$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa File: AS17885.roa (raw, json) Hash identifier: +5xEigpCp1X2T9rrFe1WUaOISe2GaQb0l6AFpj1VLrI= Subject key identifier: 78:DA:5A:33:AC:99:5C:DC:AD:7E:36:1A:0C:31:F5:FF:B2:5C:12:FC Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Certificate serial: 6E275A1EBD17157FBBAE95E088B5EE98A2AE969E Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa Signing time: Thu 18 Sep 2025 09:02:23 +0000 ROA not before: Thu 18 Sep 2025 08:57:23 +0000 ROA not after: Thu 17 Sep 2026 09:02:23 +0000 asID: 17885 IP address blocks: 140.213.54.0/24 maxlen: 24 140.213.93.0/24 maxlen: 24 140.213.96.0/24 maxlen: 24 140.213.189.0/24 maxlen: 24 140.213.205.0/24 maxlen: 24 140.213.248.0/24 maxlen: 24 140.213.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 12:40:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:27:5a:1e:bd:17:15:7f:bb:ae:95:e0:88:b5:ee:98:a2:ae:96:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Validity Not Before: Sep 18 08:57:23 2025 GMT Not After : Sep 17 09:02:23 2026 GMT Subject: CN=78DA5A33AC995CDCAD7E361A0C31F5FFB25C12FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:54:64:b2:9a:dc:ec:8f:f6:43:ff:54:32:79: 85:24:e8:f9:df:67:74:da:f8:dc:96:16:e8:28:c8: 9a:9a:11:84:16:f0:eb:fb:e4:25:e4:f0:51:f1:a5: 6f:4e:4c:8e:c9:b1:20:b1:de:d7:c3:8d:5b:ab:f8: 3a:09:7c:99:23:38:07:12:e5:9b:76:0c:cb:04:e4: f8:83:88:ac:0f:d3:8c:7e:ee:ab:c9:db:5e:2c:ef: bd:ae:f0:4d:03:a7:9c:39:2b:50:5c:46:bc:57:a3: 08:a0:06:7f:85:ee:97:e1:dc:71:f7:43:ab:e3:ac: ab:ac:d3:2f:58:72:cc:1c:ac:e6:d2:36:cc:10:c1: 14:33:89:ce:e9:79:3c:20:50:6f:40:b9:b1:9d:10: ea:7e:d5:ad:35:04:3c:cc:bf:4c:63:46:67:be:28: ac:3e:9f:af:b7:96:16:42:7c:6c:b7:6a:6b:98:f9: 08:c8:9f:d0:97:e5:10:c2:fb:37:17:77:e2:a0:68: fc:c7:fc:08:cd:fb:85:78:b3:d5:94:da:ae:d0:6f: 98:d7:6f:91:30:a5:c1:a6:f0:b0:ea:4e:d3:4f:c6: 91:5b:ca:a6:bd:52:c3:e0:e1:8b:7b:b5:fe:30:18: 98:69:2f:3a:52:29:30:a1:48:3b:2c:7d:28:56:72: 7f:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:DA:5A:33:AC:99:5C:DC:AD:7E:36:1A:0C:31:F5:FF:B2:5C:12:FC X509v3 Authority Key Identifier: keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.54.0/24 140.213.93.0/24 140.213.96.0/24 140.213.189.0/24 140.213.205.0/24 140.213.248.0/23 Signature Algorithm: sha256WithRSAEncryption 59:e4:ee:e1:3e:a3:cc:fa:18:48:14:b9:f3:21:89:e5:37:e6: 01:96:e2:f4:c3:5a:bb:b9:91:29:46:e1:bc:7c:a1:1a:fb:48: 14:ed:f0:a3:ab:e1:0a:20:cb:68:a2:58:cc:f1:12:3e:61:bb: 10:fd:6b:a7:95:ef:b5:c2:4d:69:c6:5f:44:de:96:98:23:c0: 5c:f7:f7:09:2a:2c:4e:f1:04:e6:09:26:bc:a6:0b:a5:80:e8: d3:d2:fa:08:9b:a3:7e:d2:1d:61:08:ac:fa:9e:b8:a2:f5:b9: f4:5d:20:1f:e9:78:5d:c5:2c:9a:27:19:95:4c:05:64:11:40: eb:95:44:d1:b9:a4:59:90:bc:7d:b1:22:11:d6:aa:3a:04:a4: 87:1e:fb:20:22:2a:52:e3:6b:e1:cd:3e:6d:cf:5b:fe:cb:3f: 51:44:99:c7:76:57:0a:16:a7:73:f3:0a:0d:f3:ad:fa:55:3f: 47:0d:17:00:cf:05:74:14:5a:f6:3b:18:bb:17:b7:1c:0c:f6: 8a:d0:67:3f:4e:66:c3:bb:e9:b0:d1:5f:e0:c5:7d:94:17:6e: d4:d9:b0:36:9f:25:92:f8:f3:ff:a5:a2:5b:d0:44:f8:ed:5b: 38:33:6f:5e:9d:7c:62:a4:4c:56:2d:4e:27:7f:fa:24:c3:26: 3c:65:35:83 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUbidaHr0XFX+7rpXgiLXumKKulp4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG QzY2MEExQjAeFw0yNTA5MTgwODU3MjNaFw0yNjA5MTcwOTAyMjNaMDMxMTAvBgNV BAMTKDc4REE1QTMzQUM5OTVDRENBRDdFMzYxQTBDMzFGNUZGQjI1QzEyRkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1VGSymtzsj/ZD/1QyeYUk6Pnf Z3Ta+NyWFugoyJqaEYQW8Ov75CXk8FHxpW9OTI7JsSCx3tfDjVur+DoJfJkjOAcS 5Zt2DMsE5PiDiKwP04x+7qvJ214s772u8E0Dp5w5K1BcRrxXowigBn+F7pfh3HH3 Q6vjrKus0y9YcswcrObSNswQwRQzic7peTwgUG9AubGdEOp+1a01BDzMv0xjRme+ KKw+n6+3lhZCfGy3amuY+QjIn9CX5RDC+zcXd+KgaPzH/AjN+4V4s9WU2q7Qb5jX b5EwpcGm8LDqTtNPxpFbyqa9UsPg4Yt7tf4wGJhpLzpSKTChSDssfShWcn9ZAgMB AAGjggIcMIICGDAdBgNVHQ4EFgQUeNpaM6yZXNytfjYaDDH1/7JcEvwwHwYDVR0j BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2 MEExQi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMS9BUzE3ODg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjNU2AwQAjNVdAwQAjNVg AwQAjNW9AwQAjNXNAwQBjNX4MA0GCSqGSIb3DQEBCwUAA4IBAQBZ5O7hPqPM+hhI FLnzIYnlN+YBluL0w1q7uZEpRuG8fKEa+0gU7fCjq+EKIMtooljM8RI+YbsQ/Wun le+1wk1pxl9E3paYI8Bc9/cJKixO8QTmCSa8pgulgOjT0voIm6N+0h1hCKz6nrii 9bn0XSAf6XhdxSyaJxmVTAVkEUDrlUTRuaRZkLx9sSIR1qo6BKSHHvsgIipS42vh zT5tz1v+yz9RRJnHdlcKFqdz8woN8636VT9HDRcAzwV0FFr2Oxi7F7ccDPaK0Gc/ TmbDu+mw0V/gxX2UF27U2bA2nyWS+PP/paJb0ET47Vs4M29enXxipExWLU4nf/ok wyY8ZTWD -----END CERTIFICATE-----Generated at Tue Oct 28 06:25:46 2025 by rpki-client