$ rpki-client -vvf repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132302e302f32342d3234203d3e20313533303632.roa File: 3136302e32352e3132302e302f32342d3234203d3e20313533303632.roa (raw, json) Hash identifier: N9c4heSXbZO9oKOiPxMzMpy/UHaeJZCIa3f88aATMcc= Subject key identifier: 4B:7F:74:12:6D:F7:7A:4F:51:CC:8F:3A:E8:E1:E6:43:34:D9:47:F0 Certificate issuer: /CN=961A52A522DEB902D9CBDDE98AF82B424422F566 Certificate serial: 6967A690283A6EBEA4D4AF488046741438BB2E5A Authority key identifier: 96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132302e302f32342d3234203d3e20313533303632.roa Signing time: Sun 07 Sep 2025 08:00:00 +0000 ROA not before: Sun 07 Sep 2025 07:55:00 +0000 ROA not after: Sun 06 Sep 2026 08:00:00 +0000 asID: 153062 IP address blocks: 160.25.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.crl rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 22:44:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:67:a6:90:28:3a:6e:be:a4:d4:af:48:80:46:74:14:38:bb:2e:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=961A52A522DEB902D9CBDDE98AF82B424422F566 Validity Not Before: Sep 7 07:55:00 2025 GMT Not After : Sep 6 08:00:00 2026 GMT Subject: CN=4B7F74126DF77A4F51CC8F3AE8E1E64334D947F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:0d:94:3e:db:0f:e6:e9:ca:00:ad:f7:e7:de: 19:01:6b:34:a1:c4:b6:c6:7e:95:25:5b:7e:73:ea: 28:f8:c9:4b:37:7c:ff:8c:e3:09:cf:05:a3:a6:6c: 26:ee:19:cf:6b:71:b0:11:d3:57:67:da:1c:0f:b4: fd:a8:08:02:92:0f:93:d8:9d:75:60:6c:0f:78:96: d0:15:39:5f:7e:85:a1:a7:9f:0d:49:33:73:0d:f9: 5d:15:1d:9b:c2:4a:6c:88:39:fb:68:92:e8:95:1e: 10:39:51:33:42:6e:1e:17:ed:cb:e5:2e:5b:4c:a5: 65:9a:7b:ab:10:e1:6b:7b:30:69:0e:22:9b:3b:ca: 08:13:91:d3:11:3c:22:83:25:48:57:0e:3e:d7:69: 13:29:12:6a:f6:4e:c5:45:e1:4e:5c:e9:ed:98:45: 91:3e:91:e8:39:e9:e9:4e:00:4d:3b:78:b7:69:00: ae:cc:9a:61:7a:f7:34:0f:be:9b:38:59:db:f3:06: 45:ed:05:1c:ca:b3:04:1e:a8:75:21:13:59:fd:6e: d7:40:74:9d:1d:5b:9a:70:1a:cd:e5:bd:c7:03:9d: 27:50:af:81:ff:ef:02:f2:58:a7:11:e7:5c:88:98: 29:b8:36:d0:84:cd:68:37:b6:cb:1d:87:54:db:98: 21:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:7F:74:12:6D:F7:7A:4F:51:CC:8F:3A:E8:E1:E6:43:34:D9:47:F0 X509v3 Authority Key Identifier: keyid:96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132302e302f32342d3234203d3e20313533303632.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.120.0/24 Signature Algorithm: sha256WithRSAEncryption 48:cb:fe:81:00:98:4d:00:3f:1a:9a:f9:18:8c:3b:93:bf:1d: 5e:85:52:cd:ba:af:0b:ad:08:e1:10:f9:92:40:b2:8f:b1:54: 07:71:08:9e:66:a4:39:e6:64:72:b2:09:fd:f0:fe:fe:87:65: 78:0f:93:70:5d:3d:c5:d3:b4:d3:97:0f:46:77:8d:a7:0f:6c: 39:60:b7:14:da:d2:6d:53:81:1a:0f:51:45:8b:fc:bb:54:02: e2:39:b9:99:55:ea:46:d0:ac:e2:26:27:2c:ad:10:fd:67:7c: be:05:1c:1e:b5:44:d6:9b:f7:31:39:43:dd:db:25:cc:1a:b5: c5:af:a3:cc:f0:fb:0e:95:11:69:59:03:11:22:4e:79:1a:3d: 67:09:b4:41:9e:ea:fa:06:65:ec:ec:27:06:91:e9:05:de:93: cb:d7:68:7e:73:45:8a:bb:5c:72:83:e1:19:3f:dc:89:71:9e: e1:35:3f:72:e6:00:9f:60:6a:8c:ce:fc:d9:cb:ed:a0:4a:be: 25:61:8c:20:30:6c:14:e6:45:56:02:de:f4:0e:06:ac:d6:8d: 71:c5:e2:a8:c3:6f:77:17:26:27:54:35:9f:db:fa:5f:0d:92: d8:07:37:9c:b2:6f:a3:0d:7c:ff:16:4b:7e:d1:fe:f4:2a:3f: 4b:ff:3f:bc -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUaWemkCg6br6k1K9IgEZ0FDi7LlowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTYxQTUyQTUyMkRFQjkwMkQ5Q0JEREU5OEFGODJCNDI0 NDIyRjU2NjAeFw0yNTA5MDcwNzU1MDBaFw0yNjA5MDYwODAwMDBaMDMxMTAvBgNV BAMTKDRCN0Y3NDEyNkRGNzdBNEY1MUNDOEYzQUU4RTFFNjQzMzREOTQ3RjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRDZQ+2w/m6coArffn3hkBazSh xLbGfpUlW35z6ij4yUs3fP+M4wnPBaOmbCbuGc9rcbAR01dn2hwPtP2oCAKSD5PY nXVgbA94ltAVOV9+haGnnw1JM3MN+V0VHZvCSmyIOftokuiVHhA5UTNCbh4X7cvl LltMpWWae6sQ4Wt7MGkOIps7yggTkdMRPCKDJUhXDj7XaRMpEmr2TsVF4U5c6e2Y RZE+keg56elOAE07eLdpAK7MmmF69zQPvps4WdvzBkXtBRzKswQeqHUhE1n9btdA dJ0dW5pwGs3lvccDnSdQr4H/7wLyWKcR51yImCm4NtCEzWg3tssdh1TbmCH1AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUS390Em33ek9RzI866OHmQzTZR/AwHwYDVR0j BBgwFoAUlhpSpSLeuQLZy93pivgrQkQi9WYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZjcyZjAxMi1hNDNhLTRmY2ItODZhOS1hYjNlOTU3M2E4ZDkvMC85NjFBNTJBNTIy REVCOTAyRDlDQkRERTk4QUY4MkI0MjQ0MjJGNTY2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOTYxQTUyQTUyMkRFQjkwMkQ5Q0JEREU5OEFGODJCNDI0NDIy RjU2Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NmNzJmMDEyLWE0M2EtNGZjYi04 NmE5LWFiM2U5NTczYThkOS8wLzMxMzYzMDJlMzIzNTJlMzEzMjMwMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzNjMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBl4MA0GCSqG SIb3DQEBCwUAA4IBAQBIy/6BAJhNAD8amvkYjDuTvx1ehVLNuq8LrQjhEPmSQLKP sVQHcQieZqQ55mRysgn98P7+h2V4D5NwXT3F07TTlw9Gd42nD2w5YLcU2tJtU4Ea D1FFi/y7VALiObmZVepG0KziJicsrRD9Z3y+BRwetUTWm/cxOUPd2yXMGrXFr6PM 8PsOlRFpWQMRIk55Gj1nCbRBnur6BmXs7CcGkekF3pPL12h+c0WKu1xyg+EZP9yJ cZ7hNT9y5gCfYGqMzvzZy+2gSr4lYYwgMGwU5kVWAt70Dgas1o1xxeKow293FyYn VDWf2/pfDZLYBzecsm+jDXz/Fkt+0f70Kj9L/z+8 -----END CERTIFICATE-----Generated at Tue Oct 21 10:58:42 2025 by rpki-client