$ rpki-client -vvf repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa File: 3230322e35322e31312e302f32342d3234203d3e203137363731.roa (raw, json) Hash identifier: GKI/Hj8wUUsqN8Q8yfvDKK5ZNvrTH37P4B+L6/osyPE= Subject key identifier: 8E:39:86:FC:87:58:C1:0C:C9:0C:5A:FD:B7:A3:8A:EF:A5:25:8D:08 Certificate issuer: /CN=D0C90407CCD53717DFEA21D51A8921F20564AB25 Certificate serial: 2AA88E8AA935C9AD2B00A91366ACA644804DF8DF Authority key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa Signing time: Thu 15 May 2025 11:00:02 +0000 ROA not before: Thu 15 May 2025 10:55:02 +0000 ROA not after: Thu 14 May 2026 11:00:02 +0000 asID: 17671 IP address blocks: 202.52.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 02:39:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:a8:8e:8a:a9:35:c9:ad:2b:00:a9:13:66:ac:a6:44:80:4d:f8:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25 Validity Not Before: May 15 10:55:02 2025 GMT Not After : May 14 11:00:02 2026 GMT Subject: CN=8E3986FC8758C10CC90C5AFDB7A38AEFA5258D08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:de:e2:ec:d2:0b:db:91:85:1e:d3:72:f0:93: 58:00:40:9c:18:a9:22:5f:25:1a:15:67:ae:c6:0a: be:a7:b1:53:e9:bb:bb:7d:ef:ef:c5:9d:77:ef:18: f7:84:04:57:17:ca:58:78:dd:98:03:c4:28:34:03: f6:bb:1b:9e:70:f7:77:69:35:5b:cd:eb:b6:d1:25: 2e:07:08:bf:12:c6:83:3c:1c:b6:a3:4e:be:b1:15: d9:07:07:e4:ef:df:b3:22:34:09:d6:9e:05:c8:2b: 48:3e:eb:49:c0:94:4b:63:25:7b:3f:dd:ee:f1:f8: b5:63:7e:58:02:dd:75:2f:f8:c7:ab:3a:60:cc:1e: 5c:1a:fc:11:f0:8f:dd:28:d4:19:96:8d:e6:67:0e: e3:e0:79:ff:d8:b9:ac:05:e2:72:7a:77:a5:fa:1e: 24:f9:60:82:81:6e:56:e2:05:38:bd:f5:3d:b3:7b: bd:b1:7d:8f:96:4c:94:92:b9:56:e9:9d:a0:7e:09: 1c:43:d3:4b:67:66:9e:0c:12:54:d9:87:f7:42:8f: 15:d5:06:1a:2d:e6:26:a7:e3:a9:0c:a2:dc:e6:10: a0:2e:44:37:67:d7:43:5a:57:81:ca:9f:36:17:97: 99:71:32:06:22:d6:0d:9e:b1:b1:34:01:86:13:3d: 26:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:39:86:FC:87:58:C1:0C:C9:0C:5A:FD:B7:A3:8A:EF:A5:25:8D:08 X509v3 Authority Key Identifier: keyid:D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/3230322e35322e31312e302f32342d3234203d3e203137363731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.52.11.0/24 Signature Algorithm: sha256WithRSAEncryption 77:cb:72:c4:61:30:7d:52:a5:29:0f:2a:4b:76:92:16:3b:f9: 08:87:b1:76:40:6a:97:ea:11:c5:64:1a:79:12:55:13:24:ed: 06:a6:16:8f:96:12:0d:a5:76:67:9c:6b:ca:0c:b9:da:12:91: 9e:77:37:b5:00:11:17:65:b7:24:cf:4b:43:8a:7e:0a:dd:0f: 88:80:92:f0:a7:26:9c:16:06:77:4b:b3:59:e8:dd:ba:79:88: 44:87:38:ed:31:b7:b4:b7:4b:4f:8d:99:c8:5c:19:0e:81:1b: 2a:87:17:61:cb:c5:54:9b:78:10:64:d1:44:fd:4f:8c:d8:cf: 41:e1:a3:25:c1:9b:d6:fc:5d:f7:58:58:77:5c:74:0e:c5:4b: ed:3a:b2:11:22:64:46:e2:88:97:d1:3c:e6:87:09:c5:e9:39: 22:4f:39:bd:56:9f:16:7f:62:10:53:44:d5:eb:0d:59:10:ad: f0:81:f3:23:85:53:7c:c8:29:b6:94:1b:da:f0:39:41:72:02: 7a:61:c2:45:0d:d9:89:f1:95:fa:42:61:f3:8b:03:fe:11:59: 1c:dd:d3:7e:c7:03:41:25:ea:f0:d3:93:38:df:95:31:1c:14: 2c:49:de:53:cf:eb:87:94:2c:fc:d5:31:2d:c4:13:d7:46:82: bf:e6:ff:d1 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUKqiOiqk1ya0rAKkTZqymRIBN+N8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIw NTY0QUIyNTAeFw0yNTA1MTUxMDU1MDJaFw0yNjA1MTQxMTAwMDJaMDMxMTAvBgNV BAMTKDhFMzk4NkZDODc1OEMxMENDOTBDNUFGREI3QTM4QUVGQTUyNThEMDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc3uLs0gvbkYUe03Lwk1gAQJwY qSJfJRoVZ67GCr6nsVPpu7t97+/FnXfvGPeEBFcXylh43ZgDxCg0A/a7G55w93dp NVvN67bRJS4HCL8SxoM8HLajTr6xFdkHB+Tv37MiNAnWngXIK0g+60nAlEtjJXs/ 3e7x+LVjflgC3XUv+MerOmDMHlwa/BHwj90o1BmWjeZnDuPgef/YuawF4nJ6d6X6 HiT5YIKBblbiBTi99T2ze72xfY+WTJSSuVbpnaB+CRxD00tnZp4MElTZh/dCjxXV Bhot5ian46kMotzmEKAuRDdn10NaV4HKnzYXl5lxMgYi1g2esbE0AYYTPSa/AgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUjjmG/IdYwQzJDFr9t6OK76UljQgwHwYDVR0j BBgwFoAU0MkEB8zVNxff6iHVGokh8gVkqyUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMC9EMEM5MDQwN0ND RDUzNzE3REZFQTIxRDUxQTg5MjFGMjA1NjRBQjI1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDBDOTA0MDdDQ0Q1MzcxN0RGRUEyMUQ1MUE4OTIxRjIwNTY0 QUIyNS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2LWZlMmEtNDkxYi1h YWM4LTIyMGVhZDBiNTRlMi8wLzMyMzAzMjJlMzUzMjJlMzEzMTJlMzAyZjMyMzQy ZDMyMzQyMDNkM2UyMDMxMzczNjM3MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKNAswDQYJKoZIhvcN AQELBQADggEBAHfLcsRhMH1SpSkPKkt2khY7+QiHsXZAapfqEcVkGnkSVRMk7Qam Fo+WEg2ldmeca8oMudoSkZ53N7UAERdltyTPS0OKfgrdD4iAkvCnJpwWBndLs1no 3bp5iESHOO0xt7S3S0+NmchcGQ6BGyqHF2HLxVSbeBBk0UT9T4zYz0HhoyXBm9b8 XfdYWHdcdA7FS+06shEiZEbiiJfRPOaHCcXpOSJPOb1WnxZ/YhBTRNXrDVkQrfCB 8yOFU3zIKbaUG9rwOUFyAnphwkUN2YnxlfpCYfOLA/4RWRzd037HA0El6vDTkzjf lTEcFCxJ3lPP64eULPzVMS3EE9dGgr/m/9E= -----END CERTIFICATE-----Generated at Mon Oct 27 19:52:30 2025 by rpki-client