$ rpki-client -vvf repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/3130332e3233392e32302e302f32342d3234203d3e20313531353139.roa File: 3130332e3233392e32302e302f32342d3234203d3e20313531353139.roa (raw, json) Hash identifier: 20qa29YtuQDpydBxT+l3i2qfQTa2+tFQJ7mFZgoSVhk= Subject key identifier: CD:96:F9:9F:A6:B2:D2:6D:11:FE:BF:45:3B:5A:8B:51:5C:88:58:87 Certificate issuer: /CN=FE5652AD4702104DB082C396B05EE5D04542E7D7 Certificate serial: 610D275F3160A269050B39F2E9C3E6C72A9D4830 Authority key identifier: FE:56:52:AD:47:02:10:4D:B0:82:C3:96:B0:5E:E5:D0:45:42:E7:D7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE5652AD4702104DB082C396B05EE5D04542E7D7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/3130332e3233392e32302e302f32342d3234203d3e20313531353139.roa Signing time: Thu 04 Sep 2025 10:00:00 +0000 ROA not before: Thu 04 Sep 2025 09:55:00 +0000 ROA not after: Thu 03 Sep 2026 10:00:00 +0000 asID: 151519 IP address blocks: 103.239.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/FE5652AD4702104DB082C396B05EE5D04542E7D7.crl rsync://repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/FE5652AD4702104DB082C396B05EE5D04542E7D7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE5652AD4702104DB082C396B05EE5D04542E7D7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 12:26:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:0d:27:5f:31:60:a2:69:05:0b:39:f2:e9:c3:e6:c7:2a:9d:48:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FE5652AD4702104DB082C396B05EE5D04542E7D7 Validity Not Before: Sep 4 09:55:00 2025 GMT Not After : Sep 3 10:00:00 2026 GMT Subject: CN=CD96F99FA6B2D26D11FEBF453B5A8B515C885887 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:5d:c9:01:87:69:c2:16:42:0c:6f:85:34:d0: 5e:67:5a:75:f5:10:0d:ce:13:c1:d3:b3:f8:95:17: 9e:5a:a3:9b:76:14:01:62:3f:88:2b:d6:39:9c:88: f1:a7:40:68:4d:25:d0:6a:56:bf:8d:b5:f5:61:48: 73:5f:00:ed:da:17:32:3a:64:a1:de:c1:e4:bf:55: 9d:bb:0b:23:59:c6:5c:8d:02:18:e1:c8:c2:41:bb: b5:92:b1:b5:ff:ea:a2:64:74:a3:ca:0a:a1:b1:fa: 51:da:5e:c1:8e:db:04:de:6d:04:97:a9:78:b1:c4: ad:1c:dd:77:f0:64:0f:aa:3c:4e:aa:8e:d7:e9:34: 56:14:da:0d:56:4f:40:0d:4e:4b:18:99:0b:7f:84: f9:73:28:56:26:ae:75:59:fb:b8:6a:12:12:38:11: 23:f4:75:7d:f3:53:f2:5a:92:44:d3:93:43:a5:3f: bb:58:bb:bc:69:8c:f3:fd:80:30:eb:86:0c:23:cf: be:e9:03:64:27:b7:f9:92:f4:3f:dc:31:39:86:e8: bb:a8:a7:45:80:10:e0:b1:b4:68:2e:be:c5:38:29: 43:0e:46:68:ea:00:0b:d0:2c:4f:d7:01:fd:f5:58: 1d:6c:4b:3b:e4:b0:e3:cc:c7:b5:09:12:20:2a:b6: e0:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:96:F9:9F:A6:B2:D2:6D:11:FE:BF:45:3B:5A:8B:51:5C:88:58:87 X509v3 Authority Key Identifier: keyid:FE:56:52:AD:47:02:10:4D:B0:82:C3:96:B0:5E:E5:D0:45:42:E7:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/FE5652AD4702104DB082C396B05EE5D04542E7D7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FE5652AD4702104DB082C396B05EE5D04542E7D7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7afd57a-e6de-4a5f-b5c6-10865d5a8c98/0/3130332e3233392e32302e302f32342d3234203d3e20313531353139.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.239.20.0/24 Signature Algorithm: sha256WithRSAEncryption 22:4d:6e:11:6d:9c:88:bb:7a:1f:81:51:84:c8:00:af:81:ca: d3:50:0c:92:d0:87:c8:b9:9e:43:e1:67:e3:b3:ca:71:57:b5: e8:e2:e8:ff:a2:10:52:18:e6:33:38:95:98:37:4e:b4:db:7e: 1b:c5:5b:80:25:72:e6:a3:2a:77:84:03:98:3a:68:78:b1:62: 5b:7e:66:5b:46:c3:e7:d5:96:37:79:9e:37:e0:8a:75:ed:44: 8b:47:19:9f:2a:53:3e:99:6c:40:b9:09:74:84:07:ec:24:4f: dd:c5:87:59:73:b3:81:0b:fd:20:93:ba:3e:c6:75:3d:4b:72: 4a:79:cd:c9:8e:5e:7e:df:e7:98:73:5c:2d:e2:91:c0:0d:62: 60:5d:0f:f4:61:2e:2a:e2:cc:72:5d:12:79:d5:cb:22:75:3b: 7e:4a:0a:0e:e4:43:0b:01:a5:34:66:49:58:0e:55:55:ad:b3: 53:fc:64:97:15:58:dc:b4:65:9b:9e:a1:72:0d:e3:69:17:84: 96:9c:bb:db:a6:51:ed:9b:28:bd:11:6b:1a:05:22:3b:4b:3d: d7:cf:ce:a3:8d:c5:88:b7:6b:c0:15:be:a8:5b:73:18:76:f8: 8a:01:03:76:8e:92:b1:56:e5:a7:87:ea:f3:10:94:09:79:87: 0f:e0:82:be -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUYQ0nXzFgomkFCzny6cPmxyqdSDAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkU1NjUyQUQ0NzAyMTA0REIwODJDMzk2QjA1RUU1RDA0 NTQyRTdENzAeFw0yNTA5MDQwOTU1MDBaFw0yNjA5MDMxMDAwMDBaMDMxMTAvBgNV BAMTKENEOTZGOTlGQTZCMkQyNkQxMUZFQkY0NTNCNUE4QjUxNUM4ODU4ODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9XckBh2nCFkIMb4U00F5nWnX1 EA3OE8HTs/iVF55ao5t2FAFiP4gr1jmciPGnQGhNJdBqVr+NtfVhSHNfAO3aFzI6 ZKHeweS/VZ27CyNZxlyNAhjhyMJBu7WSsbX/6qJkdKPKCqGx+lHaXsGO2wTebQSX qXixxK0c3XfwZA+qPE6qjtfpNFYU2g1WT0ANTksYmQt/hPlzKFYmrnVZ+7hqEhI4 ESP0dX3zU/JakkTTk0OlP7tYu7xpjPP9gDDrhgwjz77pA2Qnt/mS9D/cMTmG6Luo p0WAEOCxtGguvsU4KUMORmjqAAvQLE/XAf31WB1sSzvksOPMx7UJEiAqtuDrAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUzZb5n6ay0m0R/r9FO1qLUVyIWIcwHwYDVR0j BBgwFoAU/lZSrUcCEE2wgsOWsF7l0EVC59cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h N2FmZDU3YS1lNmRlLTRhNWYtYjVjNi0xMDg2NWQ1YThjOTgvMC9GRTU2NTJBRDQ3 MDIxMDREQjA4MkMzOTZCMDVFRTVEMDQ1NDJFN0Q3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRkU1NjUyQUQ0NzAyMTA0REIwODJDMzk2QjA1RUU1RDA0NTQy RTdENy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3YWZkNTdhLWU2ZGUtNGE1Zi1i NWM2LTEwODY1ZDVhOGM5OC8wLzMxMzAzMzJlMzIzMzM5MmUzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMxMzUzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+8UMA0GCSqG SIb3DQEBCwUAA4IBAQAiTW4RbZyIu3ofgVGEyACvgcrTUAyS0IfIuZ5D4Wfjs8px V7Xo4uj/ohBSGOYzOJWYN060234bxVuAJXLmoyp3hAOYOmh4sWJbfmZbRsPn1ZY3 eZ434Ip17USLRxmfKlM+mWxAuQl0hAfsJE/dxYdZc7OBC/0gk7o+xnU9S3JKec3J jl5+3+eYc1wt4pHADWJgXQ/0YS4q4sxyXRJ51csidTt+SgoO5EMLAaU0ZklYDlVV rbNT/GSXFVjctGWbnqFyDeNpF4SWnLvbplHtmyi9EWsaBSI7Sz3Xz86jjcWIt2vA Fb6oW3MYdviKAQN2jpKxVuWnh+rzEJQJeYcP4IK+ -----END CERTIFICATE-----Generated at Mon Sep 8 10:42:07 2025 by rpki-client