$ rpki-client -vvf rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e31362e302f32312d3231203d3e203436303435.roa File: 3132322e3132382e31362e302f32312d3231203d3e203436303435.roa (raw, json) Hash identifier: QjIsYLAQdXRD6h2SZxXBE1ZfdVE4XjnDSV8HWQWoECg= Subject key identifier: CB:BF:94:3A:41:BD:B9:3F:17:6B:66:F3:19:4A:79:E5:74:48:8F:0C Certificate issuer: /CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Certificate serial: 0A9E2E6087F1C4BE81F2705F11CE8C3BDE3B219B Authority key identifier: 68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e31362e302f32312d3231203d3e203436303435.roa Signing time: Sun 03 May 2026 02:26:00 +0000 ROA not before: Sun 03 May 2026 02:21:00 +0000 ROA not after: Sun 02 May 2027 02:26:00 +0000 asID: 46045 IP address blocks: 122.128.16.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:9e:2e:60:87:f1:c4:be:81:f2:70:5f:11:ce:8c:3b:de:3b:21:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Validity Not Before: May 3 02:21:00 2026 GMT Not After : May 2 02:26:00 2027 GMT Subject: CN=CBBF943A41BDB93F176B66F3194A79E574488F0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ba:73:0e:c7:1b:3a:7e:0b:5c:8f:c1:6a:4b: c4:d4:67:9c:0f:5f:b6:c4:c3:8a:d0:20:82:87:a6: f5:b2:ae:16:a5:39:98:eb:87:01:dc:82:15:c9:1f: 4c:67:63:e4:c5:09:3c:a5:8f:e4:e9:6e:6c:75:a8: fb:6b:a8:9d:39:99:64:e2:04:56:d2:d9:65:9a:2f: fe:0c:22:44:34:a2:c6:45:0d:ad:e7:f9:21:12:91: 7d:ef:56:ee:58:96:c3:a9:82:f8:38:54:21:40:28: a7:ef:39:f1:37:9d:95:75:d2:26:57:ad:21:4e:c5: d6:52:8e:4c:05:d5:03:60:52:f7:07:44:35:18:89: ab:df:39:93:b2:1a:8b:4c:48:f9:43:f1:f3:08:1d: 34:a1:da:f2:8b:29:30:59:03:cf:54:b1:5c:b9:cc: db:aa:cc:28:86:11:b8:9c:89:35:af:f9:b1:d7:17: 8c:b7:52:b2:60:6b:fb:49:da:14:fa:2f:75:2d:74: f3:7f:21:60:c8:ff:ea:77:37:34:97:e0:05:b3:12: d9:0d:5c:5c:2b:15:a7:b8:bd:d8:5d:32:74:09:13: 5c:ba:96:7f:11:75:59:aa:66:df:ee:28:6f:49:60: cf:2e:5e:dc:b0:54:76:2c:0d:b5:94:13:d3:d5:44: 15:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:BF:94:3A:41:BD:B9:3F:17:6B:66:F3:19:4A:79:E5:74:48:8F:0C X509v3 Authority Key Identifier: keyid:68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e31362e302f32312d3231203d3e203436303435.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.128.16.0/21 Signature Algorithm: sha256WithRSAEncryption 78:97:c9:4e:d9:49:34:3b:97:0c:cb:ac:d3:fe:87:15:ca:c5: b0:ab:90:bc:0c:32:2d:65:5d:2b:f0:0b:63:0a:41:5a:ae:e0: 31:a1:1b:93:f5:a6:2e:c8:80:de:6c:d0:1d:f5:8d:12:e6:e7: e8:75:b8:93:62:c2:ee:4e:bd:fe:e4:5d:7c:13:da:8b:28:8b: d8:8c:ca:9b:b9:90:aa:47:ab:7e:37:b9:80:74:ea:59:1d:ac: 57:ce:fe:6b:8b:fa:8c:aa:ea:43:79:d5:1b:44:e8:af:2a:70: d8:b6:9a:b1:82:84:6c:15:a6:e0:fa:13:b6:41:54:a9:46:98: af:ed:47:78:59:08:f2:b6:6f:6c:cd:71:89:16:a4:59:23:3e: 4d:80:d5:96:44:87:dc:51:23:7e:79:db:d5:df:b9:84:42:6a: 82:c8:a3:07:ef:b7:e3:48:48:6d:b9:4a:2f:3f:75:48:4b:fa: 9d:c4:4f:67:2a:21:92:88:7b:af:5f:97:60:d1:84:47:bd:ab: e3:e1:63:f7:5a:5a:35:15:f3:6f:31:49:22:63:55:30:30:ef: 1d:86:f3:65:b9:3f:86:39:20:6f:f7:95:c9:b1:47:dd:ab:83: db:40:b6:2b:12:0d:5a:3d:ff:ce:87:bd:fc:16:d4:77:90:ed: 13:ad:be:bd -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUCp4uYIfxxL6B8nBfEc6MO947IZswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjg0REUzNEE2NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJG QjJFNkFBNTAeFw0yNjA1MDMwMjIxMDBaFw0yNzA1MDIwMjI2MDBaMDMxMTAvBgNV BAMTKENCQkY5NDNBNDFCREI5M0YxNzZCNjZGMzE5NEE3OUU1NzQ0ODhGMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDunMOxxs6fgtcj8FqS8TUZ5wP X7bEw4rQIIKHpvWyrhalOZjrhwHcghXJH0xnY+TFCTylj+Tpbmx1qPtrqJ05mWTi BFbS2WWaL/4MIkQ0osZFDa3n+SESkX3vVu5YlsOpgvg4VCFAKKfvOfE3nZV10iZX rSFOxdZSjkwF1QNgUvcHRDUYiavfOZOyGotMSPlD8fMIHTSh2vKLKTBZA89UsVy5 zNuqzCiGEbiciTWv+bHXF4y3UrJga/tJ2hT6L3UtdPN/IWDI/+p3NzSX4AWzEtkN XFwrFae4vdhdMnQJE1y6ln8RdVmqZt/uKG9JYM8uXtywVHYsDbWUE9PVRBUXAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUy7+UOkG9uT8Xa2bzGUp55XRIjwwwHwYDVR0j BBgwFoAUaE3jSmTzr+1EoCOF/LNYgvsuaqUwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Mzg1M2YyMjgtMzdmMi00N2Q5LWI5ZmUtNDc2YmFkZTEzMzkzLzAvNjg0REUzNEE2 NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJGQjJFNkFBNS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS82ODRERTM0QTY0RjNBRkVENDRBMDIzODVGQ0IzNTg4MkZCMkU2 QUE1LmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzM4NTNmMjI4LTM3ZjItNDdkOS1i OWZlLTQ3NmJhZGUxMzM5My8wLzMxMzIzMjJlMzEzMjM4MmUzMTM2MmUzMDJmMzIz MTJkMzIzMTIwM2QzZTIwMzQzNjMwMzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3qAEDANBgkqhkiG 9w0BAQsFAAOCAQEAeJfJTtlJNDuXDMus0/6HFcrFsKuQvAwyLWVdK/ALYwpBWq7g MaEbk/WmLsiA3mzQHfWNEubn6HW4k2LC7k69/uRdfBPaiyiL2IzKm7mQqkerfje5 gHTqWR2sV87+a4v6jKrqQ3nVG0Torypw2LaasYKEbBWm4PoTtkFUqUaYr+1HeFkI 8rZvbM1xiRakWSM+TYDVlkSH3FEjfnnb1d+5hEJqgsijB++340hIbblKLz91SEv6 ncRPZyohkoh7r1+XYNGER72r4+Fj91paNRXzbzFJImNVMDDvHYbzZbk/hjkgb/eV ybFH3auD20C2KxINWj3/zoe9/BbUd5DtE62+vQ== -----END CERTIFICATE-----Generated at Sun May 3 20:01:12 2026 by rpki-client