$ rpki-client -vvf repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234302e302f32312d3231203d3e203234323131.roa File: 3230332e3139302e3234302e302f32312d3231203d3e203234323131.roa (raw, json) Hash identifier: 9cT4iugSxv8GmMun4x7hly+W1FXP98Oz1aJbYUXbphk= Subject key identifier: 99:1F:6A:40:75:AA:8A:21:AA:A1:54:9F:BB:60:47:96:63:0B:E5:7E Certificate issuer: /CN=DC935B44A30F5AECC1B1A1508E4B812572AB769B Certificate serial: 43EA8D40A48F4F50FFB06B0DFF27728C06181A1E Authority key identifier: DC:93:5B:44:A3:0F:5A:EC:C1:B1:A1:50:8E:4B:81:25:72:AB:76:9B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234302e302f32312d3231203d3e203234323131.roa Signing time: Fri 24 Oct 2025 11:00:01 +0000 ROA not before: Fri 24 Oct 2025 10:55:01 +0000 ROA not after: Fri 23 Oct 2026 11:00:01 +0000 asID: 24211 IP address blocks: 203.190.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.crl rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 17:49:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:ea:8d:40:a4:8f:4f:50:ff:b0:6b:0d:ff:27:72:8c:06:18:1a:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC935B44A30F5AECC1B1A1508E4B812572AB769B Validity Not Before: Oct 24 10:55:01 2025 GMT Not After : Oct 23 11:00:01 2026 GMT Subject: CN=991F6A4075AA8A21AAA1549FBB604796630BE57E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6b:59:80:f9:d7:60:30:2d:84:5d:63:b7:a0: 44:2a:ba:29:ac:4e:84:fc:09:0b:d9:61:1f:58:cb: 7f:fa:1e:18:38:23:f5:97:dd:43:12:0b:ee:0d:fd: 92:f3:78:58:6c:a6:d9:87:36:5b:3b:2f:bd:3c:7f: 2a:8f:66:1c:25:d5:01:95:8c:c8:a9:59:c4:f1:2f: 44:08:20:08:fe:c8:a0:c4:2f:b8:6d:fd:a1:59:49: b0:19:ce:57:04:51:c6:32:70:f5:ac:8f:c3:66:b6: d1:7c:ef:5e:df:c1:1b:7a:60:84:56:48:27:91:5b: f6:2d:1e:b4:52:e0:00:2d:2e:5c:57:b0:85:f6:cd: c1:a6:e0:e4:db:64:ca:ef:c3:a3:31:58:2e:8a:ac: 21:4c:41:22:51:04:87:57:e9:b4:82:3f:9e:81:4c: b7:aa:e8:4d:a9:55:3d:ba:f5:36:ba:63:35:ab:08: 8a:33:f3:47:d7:64:08:6e:0c:57:b6:ad:e9:74:2a: aa:b8:16:01:7f:2e:ec:02:c2:62:a9:72:9d:80:9d: 3f:12:76:4b:17:e4:6b:8c:79:cc:fb:bb:78:5f:b0: bb:13:b6:f7:37:8b:88:27:a7:c0:30:c7:c9:fd:40: 2b:19:51:46:d3:b7:fb:1d:ea:b3:fe:b9:0c:f7:c8: d7:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:1F:6A:40:75:AA:8A:21:AA:A1:54:9F:BB:60:47:96:63:0B:E5:7E X509v3 Authority Key Identifier: keyid:DC:93:5B:44:A3:0F:5A:EC:C1:B1:A1:50:8E:4B:81:25:72:AB:76:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234302e302f32312d3231203d3e203234323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.190.240.0/21 Signature Algorithm: sha256WithRSAEncryption 47:a5:25:db:7a:e5:c1:50:0d:d1:97:35:02:18:65:cf:47:88: 45:d5:d0:59:c6:b7:0c:32:fd:c8:62:37:5e:ff:a0:fe:da:ad: d5:ed:c7:8c:93:e4:df:64:ea:5f:ff:86:98:dd:a9:b0:f7:31: 22:b0:d5:12:ef:f2:ef:82:16:50:13:8f:82:51:d1:dc:b8:bb: 88:52:77:e7:72:40:44:2b:98:a9:86:87:e2:47:4a:11:ab:bc: 61:33:68:a7:60:0a:ce:bb:e9:bd:f5:85:c4:04:87:e0:e4:88: 33:46:0b:8e:f4:13:cf:d8:55:3a:98:11:b6:c8:2c:1f:c9:32: 45:0e:8c:f1:3a:3a:40:e0:a1:e2:b2:eb:37:df:85:db:d3:b2: 8f:75:85:b9:03:91:a5:ce:29:5a:f0:53:3e:2b:f2:dc:2c:bb: 81:36:61:51:fa:5d:bc:6c:07:4c:ca:97:3c:6a:05:63:85:af: b9:98:9b:8f:f0:ca:0d:26:24:7f:b5:9c:c1:31:b3:de:6c:61: f1:fb:d7:14:d4:9c:ef:99:2c:c8:22:f0:cf:19:25:cf:5b:a7: df:30:df:6f:e4:dd:ac:92:87:eb:ea:43:49:fc:1d:db:c7:8b: e4:94:31:6b:9e:86:4c:c9:6e:a1:ad:3a:60:e0:ca:f7:77:70: 6d:05:2f:e1 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQ+qNQKSPT1D/sGsN/ydyjAYYGh4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREM5MzVCNDRBMzBGNUFFQ0MxQjFBMTUwOEU0QjgxMjU3 MkFCNzY5QjAeFw0yNTEwMjQxMDU1MDFaFw0yNjEwMjMxMTAwMDFaMDMxMTAvBgNV BAMTKDk5MUY2QTQwNzVBQThBMjFBQUExNTQ5RkJCNjA0Nzk2NjMwQkU1N0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBa1mA+ddgMC2EXWO3oEQquims ToT8CQvZYR9Yy3/6Hhg4I/WX3UMSC+4N/ZLzeFhsptmHNls7L708fyqPZhwl1QGV jMipWcTxL0QIIAj+yKDEL7ht/aFZSbAZzlcEUcYycPWsj8NmttF8717fwRt6YIRW SCeRW/YtHrRS4AAtLlxXsIX2zcGm4OTbZMrvw6MxWC6KrCFMQSJRBIdX6bSCP56B TLeq6E2pVT269Ta6YzWrCIoz80fXZAhuDFe2rel0Kqq4FgF/LuwCwmKpcp2AnT8S dksX5GuMecz7u3hfsLsTtvc3i4gnp8Awx8n9QCsZUUbTt/sd6rP+uQz3yNf9AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUmR9qQHWqiiGqoVSfu2BHlmML5X4wHwYDVR0j BBgwFoAU3JNbRKMPWuzBsaFQjkuBJXKrdpswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWYwMTNmOS1iNGY3LTQ1OGMtYWFjNS0wODA0MWIzZjY1ZTYvMC9EQzkzNUI0NEEz MEY1QUVDQzFCMUExNTA4RTRCODEyNTcyQUI3NjlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREM5MzVCNDRBMzBGNUFFQ0MxQjFBMTUwOEU0QjgxMjU3MkFC NzY5Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU5ZjAxM2Y5LWI0ZjctNDU4Yy1h YWM1LTA4MDQxYjNmNjVlNi8wLzMyMzAzMzJlMzEzOTMwMmUzMjM0MzAyZTMwMmYz MjMxMmQzMjMxMjAzZDNlMjAzMjM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDy77wMA0GCSqG SIb3DQEBCwUAA4IBAQBHpSXbeuXBUA3RlzUCGGXPR4hF1dBZxrcMMv3IYjde/6D+ 2q3V7ceMk+TfZOpf/4aY3amw9zEisNUS7/LvghZQE4+CUdHcuLuIUnfnckBEK5ip hofiR0oRq7xhM2inYArOu+m99YXEBIfg5IgzRguO9BPP2FU6mBG2yCwfyTJFDozx OjpA4KHisus334Xb07KPdYW5A5Glzila8FM+K/LcLLuBNmFR+l28bAdMypc8agVj ha+5mJuP8MoNJiR/tZzBMbPebGHx+9cU1JzvmSzIIvDPGSXPW6ffMN9v5N2skofr 6kNJ/B3bx4vklDFrnoZMyW6hrTpg4Mr3d3BtBS/h -----END CERTIFICATE-----Generated at Tue Oct 28 06:32:36 2025 by rpki-client