$ rpki-client -vvf repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/3130332e3232382e3234342e302f32322d3234203d3e203539323832.roa File: 3130332e3232382e3234342e302f32322d3234203d3e203539323832.roa (raw, json) Hash identifier: kkZ5080z9oUs+jW8iHX1Tzr1MG5R0/keiimPL4Y7DMk= Subject key identifier: 6D:63:C7:5F:59:1C:E8:0A:84:0F:4C:A7:F8:C0:3F:10:E1:F9:7F:23 Certificate issuer: /CN=639473CD2054A78B39F9AC7A83232462F00E71AA Certificate serial: 1A137AA44B218E295067578571BD231A7F0E7358 Authority key identifier: 63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/3130332e3232382e3234342e302f32322d3234203d3e203539323832.roa Signing time: Sun 13 Jul 2025 11:46:15 +0000 ROA not before: Sun 13 Jul 2025 11:41:15 +0000 ROA not after: Sun 12 Jul 2026 11:46:15 +0000 asID: 59282 IP address blocks: 103.228.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 22:28:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:13:7a:a4:4b:21:8e:29:50:67:57:85:71:bd:23:1a:7f:0e:73:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=639473CD2054A78B39F9AC7A83232462F00E71AA Validity Not Before: Jul 13 11:41:15 2025 GMT Not After : Jul 12 11:46:15 2026 GMT Subject: CN=6D63C75F591CE80A840F4CA7F8C03F10E1F97F23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:d5:09:8b:9e:bd:39:81:f1:de:ec:a1:2f:b0: e8:3b:49:da:4f:37:ef:16:9e:b3:41:e8:6e:76:c1: 3f:3b:b0:43:f5:ad:c7:62:bf:1d:f0:30:53:03:b9: d5:85:d2:d9:ed:7f:18:90:4c:ea:17:1d:95:46:69: a4:52:d9:4f:08:ea:48:a5:81:2c:6e:4e:7e:de:a1: a5:3f:42:e1:4b:90:7b:15:3b:3c:1a:c8:2f:f9:4a: 7c:6a:98:a6:28:70:d1:86:28:d4:80:8e:83:7f:fd: bc:dd:0b:59:21:29:2d:85:ba:ca:f0:54:bd:9f:25: 6c:22:d9:f9:6d:cc:ca:54:1d:4e:fc:e9:81:1e:95: a8:76:ae:1b:85:90:89:97:8c:61:26:d2:58:df:f5: 1f:5c:94:b2:77:c3:47:58:a0:ea:9c:c3:82:98:05: 30:f6:f8:80:74:f3:40:f2:2e:b9:d4:09:99:91:7b: 80:5d:94:1f:e2:0c:08:8d:7b:26:fb:e1:ab:4a:9b: 66:95:23:c5:4d:20:52:51:00:a0:2a:ab:56:38:7b: bc:ce:41:a2:06:4a:98:82:26:d9:87:83:6c:3e:5f: 1d:4b:cc:c4:22:74:61:cc:ed:4d:3c:e3:74:aa:d7: 01:0a:dc:6b:1f:c1:b1:92:a2:3e:9d:bb:be:aa:fa: 76:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:63:C7:5F:59:1C:E8:0A:84:0F:4C:A7:F8:C0:3F:10:E1:F9:7F:23 X509v3 Authority Key Identifier: keyid:63:94:73:CD:20:54:A7:8B:39:F9:AC:7A:83:23:24:62:F0:0E:71:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/639473CD2054A78B39F9AC7A83232462F00E71AA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/639473CD2054A78B39F9AC7A83232462F00E71AA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a8464a5b-2fce-47da-8047-68d2bd63c9c3/0/3130332e3232382e3234342e302f32322d3234203d3e203539323832.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.228.244.0/22 Signature Algorithm: sha256WithRSAEncryption 91:54:10:93:b5:97:76:13:aa:f5:23:9d:01:90:2a:98:a9:2b: a1:0a:79:b2:1b:ef:d1:7f:b7:12:bb:53:5f:c6:4d:d2:c7:61: 5a:25:97:c0:13:6e:dd:2b:b8:1d:a8:44:11:5e:18:b3:d8:73: 6c:e4:a7:5e:67:8b:88:24:ee:07:97:cf:5f:d0:24:b9:7a:9d: 0c:9e:d3:8a:2c:50:ff:c9:e7:3d:17:3c:81:a2:ae:72:c4:73: 80:9b:30:20:91:2a:df:84:1e:84:af:aa:f5:21:73:24:21:64: f9:fa:00:7c:83:5f:89:e8:d5:ed:3e:bb:cb:de:bd:59:f5:7d: 23:28:eb:8a:6e:28:1e:78:72:56:91:7b:70:be:e9:95:ea:6a: 66:0f:3c:de:6b:03:44:56:e4:79:3e:6d:07:dd:99:5d:1a:63: 59:11:a3:b1:0d:e3:10:b8:a6:70:fd:94:ae:2f:95:0f:be:71: 32:d4:fb:4d:53:39:40:dd:09:06:03:70:9a:29:e2:b3:b6:cb: b9:dd:44:f0:d7:b5:18:ba:a7:bb:6f:c0:5c:fd:77:53:d1:3b: aa:c6:0e:0d:fd:01:af:13:0c:2b:f6:45:e5:a7:14:95:08:1a: a2:4b:7f:5c:70:88:2d:de:20:0e:8e:f8:e6:0f:2a:38:72:5d: 1f:83:d7:ba -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUGhN6pEshjilQZ1eFcb0jGn8Oc1gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJG MDBFNzFBQTAeFw0yNTA3MTMxMTQxMTVaFw0yNjA3MTIxMTQ2MTVaMDMxMTAvBgNV BAMTKDZENjNDNzVGNTkxQ0U4MEE4NDBGNENBN0Y4QzAzRjEwRTFGOTdGMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk1QmLnr05gfHe7KEvsOg7SdpP N+8WnrNB6G52wT87sEP1rcdivx3wMFMDudWF0tntfxiQTOoXHZVGaaRS2U8I6kil gSxuTn7eoaU/QuFLkHsVOzwayC/5SnxqmKYocNGGKNSAjoN//bzdC1khKS2Fusrw VL2fJWwi2fltzMpUHU786YEelah2rhuFkImXjGEm0ljf9R9clLJ3w0dYoOqcw4KY BTD2+IB080DyLrnUCZmRe4BdlB/iDAiNeyb74atKm2aVI8VNIFJRAKAqq1Y4e7zO QaIGSpiCJtmHg2w+Xx1LzMQidGHM7U0843Sq1wEK3GsfwbGSoj6du76q+naNAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUbWPHX1kc6AqED0yn+MA/EOH5fyMwHwYDVR0j BBgwFoAUY5RzzSBUp4s5+ax6gyMkYvAOcaowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h ODQ2NGE1Yi0yZmNlLTQ3ZGEtODA0Ny02OGQyYmQ2M2M5YzMvMC82Mzk0NzNDRDIw NTRBNzhCMzlGOUFDN0E4MzIzMjQ2MkYwMEU3MUFBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjM5NDczQ0QyMDU0QTc4QjM5RjlBQzdBODMyMzI0NjJGMDBF NzFBQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E4NDY0YTViLTJmY2UtNDdkYS04 MDQ3LTY4ZDJiZDYzYzljMy8wLzMxMzAzMzJlMzIzMjM4MmUzMjM0MzQyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzNTM5MzIzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+T0MA0GCSqG SIb3DQEBCwUAA4IBAQCRVBCTtZd2E6r1I50BkCqYqSuhCnmyG+/Rf7cSu1Nfxk3S x2FaJZfAE27dK7gdqEQRXhiz2HNs5KdeZ4uIJO4Hl89f0CS5ep0MntOKLFD/yec9 FzyBoq5yxHOAmzAgkSrfhB6Er6r1IXMkIWT5+gB8g1+J6NXtPrvL3r1Z9X0jKOuK bigeeHJWkXtwvumV6mpmDzzeawNEVuR5Pm0H3ZldGmNZEaOxDeMQuKZw/ZSuL5UP vnEy1PtNUzlA3QkGA3CaKeKztsu53UTw17UYuqe7b8Bc/XdT0Tuqxg4N/QGvEwwr 9kXlpxSVCBqiS39ccIgt3iAOjvjmDyo4cl0fg9e6 -----END CERTIFICATE-----Generated at Mon Jul 21 14:26:11 2025 by rpki-client