$ rpki-client -vvf repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3137322e302f32332d3233203d3e203435373235.roa File: 3230322e3135302e3137322e302f32332d3233203d3e203435373235.roa (raw, json) Hash identifier: xC6iCUJS7sp4GX/eEQoZ92l1XLRswuGGeIaV26g4P7I= Subject key identifier: 7B:AA:5D:16:31:F7:67:FC:99:75:20:1D:2A:2F:78:F1:86:B3:FD:E8 Certificate issuer: /CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Certificate serial: 114A8555C1AB17992FB73DA63F7E56D33C29983E Authority key identifier: BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject info access: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3137322e302f32332d3233203d3e203435373235.roa Signing time: Sun 06 Apr 2025 15:15:17 +0000 ROA not before: Sun 06 Apr 2025 15:10:17 +0000 ROA not after: Sun 05 Apr 2026 15:15:17 +0000 asID: 45725 IP address blocks: 202.150.172.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 23:04:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:4a:85:55:c1:ab:17:99:2f:b7:3d:a6:3f:7e:56:d3:3c:29:98:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Validity Not Before: Apr 6 15:10:17 2025 GMT Not After : Apr 5 15:15:17 2026 GMT Subject: CN=7BAA5D1631F767FC9975201D2A2F78F186B3FDE8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b8:0b:b5:1f:32:cf:b4:04:1e:7c:30:79:ad: ad:04:d3:c3:4d:a0:5b:1c:56:a2:2d:ee:51:8b:12: 54:e3:4d:36:ba:7c:dd:58:f1:da:74:fb:b9:67:8d: 69:4e:81:83:bf:bf:0a:db:0f:71:dd:64:d3:62:e0: 23:b1:74:66:e4:e1:79:29:9e:90:1a:8e:68:f3:d5: a6:ed:58:69:80:2a:87:c1:52:63:01:4e:5a:90:b6: b8:13:e6:ab:95:de:d6:96:96:36:4a:75:c8:64:6b: 09:51:9a:a2:bf:f0:40:3a:1d:17:be:03:45:e6:6c: e9:11:ce:95:8b:52:2f:8e:23:3c:87:fe:89:d2:09: 03:03:63:2c:8f:22:65:aa:9d:21:93:1b:05:de:0b: 63:11:a9:13:eb:00:f6:8f:af:5f:84:5d:e0:6d:78: ce:5e:31:56:f4:b4:e9:a7:f2:3b:2a:4a:e7:d7:85: 10:6c:fe:7c:06:2a:74:93:2b:d0:92:7f:60:29:f6: a2:68:00:7c:2a:08:45:b5:25:22:5b:1d:c2:a6:11: 70:f3:c7:6d:c6:29:62:05:93:e0:70:c9:c9:04:f9: 19:6d:84:8e:62:81:39:09:39:7a:18:4c:bb:f8:b0: 63:96:89:da:4f:b9:37:3b:50:bb:90:5b:26:ec:55: 5e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:AA:5D:16:31:F7:67:FC:99:75:20:1D:2A:2F:78:F1:86:B3:FD:E8 X509v3 Authority Key Identifier: keyid:BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/3230322e3135302e3137322e302f32332d3233203d3e203435373235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.150.172.0/23 Signature Algorithm: sha256WithRSAEncryption 1c:74:57:cc:76:44:31:4c:be:e5:21:cd:e7:4f:8a:5d:8b:1c: c7:b6:f6:f6:f0:8f:53:4f:38:00:15:7e:7d:eb:5e:99:32:ac: d0:08:ed:0f:f5:30:4b:1e:13:60:43:2d:bb:ac:7b:1e:e6:35: dd:70:8c:31:80:7d:b3:82:d3:0e:7c:c1:6a:97:69:8e:9e:ce: 46:52:37:a1:03:a3:fe:33:8e:79:d1:4b:8e:64:28:37:7a:bb: 3c:d9:4a:26:42:a9:3c:61:3b:e6:aa:48:e3:59:3a:30:22:00: a6:42:10:08:d1:29:c6:51:c7:ae:c6:ba:0d:90:f0:77:46:a1: 9c:5f:9d:2b:cd:58:42:ae:a7:81:7d:db:40:b9:f9:22:4e:48: 66:41:9c:27:10:9e:c9:b4:43:ad:66:7d:88:89:f1:04:1e:59: 5f:ac:90:10:d2:1f:a6:26:4e:59:04:4c:71:38:ee:2a:bd:a5: de:c6:9b:2e:d5:d0:d5:d4:52:61:a3:52:97:8f:95:fc:52:b7: 37:c6:cf:bb:21:f2:86:e7:cc:e5:92:8d:c9:90:ed:a8:79:e1: 44:02:44:27:b9:da:98:ad:53:f9:4d:c6:c3:b1:34:b8:8a:0e: c2:0c:46:9e:26:16:63:03:23:3b:51:9e:24:db:13:d7:8a:9c: 71:3f:c4:24 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUEUqFVcGrF5kvtz2mP35W0zwpmD4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYy NzQ1ODEwMzAeFw0yNTA0MDYxNTEwMTdaFw0yNjA0MDUxNTE1MTdaMDMxMTAvBgNV BAMTKDdCQUE1RDE2MzFGNzY3RkM5OTc1MjAxRDJBMkY3OEYxODZCM0ZERTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJuAu1HzLPtAQefDB5ra0E08NN oFscVqIt7lGLElTjTTa6fN1Y8dp0+7lnjWlOgYO/vwrbD3HdZNNi4COxdGbk4Xkp npAajmjz1abtWGmAKofBUmMBTlqQtrgT5quV3taWljZKdchkawlRmqK/8EA6HRe+ A0XmbOkRzpWLUi+OIzyH/onSCQMDYyyPImWqnSGTGwXeC2MRqRPrAPaPr1+EXeBt eM5eMVb0tOmn8jsqSufXhRBs/nwGKnSTK9CSf2Ap9qJoAHwqCEW1JSJbHcKmEXDz x23GKWIFk+BwyckE+RlthI5igTkJOXoYTLv4sGOWidpPuTc7ULuQWybsVV6TAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUe6pdFjH3Z/yZdSAdKi948Yaz/egwHwYDVR0j BBgwFoAUvn+BPzxsoompzaxWMJdbdidFgQMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NDQyMTZkOC03MGNlLTQ5MDgtYTcyYi1lYzI3M2Y0M2JiYzIvMC9CRTdGODEzRjND NkNBMjg5QTlDREFDNTYzMDk3NUI3NjI3NDU4MTAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYyNzQ1 ODEwMy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY0NDIxNmQ4LTcwY2UtNDkwOC1h NzJiLWVjMjczZjQzYmJjMi8wLzMyMzAzMjJlMzEzNTMwMmUzMTM3MzIyZTMwMmYz MjMzMmQzMjMzMjAzZDNlMjAzNDM1MzczMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBypasMA0GCSqG SIb3DQEBCwUAA4IBAQAcdFfMdkQxTL7lIc3nT4pdixzHtvb28I9TTzgAFX59616Z MqzQCO0P9TBLHhNgQy27rHse5jXdcIwxgH2zgtMOfMFql2mOns5GUjehA6P+M455 0UuOZCg3ers82UomQqk8YTvmqkjjWTowIgCmQhAI0SnGUceuxroNkPB3RqGcX50r zVhCrqeBfdtAufkiTkhmQZwnEJ7JtEOtZn2IifEEHllfrJAQ0h+mJk5ZBExxOO4q vaXexpsu1dDV1FJho1KXj5X8Urc3xs+7IfKG58zlko3JkO2oeeFEAkQnudqYrVP5 TcbDsTS4ig7CDEaeJhZjAyM7UZ4k2xPXipxxP8Qk -----END CERTIFICATE-----Generated at Thu Oct 23 00:22:22 2025 by rpki-client