$ rpki-client -vvf repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132312e302f32342d3234203d3e20313533303632.roa File: 3136302e32352e3132312e302f32342d3234203d3e20313533303632.roa (raw, json) Hash identifier: XtBt14fZ3818vCxS3m952cY63i6gO8+A0tVjyGHPoaU= Subject key identifier: 86:62:D3:1C:33:9F:84:7A:7E:6C:1C:91:CF:DE:8C:84:10:F1:7C:EC Certificate issuer: /CN=961A52A522DEB902D9CBDDE98AF82B424422F566 Certificate serial: 681F62096D1E2F5BE717D82D12E140A82ACD6F80 Authority key identifier: 96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer Subject info access: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132312e302f32342d3234203d3e20313533303632.roa Signing time: Sun 07 Sep 2025 08:00:00 +0000 ROA not before: Sun 07 Sep 2025 07:55:00 +0000 ROA not after: Sun 06 Sep 2026 08:00:00 +0000 asID: 153062 IP address blocks: 160.25.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.crl rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 22:44:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:1f:62:09:6d:1e:2f:5b:e7:17:d8:2d:12:e1:40:a8:2a:cd:6f:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=961A52A522DEB902D9CBDDE98AF82B424422F566 Validity Not Before: Sep 7 07:55:00 2025 GMT Not After : Sep 6 08:00:00 2026 GMT Subject: CN=8662D31C339F847A7E6C1C91CFDE8C8410F17CEC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:e3:d3:a0:20:0b:1c:bb:5b:97:6e:1a:7f:51: ed:16:4f:fd:ef:27:f6:04:24:65:ce:51:4e:38:6d: ed:96:72:94:2d:60:44:96:ef:cc:d0:a1:cc:5f:76: e7:cc:0e:f6:eb:d3:d6:05:be:dd:3c:8c:1e:8d:41: 85:7f:9b:24:48:58:61:6f:71:4d:0b:06:f6:c9:b6: 87:0d:ce:b2:80:36:35:15:6b:af:3b:f2:b6:2b:44: 90:b3:66:eb:9e:57:20:60:ce:83:2a:d0:ba:3d:f2: 20:78:1b:79:e0:29:38:ec:27:84:1f:94:e2:fb:48: dc:5c:89:f6:5f:da:43:fe:d9:59:04:4d:49:c7:54: 17:9c:a6:69:10:5e:c6:e0:55:c5:17:8b:0d:90:73: d5:96:5a:23:e6:52:e6:b3:6f:c0:78:44:b2:7c:dd: 06:37:b4:0b:69:e3:76:9e:c3:51:d2:f6:69:85:69: 02:a0:b6:ad:7d:9c:ae:35:4d:29:59:b4:15:97:d6: 73:04:36:97:58:4a:3f:2e:f1:7a:0c:3d:ae:86:47: 86:d8:04:47:1f:1d:db:26:f2:ea:df:ad:e7:93:87: 66:39:3a:f8:c3:2e:a9:dc:fe:e0:f8:36:f7:49:df: 8b:0a:8b:8e:7a:1d:59:6b:31:f6:f2:d1:fa:83:35: 84:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:62:D3:1C:33:9F:84:7A:7E:6C:1C:91:CF:DE:8C:84:10:F1:7C:EC X509v3 Authority Key Identifier: keyid:96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/3136302e32352e3132312e302f32342d3234203d3e20313533303632.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.121.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:05:35:4a:0e:f6:fb:52:04:bf:4f:16:2d:e8:bf:6c:9a:3e: fa:bf:c2:ef:ab:47:21:22:c8:cd:e4:6f:37:0f:26:40:6d:38: 56:2c:c6:d8:d4:13:17:ee:88:be:13:14:28:1c:08:7e:f2:ab: 22:e9:57:17:63:5c:c1:ec:a1:de:0f:d5:37:ee:85:a4:32:75: 2d:a0:57:65:16:ba:73:f0:f7:95:3e:0c:b5:6f:12:0f:73:30: 10:61:7b:52:41:6a:cd:35:72:47:30:f4:b9:2a:f8:bc:40:2e: c3:42:43:f9:09:39:67:73:69:6f:65:c2:f2:7e:89:05:ec:2d: bf:f0:61:3b:3d:9d:59:4d:bb:ba:ea:da:b6:6a:d9:af:09:1f: 94:fb:c0:36:04:09:ab:86:06:37:7b:c1:a7:a2:b0:85:6b:0f: 91:77:ca:01:01:11:b2:be:53:02:3f:5f:29:67:82:de:5e:32: ca:e1:e0:43:c4:ae:2c:56:ab:8a:6f:93:73:fc:72:d8:43:d2: 9b:f3:47:8c:3d:aa:95:23:5c:96:46:5b:07:45:c5:c5:20:f7: 22:54:4a:72:39:c7:2d:7f:cf:bd:27:44:68:55:3a:10:e7:bd: dd:20:b8:96:e1:d8:2c:a6:cb:11:b7:71:6a:f4:4b:d7:f3:93: 40:41:24:e8 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUaB9iCW0eL1vnF9gtEuFAqCrNb4AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTYxQTUyQTUyMkRFQjkwMkQ5Q0JEREU5OEFGODJCNDI0 NDIyRjU2NjAeFw0yNTA5MDcwNzU1MDBaFw0yNjA5MDYwODAwMDBaMDMxMTAvBgNV BAMTKDg2NjJEMzFDMzM5Rjg0N0E3RTZDMUM5MUNGREU4Qzg0MTBGMTdDRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd49OgIAscu1uXbhp/Ue0WT/3v J/YEJGXOUU44be2WcpQtYESW78zQocxfdufMDvbr09YFvt08jB6NQYV/myRIWGFv cU0LBvbJtocNzrKANjUVa6878rYrRJCzZuueVyBgzoMq0Lo98iB4G3ngKTjsJ4Qf lOL7SNxcifZf2kP+2VkETUnHVBecpmkQXsbgVcUXiw2Qc9WWWiPmUuazb8B4RLJ8 3QY3tAtp43aew1HS9mmFaQKgtq19nK41TSlZtBWX1nMENpdYSj8u8XoMPa6GR4bY BEcfHdsm8urfreeTh2Y5OvjDLqnc/uD4NvdJ34sKi456HVlrMfby0fqDNYTHAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUhmLTHDOfhHp+bByRz96MhBDxfOwwHwYDVR0j BBgwFoAUlhpSpSLeuQLZy93pivgrQkQi9WYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j ZjcyZjAxMi1hNDNhLTRmY2ItODZhOS1hYjNlOTU3M2E4ZDkvMC85NjFBNTJBNTIy REVCOTAyRDlDQkRERTk4QUY4MkI0MjQ0MjJGNTY2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvOTYxQTUyQTUyMkRFQjkwMkQ5Q0JEREU5OEFGODJCNDI0NDIy RjU2Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NmNzJmMDEyLWE0M2EtNGZjYi04 NmE5LWFiM2U5NTczYThkOS8wLzMxMzYzMDJlMzIzNTJlMzEzMjMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMzMzAzNjMyLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAoBl5MA0GCSqG SIb3DQEBCwUAA4IBAQAPBTVKDvb7UgS/TxYt6L9smj76v8Lvq0chIsjN5G83DyZA bThWLMbY1BMX7oi+ExQoHAh+8qsi6VcXY1zB7KHeD9U37oWkMnUtoFdlFrpz8PeV Pgy1bxIPczAQYXtSQWrNNXJHMPS5Kvi8QC7DQkP5CTlnc2lvZcLyfokF7C2/8GE7 PZ1ZTbu66tq2atmvCR+U+8A2BAmrhgY3e8GnorCFaw+Rd8oBARGyvlMCP18pZ4Le XjLK4eBDxK4sVquKb5Nz/HLYQ9Kb80eMPaqVI1yWRlsHRcXFIPciVEpyOcctf8+9 J0RoVToQ573dILiW4dgspssRt3Fq9EvX85NAQSTo -----END CERTIFICATE-----Generated at Tue Oct 21 10:58:40 2025 by rpki-client