$ rpki-client -vvf rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32322e302f32342d3234203d3e203436303435.roa File: 3132322e3132382e32322e302f32342d3234203d3e203436303435.roa (raw, json) Hash identifier: sGqaucoiUMSpvJe6Y7d7aRIvCySU6Gl0kNce7gLs15k= Subject key identifier: 43:3C:B2:29:D8:45:36:98:E2:4D:58:8F:A5:31:E4:F9:EB:A6:3B:01 Certificate issuer: /CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Certificate serial: 0F41152D3282FAA566128C50DC402847DE887D8D Authority key identifier: 68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32322e302f32342d3234203d3e203436303435.roa Signing time: Sun 03 May 2026 02:25:59 +0000 ROA not before: Sun 03 May 2026 02:20:59 +0000 ROA not after: Sun 02 May 2027 02:25:59 +0000 asID: 46045 IP address blocks: 122.128.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:14:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:41:15:2d:32:82:fa:a5:66:12:8c:50:dc:40:28:47:de:88:7d:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Validity Not Before: May 3 02:20:59 2026 GMT Not After : May 2 02:25:59 2027 GMT Subject: CN=433CB229D8453698E24D588FA531E4F9EBA63B01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:07:04:5b:8a:9a:08:7a:a7:e3:47:fc:d4:43: c7:29:66:f4:65:e7:56:4f:c9:88:0c:34:e7:54:2a: 8b:e7:df:c0:dc:1f:95:bd:02:d4:30:24:1d:af:0e: 12:ec:62:17:b9:da:87:cb:a5:50:0b:0a:3d:a7:19: 12:02:82:7b:45:f7:04:12:36:f1:64:82:5a:8e:f5: 10:b0:4b:74:77:d3:ce:c8:d7:29:ad:f9:b0:82:c4: c4:72:17:1c:87:84:c2:e5:76:95:08:48:6c:28:35: 08:aa:d2:ad:d4:65:b4:88:31:6a:c0:d6:89:40:15: a1:e4:04:33:cb:8c:07:7c:79:76:a6:95:fe:78:f0: cc:e1:8c:66:2d:1e:6e:47:eb:89:60:f3:73:e8:d9: 81:f0:d7:c6:35:af:65:3a:54:63:ae:18:53:7f:a1: 17:37:17:10:8e:84:50:7a:41:f3:b5:d4:2e:01:18: 1c:83:e4:c0:4d:35:4c:e4:51:96:48:ae:3c:ef:e6: 04:fa:c0:19:a2:fe:7d:ee:e5:0e:e7:06:97:9c:30: 17:33:24:5c:0a:3b:10:97:13:5f:64:f8:25:41:77: b8:ff:ee:e9:4b:f0:2b:6f:17:7e:4d:8c:12:76:63: 03:72:b7:b1:e9:94:4f:20:e2:17:32:20:93:3f:bd: 8e:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:3C:B2:29:D8:45:36:98:E2:4D:58:8F:A5:31:E4:F9:EB:A6:3B:01 X509v3 Authority Key Identifier: keyid:68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/3132322e3132382e32322e302f32342d3234203d3e203436303435.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.128.22.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:3f:9f:f0:76:bf:1d:65:31:a4:e6:d8:04:92:56:01:da:27: de:12:31:23:ca:27:0b:bc:bb:af:5a:f2:33:f3:21:1d:d4:81: 16:b6:1d:a7:4e:c8:ca:77:ea:98:a3:b0:38:31:02:48:c4:97: bd:eb:11:a4:9f:03:0d:9e:91:0e:7b:e5:aa:0e:92:8c:9e:75: e1:ea:95:86:ea:8a:12:e0:78:54:db:df:51:f5:e3:dc:9b:52: b0:86:95:93:03:66:40:98:23:72:bd:2e:04:fc:a8:b9:7c:ab: 7c:50:09:b6:b7:45:9e:9c:d5:aa:e6:b2:9f:29:b8:d5:2f:d5: 4c:3b:2c:ed:b9:5f:88:c7:4c:b3:2e:c7:03:db:44:9d:8d:e5: 37:be:fd:2d:d1:8a:ef:4c:75:ab:ba:9d:a8:20:90:13:db:69: f8:93:40:a3:33:85:b0:e9:37:44:c2:b4:c4:8f:1a:eb:18:04: f0:8a:d3:5f:bc:d7:dd:a3:aa:ab:9b:14:ba:4a:9b:58:19:84: a6:c4:08:f6:e7:c6:c9:7a:e9:07:3f:bd:63:51:e5:13:b6:c5: 25:33:d0:36:04:a0:2a:d1:58:9d:dd:a8:1d:4d:56:d7:de:45: 44:be:4d:28:2a:05:15:8d:3f:6b:74:19:65:1b:08:b8:39:79: ae:a3:dd:f3 -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUD0EVLTKC+qVmEoxQ3EAoR96IfY0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjg0REUzNEE2NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJG QjJFNkFBNTAeFw0yNjA1MDMwMjIwNTlaFw0yNzA1MDIwMjI1NTlaMDMxMTAvBgNV BAMTKDQzM0NCMjI5RDg0NTM2OThFMjRENTg4RkE1MzFFNEY5RUJBNjNCMDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbBwRbipoIeqfjR/zUQ8cpZvRl 51ZPyYgMNOdUKovn38DcH5W9AtQwJB2vDhLsYhe52ofLpVALCj2nGRICgntF9wQS NvFkglqO9RCwS3R3087I1ymt+bCCxMRyFxyHhMLldpUISGwoNQiq0q3UZbSIMWrA 1olAFaHkBDPLjAd8eXamlf548MzhjGYtHm5H64lg83Po2YHw18Y1r2U6VGOuGFN/ oRc3FxCOhFB6QfO11C4BGByD5MBNNUzkUZZIrjzv5gT6wBmi/n3u5Q7nBpecMBcz JFwKOxCXE19k+CVBd7j/7ulL8CtvF35NjBJ2YwNyt7HplE8g4hcyIJM/vY5vAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQUQzyyKdhFNpjiTViPpTHk+eumOwEwHwYDVR0j BBgwFoAUaE3jSmTzr+1EoCOF/LNYgvsuaqUwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v Mzg1M2YyMjgtMzdmMi00N2Q5LWI5ZmUtNDc2YmFkZTEzMzkzLzAvNjg0REUzNEE2 NEYzQUZFRDQ0QTAyMzg1RkNCMzU4ODJGQjJFNkFBNS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS82ODRERTM0QTY0RjNBRkVENDRBMDIzODVGQ0IzNTg4MkZCMkU2 QUE1LmNlcjCBowYIKwYBBQUHAQsEgZYwgZMwgZAGCCsGAQUFBzALhoGDcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzM4NTNmMjI4LTM3ZjItNDdkOS1i OWZlLTQ3NmJhZGUxMzM5My8wLzMxMzIzMjJlMzEzMjM4MmUzMjMyMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzQzNjMwMzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHqAFjANBgkqhkiG 9w0BAQsFAAOCAQEAfD+f8Ha/HWUxpObYBJJWAdon3hIxI8onC7y7r1ryM/MhHdSB FrYdp07IynfqmKOwODECSMSXvesRpJ8DDZ6RDnvlqg6SjJ514eqVhuqKEuB4VNvf UfXj3JtSsIaVkwNmQJgjcr0uBPyouXyrfFAJtrdFnpzVquaynym41S/VTDss7blf iMdMsy7HA9tEnY3lN779LdGK70x1q7qdqCCQE9tp+JNAozOFsOk3RMK0xI8a6xgE 8IrTX7zX3aOqq5sUukqbWBmEpsQI9ufGyXrpBz+9Y1HlE7bFJTPQNgSgKtFYnd2o HU1W195FRL5NKCoFFY0/a3QZZRsIuDl5rqPd8w== -----END CERTIFICATE-----Generated at Sun May 3 20:01:52 2026 by rpki-client