$ rpki-client -vvf repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313534343130.roa File: 3135372e32302e3132302e302f32342d3234203d3e20313534343130.roa (raw, json) Hash identifier: 2l2Mce3IIODsuV65WJPoKh9ocEJfKs6B1PPle50ZAFk= Subject key identifier: A9:C3:30:56:DD:68:ED:1A:FC:B7:2B:D0:A1:3D:2D:73:3C:0C:33:EF Certificate issuer: /CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Certificate serial: 193C9826C78637A18E1F9AB9FC6F7836D98925A3 Authority key identifier: D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313534343130.roa Signing time: Wed 18 Mar 2026 23:28:53 +0000 ROA not before: Wed 18 Mar 2026 23:23:53 +0000 ROA not after: Wed 17 Mar 2027 23:28:53 +0000 asID: 154410 IP address blocks: 157.20.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Mar 2026 18:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:3c:98:26:c7:86:37:a1:8e:1f:9a:b9:fc:6f:78:36:d9:89:25:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D78FE5AE870EF221FD95775CFEAFEAD5ACF32368 Validity Not Before: Mar 18 23:23:53 2026 GMT Not After : Mar 17 23:28:53 2027 GMT Subject: CN=A9C33056DD68ED1AFCB72BD0A13D2D733C0C33EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fe:fd:11:4b:86:05:6e:81:f1:b5:72:58:bd: 25:fd:79:05:3e:1d:69:50:39:73:60:a4:6e:51:f3: d8:d8:41:35:e2:5e:b9:86:ca:92:28:d3:29:b3:35: 13:4b:14:ec:d3:2f:f6:1d:88:4f:4f:5c:3e:a1:d7: 57:4e:72:c3:dd:7a:a5:2a:98:ca:b0:40:5a:c2:7a: b7:09:0f:6f:80:73:c5:50:d1:3f:be:f3:ed:21:15: 2d:cb:a2:21:62:7a:b6:b4:75:de:22:d6:93:3e:f8: 53:eb:4c:82:1f:33:45:45:95:4e:3d:8c:55:ac:74: 44:df:83:27:7d:e0:bd:bc:d8:2f:07:ae:60:d2:02: 39:13:3e:8d:16:53:82:06:7b:33:25:86:27:f2:93: e5:b1:89:e4:8f:c3:d3:4a:8c:44:60:d3:b3:73:d2: 77:63:20:24:99:ba:f6:1d:c2:b8:06:38:27:3b:67: 18:a3:f7:15:88:cf:ee:08:ab:de:62:1d:a0:e8:3d: e4:f3:c7:fb:33:80:d9:43:c6:e4:94:71:7e:ef:8e: aa:5f:8f:3f:b9:2d:8c:ab:fb:3c:d6:66:d3:8d:df: a8:8c:b1:59:12:b0:58:98:1a:8b:fa:65:a2:e3:57: 9a:42:0b:97:6d:cd:2b:be:d0:cd:ca:4a:05:df:e9: 8c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:C3:30:56:DD:68:ED:1A:FC:B7:2B:D0:A1:3D:2D:73:3C:0C:33:EF X509v3 Authority Key Identifier: keyid:D7:8F:E5:AE:87:0E:F2:21:FD:95:77:5C:FE:AF:EA:D5:AC:F3:23:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/D78FE5AE870EF221FD95775CFEAFEAD5ACF32368.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/3135372e32302e3132302e302f32342d3234203d3e20313534343130.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.120.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:19:f7:3e:42:4c:2e:5c:1b:1c:b4:db:59:30:f0:25:ef:a9: 58:b0:f5:c2:21:5b:d3:6f:d8:77:11:b4:b6:b8:7e:fa:7b:28: a0:81:24:50:8b:1b:27:55:72:fc:2f:6e:b2:e1:24:99:84:dc: 62:b6:d4:a7:04:3f:02:84:f1:56:df:ef:62:12:43:69:87:cf: 3c:8e:1a:fc:ba:38:e7:05:5e:f7:93:1e:27:f2:55:82:6d:6d: 10:46:21:7e:6a:cd:36:e2:5e:ea:12:70:3c:ca:7b:b8:6b:b8: e0:36:f3:91:c2:c8:db:d6:b7:ac:60:bf:95:f7:74:04:28:1d: 1b:e6:dd:54:25:38:4a:32:12:33:cc:b4:7c:b5:6a:84:74:58: 28:6c:73:3f:0c:06:0a:ed:bf:99:98:91:80:90:c9:39:6f:01: a8:13:90:63:fd:bc:6c:58:c2:4d:d4:f2:c4:60:7e:72:e8:d2: c6:c8:3a:46:7b:59:cc:78:7d:a3:22:49:a7:46:de:0b:23:39: 9d:dc:4f:08:aa:ac:13:cd:61:ea:df:44:21:1e:51:f0:52:6a: dc:97:7e:07:6c:70:7f:2f:54:c0:28:04:37:92:93:ee:5d:96: e2:f4:14:45:aa:87:84:93:af:26:0f:c7:34:24:79:32:e8:08: f2:5e:2a:30 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUGTyYJseGN6GOH5q5/G94NtmJJaMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVB Q0YzMjM2ODAeFw0yNjAzMTgyMzIzNTNaFw0yNzAzMTcyMzI4NTNaMDMxMTAvBgNV BAMTKEE5QzMzMDU2REQ2OEVEMUFGQ0I3MkJEMEExM0QyRDczM0MwQzMzRUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/v0RS4YFboHxtXJYvSX9eQU+ HWlQOXNgpG5R89jYQTXiXrmGypIo0ymzNRNLFOzTL/YdiE9PXD6h11dOcsPdeqUq mMqwQFrCercJD2+Ac8VQ0T++8+0hFS3LoiFiera0dd4i1pM++FPrTIIfM0VFlU49 jFWsdETfgyd94L282C8HrmDSAjkTPo0WU4IGezMlhifyk+WxieSPw9NKjERg07Nz 0ndjICSZuvYdwrgGOCc7Zxij9xWIz+4Iq95iHaDoPeTzx/szgNlDxuSUcX7vjqpf jz+5LYyr+zzWZtON36iMsVkSsFiYGov6ZaLjV5pCC5dtzSu+0M3KSgXf6YwbAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUqcMwVt1o7Rr8tyvQoT0tczwMM+8wHwYDVR0j BBgwFoAU14/lrocO8iH9lXdc/q/q1azzI2gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NjQ0MjYzYS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC9ENzhGRTVBRTg3 MEVGMjIxRkQ5NTc3NUNGRUFGRUFENUFDRjMyMzY4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvRDc4RkU1QUU4NzBFRjIyMUZEOTU3NzVDRkVBRkVBRDVBQ0Yz MjM2OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2NDQyNjNhLThlZTItNGVlYy1h ODEwLTU3MzNjY2FmNTFlMy8wLzMxMzUzNzJlMzIzMDJlMzEzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTM0MzQzMTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRR4MA0GCSqG SIb3DQEBCwUAA4IBAQAvGfc+QkwuXBsctNtZMPAl76lYsPXCIVvTb9h3EbS2uH76 eyiggSRQixsnVXL8L26y4SSZhNxittSnBD8ChPFW3+9iEkNph888jhr8ujjnBV73 kx4n8lWCbW0QRiF+as024l7qEnA8ynu4a7jgNvORwsjb1resYL+V93QEKB0b5t1U JThKMhIzzLR8tWqEdFgobHM/DAYK7b+ZmJGAkMk5bwGoE5Bj/bxsWMJN1PLEYH5y 6NLGyDpGe1nMeH2jIkmnRt4LIzmd3E8IqqwTzWHq30QhHlHwUmrcl34HbHB/L1TA KAQ3kpPuXZbi9BRFqoeEk68mD8c0JHky6AjyXiow -----END CERTIFICATE-----Generated at Wed Mar 25 05:33:54 2026 by rpki-client