$ rpki-client -vvf repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3130332e39362e3134352e302f32342d3234203d3e20313338313238.roa File: 3130332e39362e3134352e302f32342d3234203d3e20313338313238.roa (raw, json) Hash identifier: V1qL9KpXi+aM0YLlOgcpxWGtKpt9u3OXh+uh8SzOfxo= Subject key identifier: 8F:9F:C1:80:81:63:02:D3:D5:FF:FD:D4:54:04:E3:4E:63:EA:F1:D3 Certificate issuer: /CN=3FFB3838E6BD431731306308CFEC299A86723365 Certificate serial: 36A71A920D0B8103E050D1282A1DD7617C65CF2C Authority key identifier: 3F:FB:38:38:E6:BD:43:17:31:30:63:08:CF:EC:29:9A:86:72:33:65 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3FFB3838E6BD431731306308CFEC299A86723365.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3130332e39362e3134352e302f32342d3234203d3e20313338313238.roa Signing time: Thu 06 Nov 2025 08:00:01 +0000 ROA not before: Thu 06 Nov 2025 07:55:01 +0000 ROA not after: Thu 05 Nov 2026 08:00:01 +0000 asID: 138128 IP address blocks: 103.96.145.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3FFB3838E6BD431731306308CFEC299A86723365.crl rsync://repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3FFB3838E6BD431731306308CFEC299A86723365.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3FFB3838E6BD431731306308CFEC299A86723365.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 18 Nov 2025 20:05:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:a7:1a:92:0d:0b:81:03:e0:50:d1:28:2a:1d:d7:61:7c:65:cf:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3FFB3838E6BD431731306308CFEC299A86723365 Validity Not Before: Nov 6 07:55:01 2025 GMT Not After : Nov 5 08:00:01 2026 GMT Subject: CN=8F9FC180816302D3D5FFFDD45404E34E63EAF1D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e9:1e:3c:4d:eb:e2:d8:d5:df:f0:39:68:3b: 2a:34:25:f2:d2:21:ec:28:7a:52:1c:bf:44:48:e7: 1b:9d:32:79:41:b8:66:60:8c:d8:a5:07:d8:0d:c6: ba:80:08:30:8b:9e:3c:c9:d2:63:cf:c3:8b:45:94: 45:c2:74:29:93:b4:d1:68:ac:3d:bd:59:1f:11:c8: 36:af:d0:14:a4:aa:29:69:10:d0:74:67:89:87:a6: 01:02:13:5a:05:85:e8:60:7b:5d:cd:45:78:39:7f: 6e:c9:07:05:93:38:e8:01:f9:eb:ac:b0:1f:a9:d0: 0c:75:24:e2:88:02:d9:4e:48:55:20:1c:a3:82:c3: 0c:e8:65:d1:39:cc:f6:5a:69:71:07:de:9c:e6:07: 70:09:d8:05:5f:96:db:51:d3:26:1e:c2:05:26:69: 3b:71:b2:b3:90:08:d1:11:f5:d5:1c:da:b9:60:e6: bb:b1:d1:36:d1:9a:1c:70:03:f2:c9:3b:27:20:eb: 86:bf:57:3e:34:bb:a7:69:47:53:d0:97:9e:fa:20: 14:69:f0:c2:a2:f4:29:27:18:07:20:6c:d2:ea:8a: 5b:9c:5e:40:a1:cd:47:72:61:70:20:08:00:c2:36: 94:89:20:99:a2:49:16:09:1d:39:d4:99:1d:75:b3: 8d:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:9F:C1:80:81:63:02:D3:D5:FF:FD:D4:54:04:E3:4E:63:EA:F1:D3 X509v3 Authority Key Identifier: keyid:3F:FB:38:38:E6:BD:43:17:31:30:63:08:CF:EC:29:9A:86:72:33:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3FFB3838E6BD431731306308CFEC299A86723365.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3FFB3838E6BD431731306308CFEC299A86723365.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8261c37-59a5-4369-91e5-4b1366010c6d/0/3130332e39362e3134352e302f32342d3234203d3e20313338313238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.96.145.0/24 Signature Algorithm: sha256WithRSAEncryption c5:da:d5:c5:ff:96:f6:15:4e:51:22:43:25:09:d5:25:54:7d: 8e:57:77:2c:fe:73:96:05:61:00:64:7b:44:1f:38:f0:3c:47: 3c:e2:ad:84:4b:23:2e:df:ba:9b:f6:1d:41:6e:30:a7:2e:38: 3a:cc:43:0f:34:45:c0:5c:55:4e:b3:bd:84:5d:30:ba:f3:f5: 33:92:34:d6:29:9b:49:82:dc:90:76:1f:d5:b7:cd:e4:72:4c: 93:56:a8:9b:3c:35:84:15:2d:3a:ce:b2:67:82:c2:74:83:99: 95:63:62:3b:d8:6b:2a:40:f1:38:00:ef:03:05:2c:33:cb:ce: e6:39:0c:96:4f:bc:05:ed:c5:8b:9a:4a:fd:c2:07:cd:d4:53: cc:a4:12:d5:25:91:2c:95:93:8d:ea:95:79:aa:f0:31:69:88: 9e:ce:c3:76:3d:7d:3a:f3:f0:d7:ec:e3:11:a7:56:ab:d0:cf: 92:6a:3e:df:f2:07:fb:0a:a7:94:11:d4:60:c0:fe:c3:b6:fc: 64:6a:f6:75:e5:91:be:9c:f4:75:ca:cc:9a:ce:37:14:be:e1: 86:d5:22:c6:04:5b:f8:77:35:e2:ea:4a:92:72:4a:ab:4b:11: 1c:a0:e3:87:d2:72:f6:02:ff:b9:44:8a:f4:55:38:0f:67:21: 34:27:52:f2 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUNqcakg0LgQPgUNEoKh3XYXxlzywwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0ZGQjM4MzhFNkJENDMxNzMxMzA2MzA4Q0ZFQzI5OUE4 NjcyMzM2NTAeFw0yNTExMDYwNzU1MDFaFw0yNjExMDUwODAwMDFaMDMxMTAvBgNV BAMTKDhGOUZDMTgwODE2MzAyRDNENUZGRkRENDU0MDRFMzRFNjNFQUYxRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/6R48Tevi2NXf8DloOyo0JfLS IewoelIcv0RI5xudMnlBuGZgjNilB9gNxrqACDCLnjzJ0mPPw4tFlEXCdCmTtNFo rD29WR8RyDav0BSkqilpENB0Z4mHpgECE1oFhehge13NRXg5f27JBwWTOOgB+eus sB+p0Ax1JOKIAtlOSFUgHKOCwwzoZdE5zPZaaXEH3pzmB3AJ2AVflttR0yYewgUm aTtxsrOQCNER9dUc2rlg5rux0TbRmhxwA/LJOycg64a/Vz40u6dpR1PQl576IBRp 8MKi9CknGAcgbNLqilucXkChzUdyYXAgCADCNpSJIJmiSRYJHTnUmR11s42XAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUj5/BgIFjAtPV//3UVATjTmPq8dMwHwYDVR0j BBgwFoAUP/s4OOa9QxcxMGMIz+wpmoZyM2UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h ODI2MWMzNy01OWE1LTQzNjktOTFlNS00YjEzNjYwMTBjNmQvMC8zRkZCMzgzOEU2 QkQ0MzE3MzEzMDYzMDhDRkVDMjk5QTg2NzIzMzY1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0ZGQjM4MzhFNkJENDMxNzMxMzA2MzA4Q0ZFQzI5OUE4Njcy MzM2NS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4MjYxYzM3LTU5YTUtNDM2OS05 MWU1LTRiMTM2NjAxMGM2ZC8wLzMxMzAzMzJlMzkzNjJlMzEzNDM1MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzEzMjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ2CRMA0GCSqG SIb3DQEBCwUAA4IBAQDF2tXF/5b2FU5RIkMlCdUlVH2OV3cs/nOWBWEAZHtEHzjw PEc84q2ESyMu37qb9h1BbjCnLjg6zEMPNEXAXFVOs72EXTC68/UzkjTWKZtJgtyQ dh/Vt83kckyTVqibPDWEFS06zrJngsJ0g5mVY2I72GsqQPE4AO8DBSwzy87mOQyW T7wF7cWLmkr9wgfN1FPMpBLVJZEslZON6pV5qvAxaYiezsN2PX068/DX7OMRp1ar 0M+Saj7f8gf7CqeUEdRgwP7DtvxkavZ15ZG+nPR1ysyazjcUvuGG1SLGBFv4dzXi 6kqSckqrSxEcoOOH0nL2Av+5RIr0VTgPZyE0J1Ly -----END CERTIFICATE-----Generated at Mon Nov 17 10:16:38 2025 by rpki-client