$ rpki-client -vvf rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32312e302f32342d3234203d3e203531323032.roa File: 3132322e3132382e32312e302f32342d3234203d3e203531323032.roa (raw, json) Hash identifier: qBUfAntsq3Gd1hTTTeKJeQxEEitXpMPHd1jbETTGZrw= Subject key identifier: 0E:A9:30:77:05:E1:C9:AF:20:30:4E:86:6E:70:8F:EA:4F:6E:D7:7B Certificate issuer: /CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Certificate serial: 20CEB2F52DF54260D0A6DF0FA9BF287D69E3953B Authority key identifier: 68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32312e302f32342d3234203d3e203531323032.roa Signing time: Sun 03 May 2026 02:26:00 +0000 ROA not before: Sun 03 May 2026 02:21:00 +0000 ROA not after: Sun 02 May 2027 02:26:00 +0000 asID: 51202 IP address blocks: 122.128.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:ce:b2:f5:2d:f5:42:60:d0:a6:df:0f:a9:bf:28:7d:69:e3:95:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Validity Not Before: May 3 02:21:00 2026 GMT Not After : May 2 02:26:00 2027 GMT Subject: CN=0EA9307705E1C9AF20304E866E708FEA4F6ED77B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3d:4a:35:af:6d:0c:08:ae:8c:a3:0c:ec:a7: 51:cf:fc:43:4f:4b:50:40:78:e6:55:9f:25:19:5b: fc:8d:ef:8c:2e:39:f4:ae:8b:b6:97:71:0b:2e:75: 69:0f:c3:4b:d8:b7:97:9c:a6:17:64:0c:ce:e0:41: 98:56:7b:62:5d:c6:84:93:2e:8c:eb:7b:c0:7f:35: 0b:0d:2b:d3:2b:45:38:91:90:42:f0:8f:a9:95:6e: 1b:03:5d:31:62:c8:e4:19:7a:eb:69:dd:16:83:56: 20:6f:07:5f:1b:f0:bf:14:41:12:6e:6c:94:00:38: 93:92:86:cc:5b:45:04:20:a5:0d:17:03:23:ef:f9: 71:ac:24:00:ab:72:af:01:a4:1c:e4:3a:25:9d:d8: 2e:91:f6:a8:ea:ec:02:b6:62:b1:0e:a1:a1:65:c2: f3:b4:fc:74:20:71:85:8d:c5:67:bc:e0:d9:00:b4: c0:33:3d:11:ee:21:c2:0b:5e:ab:1a:ef:9e:57:fd: 5d:5b:22:ae:c3:3f:b6:57:fb:c7:17:42:10:82:23: 35:59:7b:33:3f:f6:92:ba:20:d3:7e:7b:5a:69:1c: 44:40:78:4b:62:8b:33:05:91:84:a8:0b:3d:e9:6d: c8:5c:12:a6:3b:1a:56:ba:62:38:08:94:9b:2b:ce: 5a:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:A9:30:77:05:E1:C9:AF:20:30:4E:86:6E:70:8F:EA:4F:6E:D7:7B X509v3 Authority Key Identifier: keyid:68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32312e302f32342d3234203d3e203531323032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.128.21.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:b0:19:bc:bb:7a:a2:83:ff:b9:9b:4c:6e:40:ec:19:e4:9a: 2f:60:d2:92:fd:2b:91:4d:90:d6:c9:7e:8c:97:ae:8c:83:a0: 67:af:dc:6b:0a:2b:0d:5f:bd:2b:17:5c:fe:9b:39:49:06:6d: cf:32:9a:ac:20:1a:4b:88:df:63:3d:f4:c3:65:dd:50:51:6c: 10:2d:b8:d7:e8:f9:f8:13:cf:27:1b:09:5a:2b:89:86:40:c0: 99:b8:f2:79:95:53:6c:aa:ab:c4:0c:8b:ba:3a:bf:a6:18:fb: 66:3b:ca:5b:60:39:3d:5d:81:94:48:a6:ec:ee:2d:a8:e1:62: dc:88:9f:74:1c:da:9d:68:a4:c7:d1:65:72:6e:53:a7:74:0c: 3f:77:e0:fa:e8:1c:0e:d1:88:51:cf:66:aa:a2:7e:a8:8a:00: 32:14:72:3b:ff:36:b3:43:36:d2:43:c0:4f:dc:1d:ba:78:32: a4:0d:7f:b6:89:c5:97:9b:84:cc:1f:0c:95:a0:87:72:3c:61: 19:ea:91:3f:97:18:23:cf:e0:88:6f:39:a1:30:9e:fe:fc:9b: 1b:d1:1c:86:ac:b3:4d:60:7e:37:bf:29:2e:80:61:5c:c3:af: 00:4b:93:d8:39:39:ee:57:26:6a:55:51:35:f1:96:91:35:74: f2:5c:3c:42 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUIM6y9S31QmDQpt8Pqb8ofWnjlTswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjg0REUzNEE2NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJG QjJFNkFBNTAeFw0yNjA1MDMwMjIxMDBaFw0yNzA1MDIwMjI2MDBaMDMxMTAvBgNV BAMTKDBFQTkzMDc3MDVFMUM5QUYyMDMwNEU4NjZFNzA4RkVBNEY2RUQ3N0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpPUo1r20MCK6Mowzsp1HP/ENP S1BAeOZVnyUZW/yN74wuOfSui7aXcQsudWkPw0vYt5ecphdkDM7gQZhWe2JdxoST Lozre8B/NQsNK9MrRTiRkELwj6mVbhsDXTFiyOQZeutp3RaDViBvB18b8L8UQRJu bJQAOJOShsxbRQQgpQ0XAyPv+XGsJACrcq8BpBzkOiWd2C6R9qjq7AK2YrEOoaFl wvO0/HQgcYWNxWe84NkAtMAzPRHuIcILXqsa755X/V1bIq7DP7ZX+8cXQhCCIzVZ ezM/9pK6INN+e1ppHERAeEtiizMFkYSoCz3pbchcEqY7Gla6YjgIlJsrzlp7AgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUDqkwdwXhya8gME6GbnCP6k9u13swHwYDVR0j BBgwFoAUaE3jSmTzr+1EoCOF/LNYgvsuaqUwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Mzg1M2YyMjgtMzdmMi00N2Q5LWI5ZmUtNDc2YmFkZTEzMzkzLzAvNjg0REUzNEE2 NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJGQjJFNkFBNS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS82ODRERTM0QTY0RjNBRkVENDRBMDIzODVGQ0IzNTg4MkZCMkU2 QUE1LmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzM4NTNmMjI4LTM3ZjItNDdkOS1i OWZlLTQ3NmJhZGUxMzM5My8wLzMxMzIzMjJlMzEzMjM4MmUzMjMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzUzMTMyMzAzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHqAFTANBgkqhkiG 9w0BAQsFAAOCAQEAm7AZvLt6ooP/uZtMbkDsGeSaL2DSkv0rkU2Q1sl+jJeujIOg Z6/caworDV+9Kxdc/ps5SQZtzzKarCAaS4jfYz30w2XdUFFsEC241+j5+BPPJxsJ WiuJhkDAmbjyeZVTbKqrxAyLujq/phj7ZjvKW2A5PV2BlEim7O4tqOFi3IifdBza nWikx9Flcm5Tp3QMP3fg+ugcDtGIUc9mqqJ+qIoAMhRyO/82s0M20kPAT9wdungy pA1/tonFl5uEzB8MlaCHcjxhGeqRP5cYI8/giG85oTCe/vybG9EchqyzTWB+N78p LoBhXMOvAEuT2Dk57lcmalVRNfGWkTV08lw8Qg== -----END CERTIFICATE-----Generated at Sun May 3 20:01:24 2026 by rpki-client