$ rpki-client -vvf repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130392e302f32342d3234203d3e20313439373138.roa File: 3232332e32352e3130392e302f32342d3234203d3e20313439373138.roa (raw, json) Hash identifier: d3eM98YfiQHd35IoK+KK/VXjFcXTY4k6PTjZu1TQR90= Subject key identifier: 15:43:87:90:66:FA:3E:BB:47:25:25:ED:A2:48:28:AA:F9:30:B3:92 Certificate issuer: /CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Certificate serial: 038A55F7E75535215A4636A98FFE11B11D5A2620 Authority key identifier: 4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130392e302f32342d3234203d3e20313439373138.roa Signing time: Sun 11 May 2025 12:00:06 +0000 ROA not before: Sun 11 May 2025 11:55:06 +0000 ROA not after: Sun 10 May 2026 12:00:06 +0000 asID: 149718 IP address blocks: 223.25.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 04:50:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:8a:55:f7:e7:55:35:21:5a:46:36:a9:8f:fe:11:b1:1d:5a:26:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787 Validity Not Before: May 11 11:55:06 2025 GMT Not After : May 10 12:00:06 2026 GMT Subject: CN=1543879066FA3EBB472525EDA24828AAF930B392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7d:07:70:bd:c8:9b:89:c0:c5:1a:f7:0c:47: c3:8f:c7:18:a0:f5:93:74:50:43:e8:2d:69:f7:7d: a3:24:c7:84:40:f0:db:2a:ab:92:e8:c8:65:6c:26: 58:3f:4e:82:3a:3b:8e:10:cc:09:7d:a2:74:79:83: ed:c0:9a:1e:49:d8:4f:98:8a:19:cc:ee:b4:ab:d7: d9:92:0d:07:80:1d:28:da:c3:7b:31:90:6d:d8:39: df:94:ca:57:9d:6c:1b:5b:cc:7d:85:95:f0:3e:e2: e0:6e:87:04:dc:36:2b:cf:20:12:4e:b2:d2:f1:db: ad:3a:e8:bf:82:43:d7:83:82:b3:1d:f6:63:ae:0c: 70:0a:f1:75:07:3e:dd:ce:7b:7f:be:8f:f5:da:ed: bc:e9:fc:8d:f8:9a:99:03:2d:55:17:29:11:4a:33: 82:47:82:70:cf:1e:5a:07:f7:96:1a:dc:62:df:d7: 8a:5f:1c:c0:58:4a:bd:80:55:c7:12:11:a2:3b:28: 3f:b6:42:6f:28:d4:43:84:30:5d:9f:50:24:7f:a6: a8:82:da:e0:ad:50:55:ca:62:e8:3b:f4:f1:4f:54: 19:f2:f9:02:4b:d3:39:69:a6:82:18:c4:a1:f8:4b: 83:8a:96:08:58:c8:b8:0c:9d:50:d1:07:cc:f6:dc: 0b:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:43:87:90:66:FA:3E:BB:47:25:25:ED:A2:48:28:AA:F9:30:B3:92 X509v3 Authority Key Identifier: keyid:4B:F1:DC:C0:BC:C5:B1:A4:B6:BE:52:6A:75:FF:33:39:7F:C3:87:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4BF1DCC0BCC5B1A4B6BE526A75FF33397FC38787.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130392e302f32342d3234203d3e20313439373138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.109.0/24 Signature Algorithm: sha256WithRSAEncryption 57:d6:08:65:d9:81:2b:7d:3f:62:fc:2d:a1:76:07:74:11:4a: d9:6a:03:0b:ab:af:4d:a1:62:ba:ee:94:01:bc:1d:2c:66:2c: 4c:b6:e6:6d:e7:02:c6:92:50:12:b1:f4:cf:e4:e2:e3:74:cd: 67:3c:ad:bc:f0:bc:45:96:70:3b:c3:8d:f3:82:18:89:b8:09: 24:cd:96:5a:5d:b9:60:52:71:b7:82:8c:1d:d5:b3:cf:0d:18: cc:dc:db:0f:6a:6e:10:a0:1a:55:c0:74:6e:92:4d:4f:90:cb: 3e:b4:77:d8:73:fe:ed:18:f5:eb:48:6b:a3:ff:d0:9b:21:dd: e2:b8:dc:63:67:3a:80:3b:e1:82:39:0b:71:b0:84:76:94:04: 28:a2:92:ba:17:51:d3:9b:15:5f:bd:de:13:55:ca:af:9e:da: ee:03:c3:68:26:fd:bd:80:65:8d:63:03:9b:62:17:dc:b7:43: 83:97:1a:7f:dc:ee:27:e2:33:d6:68:5c:92:d4:ca:31:4d:a0: e7:86:50:92:15:3c:a3:a7:aa:d3:f4:57:c7:82:2d:65:ff:8a: f2:7d:3e:67:aa:7c:00:79:41:e5:d0:16:be:87:ac:20:06:1b: 4f:bd:8b:88:a9:7f:a3:40:75:d1:d5:90:5e:33:54:58:8c:ef: 9f:ff:e4:91 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUA4pV9+dVNSFaRjapj/4RsR1aJiAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3 RkMzODc4NzAeFw0yNTA1MTExMTU1MDZaFw0yNjA1MTAxMjAwMDZaMDMxMTAvBgNV BAMTKDE1NDM4NzkwNjZGQTNFQkI0NzI1MjVFREEyNDgyOEFBRjkzMEIzOTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHfQdwvcibicDFGvcMR8OPxxig 9ZN0UEPoLWn3faMkx4RA8Nsqq5LoyGVsJlg/ToI6O44QzAl9onR5g+3Amh5J2E+Y ihnM7rSr19mSDQeAHSjaw3sxkG3YOd+UyledbBtbzH2FlfA+4uBuhwTcNivPIBJO stLx26066L+CQ9eDgrMd9mOuDHAK8XUHPt3Oe3++j/Xa7bzp/I34mpkDLVUXKRFK M4JHgnDPHloH95Ya3GLf14pfHMBYSr2AVccSEaI7KD+2Qm8o1EOEMF2fUCR/pqiC 2uCtUFXKYug79PFPVBny+QJL0zlppoIYxKH4S4OKlghYyLgMnVDRB8z23AuvAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUFUOHkGb6PrtHJSXtokgoqvkws5IwHwYDVR0j BBgwFoAUS/HcwLzFsaS2vlJqdf8zOX/Dh4cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDI1NDQxOS01M2JlLTRhZDQtYmY3Zi0yOWY4OTEyNTIzZDAvMC80QkYxRENDMEJD QzVCMUE0QjZCRTUyNkE3NUZGMzMzOTdGQzM4Nzg3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNEJGMURDQzBCQ0M1QjFBNEI2QkU1MjZBNzVGRjMzMzk3RkMz ODc4Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM5MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDM5MzczMTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xltMA0GCSqG SIb3DQEBCwUAA4IBAQBX1ghl2YErfT9i/C2hdgd0EUrZagMLq69NoWK67pQBvB0s ZixMtuZt5wLGklASsfTP5OLjdM1nPK288LxFlnA7w43zghiJuAkkzZZaXblgUnG3 gowd1bPPDRjM3NsPam4QoBpVwHRukk1PkMs+tHfYc/7tGPXrSGuj/9CbId3iuNxj ZzqAO+GCOQtxsIR2lAQoopK6F1HTmxVfvd4TVcqvntruA8NoJv29gGWNYwObYhfc t0ODlxp/3O4n4jPWaFyS1MoxTaDnhlCSFTyjp6rT9FfHgi1l/4ryfT5nqnwAeUHl 0Ba+h6wgBhtPvYuIqX+jQHXR1ZBeM1RYjO+f/+SR -----END CERTIFICATE-----Generated at Sun Jun 8 11:15:04 2025 by rpki-client