$ rpki-client -vvf repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32332d3233203d3e20313534343130.roa File: 3135372e32302e3132302e302f32332d3233203d3e20313534343130.roa (raw, json) Hash identifier: lmVngEBe+ol/9b06ya+bCPv6lgMDxsavw+P3OiEfjPk= Subject key identifier: 5E:03:2F:9F:B4:B0:FD:5A:0C:0D:DF:85:C3:7A:1E:BE:69:59:AF:AC Certificate issuer: /CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Certificate serial: 25B7F1F596C72CC7F3625EE389702238EEFE819A Authority key identifier: D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32332d3233203d3e20313534343130.roa Signing time: Wed 18 Mar 2026 23:28:43 +0000 ROA not before: Wed 18 Mar 2026 23:23:43 +0000 ROA not after: Wed 17 Mar 2027 23:28:43 +0000 asID: 154410 IP address blocks: 157.20.120.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 18:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b7:f1:f5:96:c7:2c:c7:f3:62:5e:e3:89:70:22:38:ee:fe:81:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Validity Not Before: Mar 18 23:23:43 2026 GMT Not After : Mar 17 23:28:43 2027 GMT Subject: CN=5E032F9FB4B0FD5A0C0DDF85C37A1EBE6959AFAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:05:84:e2:b8:30:c5:b7:59:05:ea:b4:a3:77: 82:4e:30:67:5c:a0:ac:3a:83:24:5f:4d:a2:bc:20: a1:99:c3:dc:64:65:15:01:41:c2:2b:0d:b1:8c:5e: ba:4a:9f:0c:4f:78:c4:b2:15:8d:1a:2c:11:f7:07: 89:3b:63:01:f6:43:ab:0e:6b:56:64:f2:61:aa:0a: 9d:a2:e9:4f:99:72:57:ac:f8:9e:e4:2c:f5:73:f8: 6c:d0:23:0a:0a:99:04:a1:f9:90:09:ba:78:8d:9c: bc:cc:4b:d4:63:5c:f6:d5:d0:2b:27:48:21:cb:07: 19:e0:fc:94:b1:04:e9:70:d7:92:9c:36:5d:d6:80: 1f:7e:54:ca:8a:aa:66:72:af:3e:61:60:c1:61:f4: 02:fd:81:f7:f3:99:7f:ac:91:a1:30:59:fd:24:a3: 84:8b:87:ce:65:cf:4b:5d:4c:98:8b:fc:ab:74:57: f0:f8:60:8c:91:d4:8a:29:a7:33:3e:74:0a:6d:3a: 13:86:41:03:f1:96:8a:d8:f2:80:38:4e:f1:5c:48: 26:97:d0:de:87:a5:ae:b6:c7:23:de:a1:a4:b5:15: 9b:d2:3d:fc:44:bd:b2:33:3c:33:ac:e8:46:3c:9c: 12:b7:d6:64:29:67:ce:45:8d:ed:a4:f4:67:b4:2a: e8:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:03:2F:9F:B4:B0:FD:5A:0C:0D:DF:85:C3:7A:1E:BE:69:59:AF:AC X509v3 Authority Key Identifier: keyid:D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32332d3233203d3e20313534343130.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.120.0/23 Signature Algorithm: sha256WithRSAEncryption 77:d6:17:00:3e:27:73:9a:91:c2:61:ba:8c:12:99:0c:98:d2: 10:6c:f8:26:52:bf:b6:50:df:67:20:a5:a0:aa:9f:44:0a:2d: e8:38:29:95:d7:20:16:66:ba:e8:76:08:28:7e:7f:d8:c8:f9: 60:e7:7b:df:7a:b7:00:9c:d5:ef:fe:3f:ee:56:e4:5e:45:f9: 7b:91:d4:53:d7:21:5b:b2:55:be:f0:a9:4a:12:e5:1d:2e:e9: 4c:d1:3d:b1:c3:9d:05:e3:b4:c0:02:e5:84:40:54:cd:6d:53: 81:80:ee:82:b0:3c:69:b1:9d:b1:55:75:94:a2:04:07:31:c9: b4:20:a2:cb:97:1b:a4:8f:34:87:c1:56:9b:4e:19:f6:71:bd: 4a:4d:fe:47:d7:bf:c9:a5:93:1b:7b:2b:d0:f5:93:ee:17:10: ea:de:bf:65:70:64:ac:85:6b:fa:c3:47:95:ad:c5:1f:ab:c1: 61:e2:2b:22:91:d3:9c:28:9c:6a:29:f0:6b:c9:8a:e0:81:a8: 56:94:e4:a4:0a:83:70:84:49:1e:8a:63:a0:cb:3d:49:9c:eb: 53:21:8a:bc:85:6d:c0:b0:d8:9f:21:93:57:99:ac:07:60:ea: a7:20:e3:47:12:70:e2:27:3c:f1:50:6c:a1:ec:aa:e0:54:b0: a9:1c:82:70 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUJbfx9ZbHLMfzYl7jiXAiOO7+gZowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVB Q0YzMjM2ODAeFw0yNjAzMTgyMzIzNDNaFw0yNzAzMTcyMzI4NDNaMDMxMTAvBgNV BAMTKDVFMDMyRjlGQjRCMEZENUEwQzBEREY4NUMzN0ExRUJFNjk1OUFGQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTBYTiuDDFt1kF6rSjd4JOMGdc oKw6gyRfTaK8IKGZw9xkZRUBQcIrDbGMXrpKnwxPeMSyFY0aLBH3B4k7YwH2Q6sO a1Zk8mGqCp2i6U+Zcles+J7kLPVz+GzQIwoKmQSh+ZAJuniNnLzMS9RjXPbV0Csn SCHLBxng/JSxBOlw15KcNl3WgB9+VMqKqmZyrz5hYMFh9AL9gffzmX+skaEwWf0k o4SLh85lz0tdTJiL/Kt0V/D4YIyR1IoppzM+dAptOhOGQQPxlorY8oA4TvFcSCaX 0N6Hpa62xyPeoaS1FZvSPfxEvbIzPDOs6EY8nBK31mQpZ85Fje2k9Ge0KuiBAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUXgMvn7Sw/VoMDd+Fw3oevmlZr6wwHwYDVR0j BBgwFoAU14/lrocO8iH9lXdc/q/q1azzI2gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NjQ0MjYzYS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC9ENzhGRTVBRTg3 MEVGMjIxRkQ5NTc3NUNGRUFGRUFENUFDRjMyMzY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVBQ0Yz MjM2OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2NDQyNjNhLThlZTItNGVlYy1h ODEwLTU3MzNjY2FmNTFlMy8wLzMxMzUzNzJlMzIzMDJlMzEzMjMwMmUzMDJmMzIz MzJkMzIzMzIwM2QzZTIwMzEzNTM0MzQzMTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRR4MA0GCSqG SIb3DQEBCwUAA4IBAQB31hcAPidzmpHCYbqMEpkMmNIQbPgmUr+2UN9nIKWgqp9E Ci3oOCmV1yAWZrrodggofn/YyPlg53vfercAnNXv/j/uVuReRfl7kdRT1yFbslW+ 8KlKEuUdLulM0T2xw50F47TAAuWEQFTNbVOBgO6CsDxpsZ2xVXWUogQHMcm0IKLL lxukjzSHwVabThn2cb1KTf5H17/JpZMbeyvQ9ZPuFxDq3r9lcGSshWv6w0eVrcUf q8Fh4isikdOcKJxqKfBryYrggahWlOSkCoNwhEkeimOgyz1JnOtTIYq8hW3AsNif IZNXmawHYOqnIONHEnDiJzzxUGyh7KrgVLCpHIJw -----END CERTIFICATE-----Generated at Wed Mar 25 05:33:39 2026 by rpki-client