$ rpki-client -vvf repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/3130332e3232352e3137322e302f32332d3233203d3e20313333333339.roa File: 3130332e3232352e3137322e302f32332d3233203d3e20313333333339.roa (raw, json) Hash identifier: QKnDfI5JZwZIhQbf8UO2aLqMOetRSqXuRiirKlhDi1U= Subject key identifier: 68:7F:2E:B5:85:6C:5E:D5:96:86:9B:CA:1D:32:16:B7:07:D5:4A:02 Certificate issuer: /CN=019C4E26EEC252EA61FBB09FD856CDD057CEAD8C Certificate serial: 4BB54C9658DDF996B2F86592B807432EB119CCC9 Authority key identifier: 01:9C:4E:26:EE:C2:52:EA:61:FB:B0:9F:D8:56:CD:D0:57:CE:AD:8C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/3130332e3232352e3137322e302f32332d3233203d3e20313333333339.roa Signing time: Wed 03 Sep 2025 23:01:37 +0000 ROA not before: Wed 03 Sep 2025 22:56:37 +0000 ROA not after: Wed 02 Sep 2026 23:01:37 +0000 asID: 133339 IP address blocks: 103.225.172.0/23 maxlen: 23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.crl rsync://repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 22:51:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:b5:4c:96:58:dd:f9:96:b2:f8:65:92:b8:07:43:2e:b1:19:cc:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=019C4E26EEC252EA61FBB09FD856CDD057CEAD8C Validity Not Before: Sep 3 22:56:37 2025 GMT Not After : Sep 2 23:01:37 2026 GMT Subject: CN=687F2EB5856C5ED596869BCA1D3216B707D54A02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ba:db:b0:3c:0b:3f:e3:57:dd:8f:a1:90:97: ca:55:30:00:0a:96:62:e5:ec:11:7c:25:c3:aa:26: 57:b8:44:9d:23:7b:b7:3f:6a:30:ac:96:72:ea:51: 27:7d:87:7c:01:31:3f:d5:61:ca:7a:35:c8:11:3c: 8f:fb:bc:46:fd:28:5c:dc:65:25:43:14:f9:8a:2d: 56:e4:a5:d5:7d:e6:ad:ae:80:f1:b5:a7:7e:23:e5: d0:7e:9e:6a:25:08:08:0b:dc:e4:13:b6:5b:2f:8d: f5:4a:37:b3:4f:a3:55:d8:bd:b5:3b:04:10:7b:b2: 81:ef:0f:d2:4d:b6:7d:20:c2:90:a5:70:d5:a6:e4: 7a:c3:88:d0:3c:2e:1f:75:7b:a6:56:fd:e9:01:26: e5:2e:9f:77:33:6d:83:3b:fb:be:df:02:72:7c:67: 85:8a:c5:38:74:bc:dc:df:b8:b9:2a:6c:58:e5:fe: c9:c8:66:d7:09:00:9d:79:4b:79:dd:45:56:a0:8d: d7:80:45:78:fa:88:8a:ad:9a:f7:19:bb:f1:c9:ac: 2c:69:dc:a1:12:aa:1d:cc:08:ad:23:d4:63:e8:94: 4d:fd:68:50:49:51:ab:d2:d3:e6:43:42:8c:7f:36: 78:9c:95:21:93:50:7e:39:c9:c9:cc:92:02:54:18: 60:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7F:2E:B5:85:6C:5E:D5:96:86:9B:CA:1D:32:16:B7:07:D5:4A:02 X509v3 Authority Key Identifier: keyid:01:9C:4E:26:EE:C2:52:EA:61:FB:B0:9F:D8:56:CD:D0:57:CE:AD:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/019C4E26EEC252EA61FBB09FD856CDD057CEAD8C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bd5c4715-282e-457f-b89e-041bf9110af8/0/3130332e3232352e3137322e302f32332d3233203d3e20313333333339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.225.172.0/23 Signature Algorithm: sha256WithRSAEncryption 90:4c:f0:df:dd:1f:4b:96:9b:44:ee:8d:a6:dd:42:ee:18:e9: e0:74:28:e1:5f:8e:38:b8:92:d0:dd:ef:35:d7:bc:95:e0:e6: 48:59:af:0e:6d:e1:49:a9:9c:7f:98:0d:92:8c:8a:29:89:8e: 73:67:26:ab:3b:14:dd:c7:ac:a9:00:b4:3d:96:a2:e9:cc:96: 18:07:fc:8d:09:3f:65:9b:10:8e:68:f5:cb:11:89:31:14:27: 34:a5:14:8d:e1:72:66:9d:ef:f0:e1:a0:46:5c:b8:9e:07:d1: dc:2a:be:81:72:d7:8c:e8:b1:a7:2a:ec:11:1d:e4:4b:ed:d6: 3d:e9:3f:72:2d:9f:c5:fe:f1:b5:b9:01:4d:59:ca:0d:b0:e3: 4b:dc:4b:fb:76:38:3e:7e:81:6a:c2:dd:a3:b1:83:4e:c0:29: 87:76:a2:0c:41:10:0b:79:5a:ad:b4:fe:01:e8:35:92:2a:7d: b4:ba:03:a6:a9:dc:07:2b:1c:e6:e8:f7:9a:16:4f:c0:78:2a: da:79:71:99:6b:97:27:09:d7:6a:0a:7d:0d:30:c3:3c:2d:85: d9:b2:7f:69:04:0a:51:05:0b:9c:62:c1:3f:05:2e:3c:50:3f: cd:1d:00:71:c2:01:bb:69:0e:9f:41:40:62:8b:f6:ea:7a:56: c8:7f:71:25 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgIUS7VMlljd+Zay+GWSuAdDLrEZzMkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDE5QzRFMjZFRUMyNTJFQTYxRkJCMDlGRDg1NkNERDA1 N0NFQUQ4QzAeFw0yNTA5MDMyMjU2MzdaFw0yNjA5MDIyMzAxMzdaMDMxMTAvBgNV BAMTKDY4N0YyRUI1ODU2QzVFRDU5Njg2OUJDQTFEMzIxNkI3MDdENTRBMDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9utuwPAs/41fdj6GQl8pVMAAK lmLl7BF8JcOqJle4RJ0je7c/ajCslnLqUSd9h3wBMT/VYcp6NcgRPI/7vEb9KFzc ZSVDFPmKLVbkpdV95q2ugPG1p34j5dB+nmolCAgL3OQTtlsvjfVKN7NPo1XYvbU7 BBB7soHvD9JNtn0gwpClcNWm5HrDiNA8Lh91e6ZW/ekBJuUun3czbYM7+77fAnJ8 Z4WKxTh0vNzfuLkqbFjl/snIZtcJAJ15S3ndRVagjdeARXj6iIqtmvcZu/HJrCxp 3KESqh3MCK0j1GPolE39aFBJUavS0+ZDQox/NniclSGTUH45ycnMkgJUGGCBAgMB AAGjggI2MIICMjAdBgNVHQ4EFgQUaH8utYVsXtWWhpvKHTIWtwfVSgIwHwYDVR0j BBgwFoAUAZxOJu7CUuph+7Cf2FbN0FfOrYwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZDVjNDcxNS0yODJlLTQ1N2YtYjg5ZS0wNDFiZjkxMTBhZjgvMC8wMTlDNEUyNkVF QzI1MkVBNjFGQkIwOUZEODU2Q0REMDU3Q0VBRDhDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDE5QzRFMjZFRUMyNTJFQTYxRkJCMDlGRDg1NkNERDA1N0NF QUQ4Qy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkNWM0NzE1LTI4MmUtNDU3Zi1i ODllLTA0MWJmOTExMGFmOC8wLzMxMzAzMzJlMzIzMjM1MmUzMTM3MzIyZTMwMmYz MjMzMmQzMjMzMjAzZDNlMjAzMTMzMzMzMzMzMzkucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFn4awwDQYJ KoZIhvcNAQELBQADggEBAJBM8N/dH0uWm0TujabdQu4Y6eB0KOFfjji4ktDd7zXX vJXg5khZrw5t4UmpnH+YDZKMiimJjnNnJqs7FN3HrKkAtD2WounMlhgH/I0JP2Wb EI5o9csRiTEUJzSlFI3hcmad7/DhoEZcuJ4H0dwqvoFy14zosacq7BEd5Evt1j3p P3Itn8X+8bW5AU1Zyg2w40vcS/t2OD5+gWrC3aOxg07AKYd2ogxBEAt5Wq20/gHo NZIqfbS6A6ap3AcrHObo95oWT8B4Ktp5cZlrlycJ12oKfQ0wwzwthdmyf2kEClEF C5xiwT8FLjxQP80dAHHCAbtpDp9BQGKL9up6Vsh/cSU= -----END CERTIFICATE-----Generated at Tue Sep 9 08:13:13 2025 by rpki-client