$ rpki-client -vvf repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234362e302f32342d3234203d3e203234323131.roa File: 3230332e3139302e3234362e302f32342d3234203d3e203234323131.roa (raw, json) Hash identifier: /x0d/B7SH930zGuc3qy32lnZBzw3Tko/OpPt1flx/d4= Subject key identifier: 2F:CA:65:9D:A6:A5:86:AB:55:3A:CC:49:81:7B:72:4A:B2:6E:74:9F Certificate issuer: /CN=DC935B44A30F5AECC1B1A1508E4B812572AB769B Certificate serial: 42DF672836BBAE5C9B92108F4296A67DC62B3F75 Authority key identifier: DC:93:5B:44:A3:0F:5A:EC:C1:B1:A1:50:8E:4B:81:25:72:AB:76:9B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234362e302f32342d3234203d3e203234323131.roa Signing time: Fri 24 Oct 2025 11:00:01 +0000 ROA not before: Fri 24 Oct 2025 10:55:01 +0000 ROA not after: Fri 23 Oct 2026 11:00:01 +0000 asID: 24211 IP address blocks: 203.190.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.crl rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 17:49:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:df:67:28:36:bb:ae:5c:9b:92:10:8f:42:96:a6:7d:c6:2b:3f:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC935B44A30F5AECC1B1A1508E4B812572AB769B Validity Not Before: Oct 24 10:55:01 2025 GMT Not After : Oct 23 11:00:01 2026 GMT Subject: CN=2FCA659DA6A586AB553ACC49817B724AB26E749F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:69:5f:fa:20:92:74:d9:ea:47:6c:d4:db:74: c8:d5:8f:cf:68:d2:26:21:5a:6f:5c:e4:ec:b6:36: bf:b9:06:7e:9d:5a:ad:ca:d0:e1:c6:9e:03:7c:a8: f3:da:5a:9f:60:aa:72:eb:c8:06:5b:75:16:b2:d5: 33:9c:87:e3:0c:c7:d4:8d:b7:4b:9a:3d:3a:aa:44: 1c:b9:b7:f9:7b:a4:61:9b:38:b0:b1:e7:08:e1:26: 33:25:9c:73:80:0e:5f:50:4e:00:f5:d1:6d:e2:c2: c0:72:8c:e9:99:00:1b:32:6d:2c:a5:ea:05:31:0d: 9f:b7:c0:15:9d:c8:ad:8f:a0:5d:c5:c0:a2:d4:50: 51:6b:fb:6f:c7:23:b5:e9:25:86:d4:27:1b:bf:ac: a9:9a:09:20:7c:2f:14:84:7b:27:08:f9:59:1c:97: 35:ee:95:63:c3:a8:22:b4:a8:4c:46:4a:49:b4:d2: e5:5c:7d:9f:0a:12:97:47:be:02:bc:f4:ab:e0:d7: 6c:67:bf:83:f2:4c:89:7e:4a:61:3f:b4:e6:34:4d: dd:2d:83:e9:07:00:24:cd:f1:2c:04:23:51:0a:56: 57:90:a0:28:5e:29:76:e6:c8:23:28:1b:8a:71:2b: fe:14:8c:77:71:27:8f:b4:c0:3d:6a:ec:2d:d0:46: 4f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:CA:65:9D:A6:A5:86:AB:55:3A:CC:49:81:7B:72:4A:B2:6E:74:9F X509v3 Authority Key Identifier: keyid:DC:93:5B:44:A3:0F:5A:EC:C1:B1:A1:50:8E:4B:81:25:72:AB:76:9B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/DC935B44A30F5AECC1B1A1508E4B812572AB769B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC935B44A30F5AECC1B1A1508E4B812572AB769B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/59f013f9-b4f7-458c-aac5-08041b3f65e6/0/3230332e3139302e3234362e302f32342d3234203d3e203234323131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.190.246.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:a0:9b:c0:2c:6c:c9:d5:1e:ce:df:99:e2:43:5f:c5:66:3b: 0a:6f:41:f2:1c:cb:b5:2d:b0:43:cd:4d:22:00:37:48:d8:3a: 03:ba:3e:92:4c:04:a9:ca:12:77:99:51:6a:c3:c0:a9:0d:56: d0:d6:c5:94:24:c5:10:69:f2:c7:ee:d8:14:dc:a0:cf:f1:8c: 95:79:fd:69:88:17:45:5d:7b:71:21:e2:a8:f8:12:a8:b5:02: c1:46:30:1f:5a:f2:ec:a9:8b:09:5f:36:d8:b0:35:e3:0f:31: 87:f8:7a:2a:45:00:29:1f:e2:31:77:85:ed:b2:c6:fb:d5:20: e7:91:92:32:e5:32:0a:b1:0f:0d:a6:37:5f:6f:e5:36:0f:44: 1f:9a:29:dc:46:c6:42:94:6b:70:c3:46:57:33:eb:7f:9d:48: 0d:4b:0c:e3:78:cf:a7:11:46:70:ea:e0:75:be:02:8a:13:a0: a9:ac:b3:34:0d:f8:ae:bd:13:1d:39:47:fe:d5:fd:ec:1b:d6: 58:3f:b2:db:db:b0:a5:d2:0a:ac:29:21:8a:87:45:ac:f5:9f: e8:1b:4e:48:73:1c:03:f3:0d:59:c8:d9:e6:d3:42:ce:14:da: 2a:2e:3e:81:0e:9d:87:20:0c:c8:e4:c8:14:42:3e:7d:53:3d: fd:84:48:eb -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUQt9nKDa7rlybkhCPQpamfcYrP3UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREM5MzVCNDRBMzBGNUFFQ0MxQjFBMTUwOEU0QjgxMjU3 MkFCNzY5QjAeFw0yNTEwMjQxMDU1MDFaFw0yNjEwMjMxMTAwMDFaMDMxMTAvBgNV BAMTKDJGQ0E2NTlEQTZBNTg2QUI1NTNBQ0M0OTgxN0I3MjRBQjI2RTc0OUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDaV/6IJJ02epHbNTbdMjVj89o 0iYhWm9c5Oy2Nr+5Bn6dWq3K0OHGngN8qPPaWp9gqnLryAZbdRay1TOch+MMx9SN t0uaPTqqRBy5t/l7pGGbOLCx5wjhJjMlnHOADl9QTgD10W3iwsByjOmZABsybSyl 6gUxDZ+3wBWdyK2PoF3FwKLUUFFr+2/HI7XpJYbUJxu/rKmaCSB8LxSEeycI+Vkc lzXulWPDqCK0qExGSkm00uVcfZ8KEpdHvgK89Kvg12xnv4PyTIl+SmE/tOY0Td0t g+kHACTN8SwEI1EKVleQoCheKXbmyCMoG4pxK/4UjHdxJ4+0wD1q7C3QRk+XAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUL8plnaalhqtVOsxJgXtySrJudJ8wHwYDVR0j BBgwFoAU3JNbRKMPWuzBsaFQjkuBJXKrdpswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 OWYwMTNmOS1iNGY3LTQ1OGMtYWFjNS0wODA0MWIzZjY1ZTYvMC9EQzkzNUI0NEEz MEY1QUVDQzFCMUExNTA4RTRCODEyNTcyQUI3NjlCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREM5MzVCNDRBMzBGNUFFQ0MxQjFBMTUwOEU0QjgxMjU3MkFC NzY5Qi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU5ZjAxM2Y5LWI0ZjctNDU4Yy1h YWM1LTA4MDQxYjNmNjVlNi8wLzMyMzAzMzJlMzEzOTMwMmUzMjM0MzYyZTMwMmYz MjM0MmQzMjM0MjAzZDNlMjAzMjM0MzIzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy772MA0GCSqG SIb3DQEBCwUAA4IBAQA9oJvALGzJ1R7O35niQ1/FZjsKb0HyHMu1LbBDzU0iADdI 2DoDuj6STASpyhJ3mVFqw8CpDVbQ1sWUJMUQafLH7tgU3KDP8YyVef1piBdFXXtx IeKo+BKotQLBRjAfWvLsqYsJXzbYsDXjDzGH+HoqRQApH+Ixd4Xtssb71SDnkZIy 5TIKsQ8Npjdfb+U2D0QfmincRsZClGtww0ZXM+t/nUgNSwzjeM+nEUZw6uB1vgKK E6CprLM0DfiuvRMdOUf+1f3sG9ZYP7Lb27Cl0gqsKSGKh0Ws9Z/oG05IcxwD8w1Z yNnm00LOFNoqLj6BDp2HIAzI5MgUQj59Uz39hEjr -----END CERTIFICATE-----Generated at Tue Oct 28 06:35:22 2025 by rpki-client