$ rpki-client -vvf repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa File: 3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa (raw, json) Hash identifier: W0LbcDgwtmyP20SeYwIB78u7UnepT3G+vjiQKG938P8= Subject key identifier: D8:B1:FE:77:81:E7:60:F8:E0:BF:33:25:9F:F4:2F:E9:A0:60:CB:D3 Certificate issuer: /CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Certificate serial: 34DED1C29078650A74EFC53C5BA470A678774B83 Authority key identifier: 31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa Signing time: Wed 03 Sep 2025 14:00:01 +0000 ROA not before: Wed 03 Sep 2025 13:55:01 +0000 ROA not after: Wed 02 Sep 2026 14:00:01 +0000 asID: 152818 IP address blocks: 160.22.128.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Sep 2025 13:32:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:de:d1:c2:90:78:65:0a:74:ef:c5:3c:5b:a4:70:a6:78:77:4b:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3157B9BE6F369A1CA38738FFD64D6113C75C0E2D Validity Not Before: Sep 3 13:55:01 2025 GMT Not After : Sep 2 14:00:01 2026 GMT Subject: CN=D8B1FE7781E760F8E0BF33259FF42FE9A060CBD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:c8:7d:22:86:64:db:9e:c4:6d:a5:e1:1f: 69:5c:5c:be:ce:58:a8:5c:22:60:ba:89:80:84:b9: 24:39:bc:b7:6c:ff:cc:7e:d2:4a:28:c8:d5:8c:69: 08:02:e7:43:f3:01:a5:2d:3e:50:61:2e:c0:b7:dc: 4d:99:71:89:c3:0e:9e:f6:15:cc:85:1e:d4:4c:42: 52:14:59:b7:fe:ae:55:25:63:63:dc:02:5c:a7:9c: b4:b2:da:04:3e:c3:54:0a:8e:b1:ba:ca:4c:b7:6c: 99:99:f6:6f:94:a6:d8:44:8a:d7:55:dd:8a:c8:50: c5:af:c0:02:74:f0:06:0b:43:b5:24:88:f7:7e:24: 30:cc:83:6f:24:4c:e9:d1:cf:db:f9:3c:c8:2b:64: af:50:cb:34:37:3b:fc:91:2a:f8:d8:3a:0a:d0:5f: 87:c7:e6:58:7e:f6:2a:3d:fb:b8:0d:5a:d5:0b:30: 6d:27:33:10:f4:83:d2:33:f8:3a:30:f0:b2:59:8d: 01:c0:9e:17:e9:30:77:40:00:ee:93:e4:ba:44:10: 63:14:3b:48:a3:7b:c9:81:21:29:da:04:99:b9:69: c5:ef:de:63:62:52:a5:25:1d:88:be:4f:e4:a6:9a: 78:5c:60:2e:46:cb:92:c5:c2:68:af:98:1a:be:ce: dc:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:B1:FE:77:81:E7:60:F8:E0:BF:33:25:9F:F4:2F:E9:A0:60:CB:D3 X509v3 Authority Key Identifier: keyid:31:57:B9:BE:6F:36:9A:1C:A3:87:38:FF:D6:4D:61:13:C7:5C:0E:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/3157B9BE6F369A1CA38738FFD64D6113C75C0E2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/3136302e32322e3132382e302f32332d3233203d3e20313532383138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.128.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:e6:46:1d:c3:a4:03:ef:a8:eb:7c:b8:f6:e0:3a:e1:31:c3: e4:dc:d2:c2:d7:fa:41:a4:a9:81:dc:61:fa:ab:fc:87:c9:de: 33:b5:2a:74:0c:63:a6:91:bc:27:4e:e9:62:42:6f:ac:5e:ee: 22:03:b6:0e:cb:3b:39:0b:fe:ea:b9:6f:9e:61:55:12:ac:a3: c2:83:c3:12:36:be:32:f8:ec:37:92:f1:db:10:43:d4:0d:6d: 7b:72:b3:1e:98:c2:d7:62:46:9e:9a:4f:a9:3b:cb:34:07:de: 6f:3a:ea:cd:ab:32:a6:b3:f9:c9:51:5e:73:4b:ec:93:85:78: e4:fe:ee:50:29:17:d1:0f:9c:0a:5c:f2:ea:25:5b:09:06:4b: 46:9f:b2:4b:fb:41:0f:6c:80:eb:07:bf:37:28:f7:e5:0d:db: 84:06:1e:43:45:4a:cc:02:6a:e9:fe:96:14:3f:07:a6:23:6e: 7b:d1:e2:7b:01:6e:e2:70:51:78:c8:90:64:a6:a8:b9:59:42: 17:9c:08:fa:97:0c:24:85:d7:9c:c4:f3:71:bd:b6:1b:9e:8d: aa:2c:5b:65:45:b4:b4:da:34:b0:fa:38:0e:38:66:f6:99:33: e0:6a:32:8b:eb:75:b8:fb:2e:20:3e:66:2b:1c:b4:0c:9f:2a: 5b:31:4c:c8 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUNN7RwpB4ZQp078U8W6Rwpnh3S4MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTND NzVDMEUyRDAeFw0yNTA5MDMxMzU1MDFaFw0yNjA5MDIxNDAwMDFaMDMxMTAvBgNV BAMTKEQ4QjFGRTc3ODFFNzYwRjhFMEJGMzMyNTlGRjQyRkU5QTA2MENCRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0a8h9IoZk257EbaXhH2lcXL7O WKhcImC6iYCEuSQ5vLds/8x+0kooyNWMaQgC50PzAaUtPlBhLsC33E2ZcYnDDp72 FcyFHtRMQlIUWbf+rlUlY2PcAlynnLSy2gQ+w1QKjrG6yky3bJmZ9m+UpthEitdV 3YrIUMWvwAJ08AYLQ7UkiPd+JDDMg28kTOnRz9v5PMgrZK9QyzQ3O/yRKvjYOgrQ X4fH5lh+9io9+7gNWtULMG0nMxD0g9Iz+Dow8LJZjQHAnhfpMHdAAO6T5LpEEGMU O0ije8mBISnaBJm5acXv3mNiUqUlHYi+T+SmmnhcYC5Gy5LFwmivmBq+zty1AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU2LH+d4HnYPjgvzMln/Qv6aBgy9MwHwYDVR0j BBgwFoAUMVe5vm82mhyjhzj/1k1hE8dcDi0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z MGZiNzhhOS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC8zMTU3QjlCRTZG MzY5QTFDQTM4NzM4RkZENjRENjExM0M3NUMwRTJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMzE1N0I5QkU2RjM2OUExQ0EzODczOEZGRDY0RDYxMTNDNzVD MEUyRC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMwZmI3OGE5LWNkNjgtNDRmZC04 NWFhLTZjNmIwOGNiMjM0Ni8wLzMxMzYzMDJlMzIzMjJlMzEzMjM4MmUzMDJmMzIz MzJkMzIzMzIwM2QzZTIwMzEzNTMyMzgzMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBoBaAMA0GCSqG SIb3DQEBCwUAA4IBAQBa5kYdw6QD76jrfLj24DrhMcPk3NLC1/pBpKmB3GH6q/yH yd4ztSp0DGOmkbwnTuliQm+sXu4iA7YOyzs5C/7quW+eYVUSrKPCg8MSNr4y+Ow3 kvHbEEPUDW17crMemMLXYkaemk+pO8s0B95vOurNqzKms/nJUV5zS+yThXjk/u5Q KRfRD5wKXPLqJVsJBktGn7JL+0EPbIDrB783KPflDduEBh5DRUrMAmrp/pYUPwem I2570eJ7AW7icFF4yJBkpqi5WUIXnAj6lwwkhdecxPNxvbYbno2qLFtlRbS02jSw +jgOOGb2mTPgajKL63W4+y4gPmYrHLQMnypbMUzI -----END CERTIFICATE-----Generated at Wed Sep 3 17:32:45 2025 by rpki-client