$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa File: 3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa (raw, json) Hash identifier: mtM87iVP6m7lmnfbGzZ4lHJT1LbThGQ/wU2Zs1m/bZg= Subject key identifier: 3C:46:E7:3A:A0:EA:25:8B:5D:91:69:6E:D9:20:BA:E6:38:7E:61:EF Certificate issuer: /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Certificate serial: 3FAD9A2B90689C19C9902EB739F2817E9EDA92A8 Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa Signing time: Sun 13 Jul 2025 12:00:03 +0000 ROA not before: Sun 13 Jul 2025 11:55:03 +0000 ROA not after: Sun 12 Jul 2026 12:00:03 +0000 asID: 63859 IP address blocks: 158.140.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 16:47:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:ad:9a:2b:90:68:9c:19:c9:90:2e:b7:39:f2:81:7e:9e:da:92:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF Validity Not Before: Jul 13 11:55:03 2025 GMT Not After : Jul 12 12:00:03 2026 GMT Subject: CN=3C46E73AA0EA258B5D91696ED920BAE6387E61EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:40:32:71:45:3d:91:62:de:45:83:ec:43:ff: 41:c9:98:fd:8a:da:c8:0f:55:bd:0a:9e:90:05:46: bc:ae:3f:4e:9e:e3:b2:c8:07:ea:22:4d:7d:d0:62: 9d:82:d6:f4:f6:83:f3:6d:12:59:18:1e:31:5b:d0: 84:6f:fb:8f:d4:d2:2b:54:4c:06:ef:67:ea:3f:26: 87:c7:f0:f5:3c:dd:e3:5a:ab:83:27:0e:8c:e0:35: 24:22:85:1d:15:d7:e1:50:5c:f6:ee:ee:80:05:99: 92:af:22:72:ab:83:69:bb:aa:d0:46:05:63:62:62: 6b:ff:55:f3:f7:d5:0b:99:9f:b4:61:65:03:85:d1: 30:49:68:7d:67:22:bc:cf:0d:17:4f:ed:b4:6d:27: dd:f9:21:fe:d6:87:6f:19:c1:0c:d0:90:ca:0e:7b: a5:3f:b1:16:4f:c8:40:e7:dc:43:97:78:b0:10:88: da:51:42:5b:62:38:42:93:7e:c2:10:49:8f:cf:c7: 60:3f:0a:71:6e:b7:74:df:b9:a8:51:16:ab:5d:24: 41:95:6d:cf:3f:76:a8:cb:74:94:9f:13:5e:44:09: 9c:68:61:e5:3d:36:b9:23:0e:3c:84:78:80:a5:61: c1:31:4c:6d:f5:46:6e:61:bb:db:08:a8:bc:e3:d5: fe:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:46:E7:3A:A0:EA:25:8B:5D:91:69:6E:D9:20:BA:E6:38:7E:61:EF X509v3 Authority Key Identifier: keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3136382e302f32342d3234203d3e203633383539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.140.168.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:8d:52:73:88:68:2a:85:c8:02:42:ed:dc:14:42:fe:26:ee: 00:02:ae:19:ec:f1:63:3b:1f:f3:13:bf:ca:3b:42:ba:e6:95: c5:64:d0:ca:fc:32:7c:24:b0:3d:d5:ff:d1:03:1e:02:0d:fe: e2:2a:2a:49:01:71:c5:a5:f5:8a:8d:85:99:cb:e5:c8:ea:89: 9d:18:15:6b:09:b8:3a:7e:65:15:3e:0d:57:83:1b:e9:52:3c: 35:89:e4:42:ff:52:c3:3d:20:55:e5:6f:20:63:e8:ec:45:b7: 95:ae:e3:a6:8b:1a:59:7f:57:06:44:df:e7:50:bf:18:3f:c9: c7:fb:3a:21:0a:7b:0d:db:86:7b:dc:3e:e2:3d:65:87:67:05: e1:76:bb:8a:8f:f9:68:8a:f0:9e:24:1c:e2:ab:c9:c0:ea:24: 87:cf:0d:d2:3c:41:e3:17:dc:0d:ac:55:dc:6f:3b:39:2a:75: 39:57:80:e8:57:d4:60:ef:0e:bf:ae:a7:1d:98:70:c8:64:96: 54:89:ac:47:1a:cb:8a:4c:f4:53:60:d8:61:ac:0f:cf:1d:09: 5a:2f:58:d1:40:32:46:a3:31:a4:11:4d:c3:41:8b:a7:d4:21: fd:d5:01:b6:cc:e5:32:9b:e8:ae:30:e1:86:13:1c:70:14:c7: 2d:bf:17:fb -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUP62aK5BonBnJkC63OfKBfp7akqgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0 NzBFOEZDRjAeFw0yNTA3MTMxMTU1MDNaFw0yNjA3MTIxMjAwMDNaMDMxMTAvBgNV BAMTKDNDNDZFNzNBQTBFQTI1OEI1RDkxNjk2RUQ5MjBCQUU2Mzg3RTYxRUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQDJxRT2RYt5Fg+xD/0HJmP2K 2sgPVb0KnpAFRryuP06e47LIB+oiTX3QYp2C1vT2g/NtElkYHjFb0IRv+4/U0itU TAbvZ+o/JofH8PU83eNaq4MnDozgNSQihR0V1+FQXPbu7oAFmZKvInKrg2m7qtBG BWNiYmv/VfP31QuZn7RhZQOF0TBJaH1nIrzPDRdP7bRtJ935If7Wh28ZwQzQkMoO e6U/sRZPyEDn3EOXeLAQiNpRQltiOEKTfsIQSY/Px2A/CnFut3TfuahRFqtdJEGV bc8/dqjLdJSfE15ECZxoYeU9NrkjDjyEeIClYcExTG31Rm5hu9sIqLzj1f5BAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUPEbnOqDqJYtdkWlu2SC65jh+Ye8wHwYDVR0j BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04 NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM2MzgyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoyoMA0GCSqG SIb3DQEBCwUAA4IBAQBrjVJziGgqhcgCQu3cFEL+Ju4AAq4Z7PFjOx/zE7/KO0K6 5pXFZNDK/DJ8JLA91f/RAx4CDf7iKipJAXHFpfWKjYWZy+XI6omdGBVrCbg6fmUV Pg1XgxvpUjw1ieRC/1LDPSBV5W8gY+jsRbeVruOmixpZf1cGRN/nUL8YP8nH+zoh CnsN24Z73D7iPWWHZwXhdruKj/loivCeJBziq8nA6iSHzw3SPEHjF9wNrFXcbzs5 KnU5V4DoV9Rg7w6/rqcdmHDIZJZUiaxHGsuKTPRTYNhhrA/PHQlaL1jRQDJGozGk EU3DQYun1CH91QG2zOUym+iuMOGGExxwFMctvxf7 -----END CERTIFICATE-----Generated at Mon Jul 21 19:27:10 2025 by rpki-client