$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa File: 3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa (raw, json) Hash identifier: jLcNXh3PdlCUsOrK8Wn6cIHJ87Bgrp1+sOpFF9srttE= Subject key identifier: DE:FC:8D:0F:27:74:A1:14:FD:BE:A8:0C:EF:C4:D4:DE:DE:01:A0:7C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 5277C0D64427FDB858801269558D411FADE59C72 Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa Signing time: Thu 05 Mar 2026 06:00:01 +0000 ROA not before: Thu 05 Mar 2026 05:55:01 +0000 ROA not after: Thu 04 Mar 2027 06:00:01 +0000 asID: 139399 IP address blocks: 123.253.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 07:49:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:77:c0:d6:44:27:fd:b8:58:80:12:69:55:8d:41:1f:ad:e5:9c:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Mar 5 05:55:01 2026 GMT Not After : Mar 4 06:00:01 2027 GMT Subject: CN=DEFC8D0F2774A114FDBEA80CEFC4D4DEDE01A07C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b5:0b:d9:7a:27:85:70:d4:2e:c2:91:a8:08: 43:e0:6d:cd:b4:c0:81:56:d6:34:d0:3b:7f:1a:cc: 27:c9:86:8b:b1:45:c3:66:ec:f1:61:c8:0e:7b:a7: fb:e6:f8:34:b5:f6:78:61:8e:1b:43:21:dd:fc:96: 46:2b:a4:00:84:f8:87:f1:32:bb:fc:0c:93:e8:c2: 43:5b:6f:80:a9:d8:39:3f:33:5d:36:aa:25:28:73: 6b:16:f2:69:f6:78:e9:7e:88:11:e2:01:cc:93:0b: 46:30:99:20:26:30:d0:8b:38:e8:4e:f8:d7:64:d0: a2:03:d7:58:13:31:e4:f0:1c:4e:bf:e7:11:dc:89: bd:01:28:dd:9b:34:43:30:0a:55:cd:4d:c1:cb:52: 19:f1:fd:22:e9:8c:ed:b8:cd:15:de:ff:7a:9c:62: 93:de:bf:08:5c:4d:94:f3:42:ac:c1:c7:00:48:2f: 4d:c5:fb:d6:d4:19:9b:61:05:48:30:da:4f:92:38: 37:25:30:e1:21:35:9c:ca:5c:b7:33:8d:a0:6d:d6: c1:99:37:79:9c:e4:aa:b2:e2:65:a2:e7:57:79:fa: f4:77:a8:c4:47:c2:06:5d:5b:f7:e0:7a:3b:c7:53: 4f:ad:84:1d:33:09:d3:ed:04:77:d2:99:81:25:0e: a9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:FC:8D:0F:27:74:A1:14:FD:BE:A8:0C:EF:C4:D4:DE:DE:01:A0:7C X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/3132332e3235332e3234342e302f32322d3234203d3e20313339333939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.253.244.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:d4:a8:83:9a:f7:33:45:df:46:44:43:61:51:4d:26:7b:17: 00:0c:fc:a3:fa:53:63:49:bc:68:47:c1:77:bf:cb:57:78:59: d5:66:cb:7f:2f:5d:61:a4:0c:a8:23:08:f7:81:fa:cb:2c:5e: 0f:27:5c:8a:c0:a7:94:0a:9b:43:0f:0c:41:f7:98:ec:93:a0: 9a:1a:81:f7:b3:cb:d9:10:5c:b2:62:c8:e3:6b:2a:dc:3b:ec: 88:ac:ed:5f:c0:e2:71:c3:2c:64:c1:b2:4d:55:62:34:3d:bb: 94:ea:d4:43:b5:34:6f:f0:8f:e5:55:40:14:f6:0f:9b:de:64: 14:7c:3d:cd:52:eb:04:17:10:7f:3a:67:0d:d6:e7:82:94:ac: c1:51:8f:f0:85:43:85:bc:78:07:9e:01:1c:2c:03:c4:00:dc: 14:ad:a9:6a:3b:3a:6b:7b:98:ab:51:73:e8:f6:4c:f9:6a:d0: 8e:9f:e4:3f:d4:4a:0a:88:65:e5:ea:87:ed:65:02:c3:0f:d7: b0:2b:2b:61:5f:dd:70:6d:23:a1:79:02:d6:35:ff:f1:f2:77: 87:6a:80:66:ec:10:e5:02:88:b6:7e:b0:bb:46:d0:6d:16:75: da:75:7c:79:61:3b:b0:cf:da:ea:7d:83:ae:4d:4a:a5:9a:4d: 47:00:88:37 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUUnfA1kQn/bhYgBJpVY1BH63lnHIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNjAzMDUwNTU1MDFaFw0yNzAzMDQwNjAwMDFaMDMxMTAvBgNV BAMTKERFRkM4RDBGMjc3NEExMTRGREJFQTgwQ0VGQzRENERFREUwMUEwN0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8tQvZeieFcNQuwpGoCEPgbc20 wIFW1jTQO38azCfJhouxRcNm7PFhyA57p/vm+DS19nhhjhtDId38lkYrpACE+Ifx Mrv8DJPowkNbb4Cp2Dk/M102qiUoc2sW8mn2eOl+iBHiAcyTC0YwmSAmMNCLOOhO +Ndk0KID11gTMeTwHE6/5xHcib0BKN2bNEMwClXNTcHLUhnx/SLpjO24zRXe/3qc YpPevwhcTZTzQqzBxwBIL03F+9bUGZthBUgw2k+SODclMOEhNZzKXLczjaBt1sGZ N3mc5Kqy4mWi51d5+vR3qMRHwgZdW/fgejvHU0+thB0zCdPtBHfSmYElDqkjAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQU3vyNDyd0oRT9vqgM78TU3t4BoHwwHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ0MjE5ODViLWEwZTYtNGUwNS1i ZWY2LWZlNmY1YTZlMmY0My8wLzMxMzIzMzJlMzIzNTMzMmUzMjM0MzQyZTMwMmYz MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzkzMzM5Mzkucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7/fQwDQYJ KoZIhvcNAQELBQADggEBAA/UqIOa9zNF30ZEQ2FRTSZ7FwAM/KP6U2NJvGhHwXe/ y1d4WdVmy38vXWGkDKgjCPeB+sssXg8nXIrAp5QKm0MPDEH3mOyToJoagfezy9kQ XLJiyONrKtw77Iis7V/A4nHDLGTBsk1VYjQ9u5Tq1EO1NG/wj+VVQBT2D5veZBR8 Pc1S6wQXEH86Zw3W54KUrMFRj/CFQ4W8eAeeARwsA8QA3BStqWo7Omt7mKtRc+j2 TPlq0I6f5D/USgqIZeXqh+1lAsMP17ArK2Ff3XBtI6F5AtY1//Hyd4dqgGbsEOUC iLZ+sLtG0G0Wddp1fHlhO7DP2up9g65NSqWaTUcAiDc= -----END CERTIFICATE-----Generated at Tue Mar 24 13:53:53 2026 by rpki-client