$ rpki-client -vvf repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/3230322e37342e3233362e302f32322d3232203d3e20313331373735.roa File: 3230322e37342e3233362e302f32322d3232203d3e20313331373735.roa (raw, json) Hash identifier: 6lzTZpzOtbXaisX77lh3zqfu4RoYr39Ke230rMF+BLA= Subject key identifier: 33:27:3E:60:54:34:E6:77:D3:77:83:42:C4:FC:1F:C4:34:2B:B1:00 Certificate issuer: /CN=49CDCA308C289D688C649C2303BECB3ED76B5054 Certificate serial: 13E3C33DC908C942C420DF89B9EEB6CF344296FB Authority key identifier: 49:CD:CA:30:8C:28:9D:68:8C:64:9C:23:03:BE:CB:3E:D7:6B:50:54 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/49CDCA308C289D688C649C2303BECB3ED76B5054.cer Subject info access: rsync://repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/3230322e37342e3233362e302f32322d3232203d3e20313331373735.roa Signing time: Sat 12 Jul 2025 15:00:01 +0000 ROA not before: Sat 12 Jul 2025 14:55:01 +0000 ROA not after: Sat 11 Jul 2026 15:00:01 +0000 asID: 131775 IP address blocks: 202.74.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/49CDCA308C289D688C649C2303BECB3ED76B5054.crl rsync://repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/49CDCA308C289D688C649C2303BECB3ED76B5054.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/49CDCA308C289D688C649C2303BECB3ED76B5054.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 19:16:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:e3:c3:3d:c9:08:c9:42:c4:20:df:89:b9:ee:b6:cf:34:42:96:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49CDCA308C289D688C649C2303BECB3ED76B5054 Validity Not Before: Jul 12 14:55:01 2025 GMT Not After : Jul 11 15:00:01 2026 GMT Subject: CN=33273E605434E677D3778342C4FC1FC4342BB100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5c:e8:c6:ba:ef:3e:47:c0:36:21:bf:3a:21: 7c:3f:63:28:95:0f:41:07:b0:4a:67:c2:87:8b:9e: 5e:ff:56:12:f0:64:54:42:64:4e:12:94:f5:b9:4c: 0a:a8:f0:3d:39:12:5e:f8:83:49:e2:23:bc:c2:c2: ba:69:9c:89:3b:78:64:89:e5:ab:55:2f:ea:d0:69: d6:6c:7e:5c:49:a3:c0:dc:fe:06:e0:85:f2:46:66: 8b:83:1f:f4:b4:f7:2f:e0:9f:aa:e7:1a:53:b3:f8: c8:f9:c2:d0:9e:52:00:94:a8:6b:55:4b:29:3b:60: 5f:49:e6:5c:a0:e0:0d:60:27:a5:e4:57:4c:cc:43: 39:87:a5:04:78:88:79:11:f5:29:7f:ff:1e:40:d7: 71:b7:fa:59:27:20:7f:63:c5:22:de:bc:43:50:80: 1f:67:8c:db:d9:99:13:34:77:a6:4b:da:9d:de:2e: 16:b7:8f:4b:12:e0:46:14:4a:c1:ce:9d:da:c3:1c: 14:fd:c1:a9:d4:95:e6:5b:2a:ba:7d:ae:b7:01:15: c3:96:60:71:0d:5a:db:73:0d:b5:ab:36:8f:b7:a1: a4:91:4d:19:bd:08:ff:21:dd:cb:31:8e:e3:e4:1e: 9a:0b:ff:6e:99:09:d7:6c:e0:b0:3b:0e:38:ec:ce: 05:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:27:3E:60:54:34:E6:77:D3:77:83:42:C4:FC:1F:C4:34:2B:B1:00 X509v3 Authority Key Identifier: keyid:49:CD:CA:30:8C:28:9D:68:8C:64:9C:23:03:BE:CB:3E:D7:6B:50:54 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/49CDCA308C289D688C649C2303BECB3ED76B5054.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/49CDCA308C289D688C649C2303BECB3ED76B5054.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/eeb98ced-af18-4bff-ad71-73d2b0c9d8a9/0/3230322e37342e3233362e302f32322d3232203d3e20313331373735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.74.236.0/22 Signature Algorithm: sha256WithRSAEncryption a8:d8:e6:37:dc:87:94:5f:6d:5b:a2:23:ba:00:f9:ac:7e:5a: a9:29:70:c1:34:1f:25:4f:b4:e4:ba:18:f3:b5:12:72:9c:55: 16:dc:82:b5:3a:fd:fb:f8:f8:89:5a:8d:14:ff:a3:5a:93:c3: 17:af:89:53:f4:37:03:b6:bc:8b:cd:dd:bf:f6:e3:ee:74:0d: cd:1c:e2:9f:a5:52:d5:c5:67:d1:81:f6:91:20:33:48:75:1e: 21:98:bb:be:b1:fa:97:a3:f7:58:0d:43:7a:9e:9a:ea:39:af: e2:2c:fa:ca:da:39:de:19:35:e3:c5:76:c9:e3:af:34:b2:9d: 69:76:25:77:04:93:25:81:d3:68:42:0a:10:9b:74:5d:c0:8f: b0:31:91:17:e3:21:dd:2b:d4:4e:ea:d7:59:57:a0:d8:f6:7f: 78:0a:f9:b9:a5:58:9a:13:74:a2:f1:e1:1e:d1:aa:95:36:aa: 2f:68:fd:31:16:d3:85:2f:bc:41:ab:85:78:35:d2:39:8d:6f: 68:32:59:4e:41:2c:94:60:cd:7d:b0:ce:33:1f:37:84:03:1f: 54:20:a5:ec:98:38:c4:d6:a3:eb:68:e9:34:14:b1:a3:22:a6: e7:af:aa:9d:96:a5:5f:ce:ea:e0:02:92:77:f2:92:da:23:0f: 22:ac:64:45 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUE+PDPckIyULEIN+Jue62zzRClvswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDlDRENBMzA4QzI4OUQ2ODhDNjQ5QzIzMDNCRUNCM0VE NzZCNTA1NDAeFw0yNTA3MTIxNDU1MDFaFw0yNjA3MTExNTAwMDFaMDMxMTAvBgNV BAMTKDMzMjczRTYwNTQzNEU2NzdEMzc3ODM0MkM0RkMxRkM0MzQyQkIxMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeXOjGuu8+R8A2Ib86IXw/YyiV D0EHsEpnwoeLnl7/VhLwZFRCZE4SlPW5TAqo8D05El74g0niI7zCwrppnIk7eGSJ 5atVL+rQadZsflxJo8Dc/gbghfJGZouDH/S09y/gn6rnGlOz+Mj5wtCeUgCUqGtV Syk7YF9J5lyg4A1gJ6XkV0zMQzmHpQR4iHkR9Sl//x5A13G3+lknIH9jxSLevENQ gB9njNvZmRM0d6ZL2p3eLha3j0sS4EYUSsHOndrDHBT9wanUleZbKrp9rrcBFcOW YHENWttzDbWrNo+3oaSRTRm9CP8h3csxjuPkHpoL/26ZCdds4LA7DjjszgVZAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUMyc+YFQ05nfTd4NCxPwfxDQrsQAwHwYDVR0j BBgwFoAUSc3KMIwonWiMZJwjA77LPtdrUFQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZWI5OGNlZC1hZjE4LTRiZmYtYWQ3MS03M2QyYjBjOWQ4YTkvMC80OUNEQ0EzMDhD Mjg5RDY4OEM2NDlDMjMwM0JFQ0IzRUQ3NkI1MDU0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDlDRENBMzA4QzI4OUQ2ODhDNjQ5QzIzMDNCRUNCM0VENzZC NTA1NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VlYjk4Y2VkLWFmMTgtNGJmZi1h ZDcxLTczZDJiMGM5ZDhhOS8wLzMyMzAzMjJlMzczNDJlMzIzMzM2MmUzMDJmMzIz MjJkMzIzMjIwM2QzZTIwMzEzMzMxMzczNzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCykrsMA0GCSqG SIb3DQEBCwUAA4IBAQCo2OY33IeUX21boiO6APmsflqpKXDBNB8lT7TkuhjztRJy nFUW3IK1Ov37+PiJWo0U/6Nak8MXr4lT9DcDtryLzd2/9uPudA3NHOKfpVLVxWfR gfaRIDNIdR4hmLu+sfqXo/dYDUN6nprqOa/iLPrK2jneGTXjxXbJ4680sp1pdiV3 BJMlgdNoQgoQm3RdwI+wMZEX4yHdK9RO6tdZV6DY9n94Cvm5pViaE3Si8eEe0aqV NqovaP0xFtOFL7xBq4V4NdI5jW9oMllOQSyUYM19sM4zHzeEAx9UIKXsmDjE1qPr aOk0FLGjIqbnr6qdlqVfzurgApJ38pLaIw8irGRF -----END CERTIFICATE-----Generated at Wed Jul 23 12:10:22 2025 by rpki-client