$ rpki-client -vvf repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/3135372e32302e3233382e302f32342d3234203d3e20313532343239.roa File: 3135372e32302e3233382e302f32342d3234203d3e20313532343239.roa (raw, json) Hash identifier: sRSgraKTbogwmlFJOr2rlVY3cH4E6yWnajOsmbqDWIQ= Subject key identifier: 9F:D8:D7:54:89:6A:42:32:B6:EB:91:81:F9:C8:79:E3:74:7E:87:36 Certificate issuer: /CN=C7839427F44C8ED89E6C2720F19CCF279270FD2A Certificate serial: 38B3A09601B4482EBD9433C12AB2CFA3C5AB6805 Authority key identifier: C7:83:94:27:F4:4C:8E:D8:9E:6C:27:20:F1:9C:CF:27:92:70:FD:2A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C7839427F44C8ED89E6C2720F19CCF279270FD2A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/3135372e32302e3233382e302f32342d3234203d3e20313532343239.roa Signing time: Thu 04 Sep 2025 05:01:45 +0000 ROA not before: Thu 04 Sep 2025 04:56:45 +0000 ROA not after: Thu 03 Sep 2026 05:01:45 +0000 asID: 152429 IP address blocks: 157.20.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/C7839427F44C8ED89E6C2720F19CCF279270FD2A.crl rsync://repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/C7839427F44C8ED89E6C2720F19CCF279270FD2A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C7839427F44C8ED89E6C2720F19CCF279270FD2A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 07:33:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:b3:a0:96:01:b4:48:2e:bd:94:33:c1:2a:b2:cf:a3:c5:ab:68:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C7839427F44C8ED89E6C2720F19CCF279270FD2A Validity Not Before: Sep 4 04:56:45 2025 GMT Not After : Sep 3 05:01:45 2026 GMT Subject: CN=9FD8D754896A4232B6EB9181F9C879E3747E8736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e1:eb:ac:3a:35:da:c5:47:1d:54:c5:61:f6: 6c:3a:bd:06:75:f7:62:ef:fb:07:5c:72:bd:ad:e3: da:fd:02:9f:bc:bd:e3:7b:74:93:5c:b8:e4:96:88: f9:a5:cc:f4:19:04:72:56:95:b1:90:47:fc:7d:71: 50:27:c7:cf:8f:7a:f9:9e:3e:d6:e2:db:27:40:9e: e5:03:c9:eb:98:c3:73:54:f5:0a:f4:d5:4c:2c:f2: 5e:92:bf:f9:88:1b:6e:d1:81:e5:a1:1e:17:10:9c: bc:a1:ca:28:97:17:e8:56:2f:0d:5e:b7:32:c3:5b: 85:a1:f4:2d:7d:1f:e4:4b:88:a8:50:3d:8e:cb:37: 25:52:9d:9c:8c:fc:93:ab:46:36:5a:7f:1e:32:ec: a5:66:83:26:8a:d1:f0:a2:8c:bf:6e:b4:a7:1e:8f: 89:32:ac:1c:53:60:bf:7d:72:8e:73:a2:1c:04:ab: 6b:c8:85:1d:0c:aa:09:87:29:5a:56:45:2e:4a:0f: 6b:18:25:7d:c1:64:ea:cb:02:15:e7:15:84:e0:64: 8f:ee:0e:b3:c1:92:a8:26:38:48:58:4e:50:a2:da: 38:cb:d4:fd:ee:ae:f7:b0:8f:5a:e3:f8:2b:19:f6: b1:eb:aa:e9:0f:f5:f3:ae:32:bf:b2:65:9f:04:c5: 7c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:D8:D7:54:89:6A:42:32:B6:EB:91:81:F9:C8:79:E3:74:7E:87:36 X509v3 Authority Key Identifier: keyid:C7:83:94:27:F4:4C:8E:D8:9E:6C:27:20:F1:9C:CF:27:92:70:FD:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/C7839427F44C8ED89E6C2720F19CCF279270FD2A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/C7839427F44C8ED89E6C2720F19CCF279270FD2A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/18d1c449-978c-4845-b823-b5925a905427/0/3135372e32302e3233382e302f32342d3234203d3e20313532343239.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.238.0/24 Signature Algorithm: sha256WithRSAEncryption bf:e7:fb:f3:79:11:76:6d:cf:a5:61:95:5c:78:27:09:68:52: d1:d6:29:ea:f0:da:5e:97:9d:8c:39:b2:d7:04:df:4a:00:71: 87:b4:f3:b5:b5:00:60:07:42:5b:71:57:d9:b4:e8:37:79:67: 0e:f8:bc:22:d7:3c:77:c0:9b:22:df:3d:be:4d:71:22:7c:8d: 51:4d:3b:67:d0:73:8d:a7:48:50:d6:14:d4:7c:5a:71:25:9e: 2c:d3:7a:9d:f3:17:c6:ff:74:17:77:41:1e:f5:09:9e:1b:82: 9a:f0:35:f6:56:3b:74:9e:d0:95:42:e4:a0:fb:62:bf:06:f4: 87:06:1a:ef:bc:9e:c5:2c:e9:1e:1d:34:c5:c6:89:6c:e6:2f: fc:ad:33:83:1f:c9:c1:03:a7:14:c6:85:12:be:c9:54:64:ac: 38:03:84:a1:7a:81:c9:ff:80:8c:c1:db:d1:00:74:bb:60:30: 97:3d:e3:fc:6b:27:53:18:94:97:b8:6d:f8:a5:f3:cd:0f:ad: 3a:34:d2:9f:46:d7:c7:ac:f1:d2:2e:28:c5:86:12:5d:90:ba: b2:29:dc:f8:40:06:6a:18:ef:78:c6:e8:4f:ee:68:23:fb:45: c1:e9:3d:ec:15:0c:2a:36:d7:d1:f1:eb:9a:68:5e:11:03:2c: 66:20:e5:04 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUOLOglgG0SC69lDPBKrLPo8WraAUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzc4Mzk0MjdGNDRDOEVEODlFNkMyNzIwRjE5Q0NGMjc5 MjcwRkQyQTAeFw0yNTA5MDQwNDU2NDVaFw0yNjA5MDMwNTAxNDVaMDMxMTAvBgNV BAMTKDlGRDhENzU0ODk2QTQyMzJCNkVCOTE4MUY5Qzg3OUUzNzQ3RTg3MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA4eusOjXaxUcdVMVh9mw6vQZ1 92Lv+wdccr2t49r9Ap+8veN7dJNcuOSWiPmlzPQZBHJWlbGQR/x9cVAnx8+Pevme Ptbi2ydAnuUDyeuYw3NU9Qr01Uws8l6Sv/mIG27RgeWhHhcQnLyhyiiXF+hWLw1e tzLDW4Wh9C19H+RLiKhQPY7LNyVSnZyM/JOrRjZafx4y7KVmgyaK0fCijL9utKce j4kyrBxTYL99co5zohwEq2vIhR0MqgmHKVpWRS5KD2sYJX3BZOrLAhXnFYTgZI/u DrPBkqgmOEhYTlCi2jjL1P3urvewj1rj+CsZ9rHrqukP9fOuMr+yZZ8ExXy9AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUn9jXVIlqQjK265GB+ch543R+hzYwHwYDVR0j BBgwFoAUx4OUJ/RMjtiebCcg8ZzPJ5Jw/SowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x OGQxYzQ0OS05NzhjLTQ4NDUtYjgyMy1iNTkyNWE5MDU0MjcvMC9DNzgzOTQyN0Y0 NEM4RUQ4OUU2QzI3MjBGMTlDQ0YyNzkyNzBGRDJBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvQzc4Mzk0MjdGNDRDOEVEODlFNkMyNzIwRjE5Q0NGMjc5Mjcw RkQyQS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4ZDFjNDQ5LTk3OGMtNDg0NS1i ODIzLWI1OTI1YTkwNTQyNy8wLzMxMzUzNzJlMzIzMDJlMzIzMzM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMyMzQzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRTuMA0GCSqG SIb3DQEBCwUAA4IBAQC/5/vzeRF2bc+lYZVceCcJaFLR1inq8Npel52MObLXBN9K AHGHtPO1tQBgB0JbcVfZtOg3eWcO+Lwi1zx3wJsi3z2+TXEifI1RTTtn0HONp0hQ 1hTUfFpxJZ4s03qd8xfG/3QXd0Ee9QmeG4Ka8DX2Vjt0ntCVQuSg+2K/BvSHBhrv vJ7FLOkeHTTFxols5i/8rTODH8nBA6cUxoUSvslUZKw4A4SheoHJ/4CMwdvRAHS7 YDCXPeP8aydTGJSXuG34pfPND606NNKfRtfHrPHSLijFhhJdkLqyKdz4QAZqGO94 xuhP7mgj+0XB6T3sFQwqNtfR8euaaF4RAyxmIOUE -----END CERTIFICATE-----Generated at Mon Sep 8 21:40:48 2025 by rpki-client