:00: 5f:68:70:5a:af:12:15:09:ae:b5:8b:b6:1c:fe:fa: c1:cf:c9:7f:78:40:bf:8e:a1:b0:c5:a3:e7:55:d8: 74:e2:2a:d3:b1:20:d5:53:ab:64:d6:fe:6c:4e:cc: 85:ed:bf:9d:57:0c:f5:0e:61:51:3e:0b:8c:04:be: bd:0c:24:ac:c5:d0:fc:c8:9a:80:6c:59:62:72:44: b8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:84:C5:6D:DD:84:3A:B3:B0:C4:D1:C0:93:11:CF:6C:D5:80:08:E6 X509v3 Authority Key Identifier: keyid:1F:CD:47:FB:4B:D7:29:E2:2E:4F:EE:FC:E5:B6:1B:4E:1C:7F:E9:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1FCD47FB4BD729E22E4FEEFCE5B61B4E1C7FE946.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8792a4cd-dbac-43ac-8060-2e8d42eae655/0/3131382e39312e3132382e302f32312d3234203d3e203234313935.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 118.91.128.0/21 Signature Algorithm: sha256WithRSAEncryption 50:01:6c:e8:f0:91:96:67:d6:e1:4b:c4:e9:f6:14:dd:ce:90: 2b:73:5d:f4:66:11:55:b5:fd:80:a7:ae:bf:92:6b:e0:b8:d4: 95:8f:7b:55:ec:12:4d:96:1a:7f:5c:53:e4:6c:cd:29:82:d5: 34:aa:15:ce:0f:7a:3c:84:4b:73:d2:73:79:22:7d:cd:fb:e1: 90:2b:d9:4a:6e:07:9c:b8:67:4b:06:f4:83:b0:03:e5:6a:64: bf:13:ef:19:be:73:83:b6:67:85:c1:ab:5a:8a:f7:52:95:c0: 52:5e:35:5f:a6:e8:2a:4b:02:b9:3f:4f:cc:e2:47:eb:e3:6a: 79:9b:d1:2c:ae:33:b0:a8:bb:43:2f:8f:70:bb:b9:9a:f6:9b: 1d:8c:b5:11:2e:6a:8d:08:bd:15:12:6b:06:79:f4:77:76:0d: 44:73:22:ed:51:29:ed:8b:aa:a8:55:ba:55:74:38:37:8f:a5: 43:d6:b9:b4:da:42:f3:de:e9:6f:74:e6:8a:53:7c:84:73:00: 5c:56:7d:69:26:72:ca:4d:d8:92:c9:86:cf:61:06:48:5f:1e: b3:b9:92:ae:06:61:0a:b8:4d:6a:3c:f5:45:ff:65:96:b0:86: 9c:f7:9a:a8:a6:64:98:dc:61:1b:57:ac:cd:a4:4c:2b:ef:b6: d1:81:3b:b0 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUNWTZzFUA/Dfz5bpwWc84yVF4ndIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZDRDQ3RkI0QkQ3MjlFMjJFNEZFRUZDRTVCNjFCNEUx QzdGRTk0NjAeFw0yNTA3MTIwODU1MDBaFw0yNjA3MTEwOTAwMDBaMDMxMTAvBgNV BAMTKDg4ODRDNTZEREQ4NDNBQjNCMEM0RDFDMDkzMTFDRjZDRDU4MDA4RTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYcfD3TXpSG25eXLtTu44y4lM/ VXGI1F1mUSbdeAgjh8miiagwxWbzNhElmUkasDUUrT6Y3q5mB/D8GN3SwBGdqgrm SNo68kSaX0fqOceugV/7f4yur/05VnuH5tg6OPxaqzHn/I6vIolPQm7Y1+CUTAdC CsbMawvOkeCVQzJe7ovO7RfzUWVwZSndsGpmOTxcFo3E3PLh92Q52PydyHCuO6fs OawqASdD3W2pEMp7bhf7AF9ocFqvEhUJrrWLthz++sHPyX94QL+OobDFo+dV2HTi KtOxINVTq2TW/mxOzIXtv51XDPUOYVE+C4wEvr0MJKzF0PzImoBsWWJyRLjtAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUiITFbd2EOrOwxNHAkxHPbNWACOYwHwYDVR0j BBgwFoAUH81H+0vXKeIuT+785bYbThx/6UYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 NzkyYTRjZC1kYmFjLTQzYWMtODA2MC0yZThkNDJlYWU2NTUvMC8xRkNENDdGQjRC RDcyOUUyMkU0RkVFRkNFNUI2MUI0RTFDN0ZFOTQ2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMUZDRDQ3RkI0QkQ3MjlFMjJFNEZFRUZDRTVCNjFCNEUxQzdG RTk0Ni5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg3OTJhNGNkLWRiYWMtNDNhYy04 MDYwLTJlOGQ0MmVhZTY1NS8wLzMxMzEzODJlMzkzMTJlMzEzMjM4MmUzMDJmMzIz MTJkMzIzNDIwM2QzZTIwMzIzNDMxMzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3ZbgDANBgkqhkiG 9w0BAQsFAAOCAQEAUAFs6PCRlmfW4UvE6fYU3c6QK3Nd9GYRVbX9gKeuv5Jr4LjU lY97VewSTZYaf1xT5GzNKYLVNKoVzg96PIRLc9JzeSJ9zfvhkCvZSm4HnLhnSwb0 g7AD5WpkvxPvGb5zg7ZnhcGrWor3UpXAUl41X6boKksCuT9PzOJH6+NqeZvRLK4z sKi7Qy+PcLu5mvabHYy1ES5qjQi9FRJrBnn0d3YNRHMi7VEp7YuqqFW6VXQ4N4+l Q9a5tNpC897pb3TmilN8hHMAXFZ9aSZyyk3YksmGz2EGSF8es7mSrgZhCrhNajz1 Rf9llrCGnPeaqKZkmNxhG1eszaRMK++20YE7sA== -----END CERTIFICATE-----Generated at Thu Jul 24 12:03:05 2025 by rpki-client