$ rpki-client -vvf rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e20313530323238.roa File: 3232332e32352e3130342e302f32342d3234203d3e20313530323238.roa (raw, json) Hash identifier: ovVBKtJH+Wixf+bjFfGN0BaqhZuS+FBdLYnDH3wV8vw= Subject key identifier: 2B:AB:26:9C:56:73:6E:19:78:AE:C8:ED:A3:10:DA:CB:E8:10:E1:C6 Certificate issuer: /CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Certificate serial: 6AD558172D8E7D9A5AB9F8137C12953EF12B3963 Authority key identifier: DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e20313530323238.roa Signing time: Sun 03 May 2026 02:50:47 +0000 ROA not before: Sun 03 May 2026 02:45:47 +0000 ROA not after: Sun 02 May 2027 02:50:47 +0000 asID: 150228 IP address blocks: 223.25.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 16:31:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:d5:58:17:2d:8e:7d:9a:5a:b9:f8:13:7c:12:95:3e:f1:2b:39:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Validity Not Before: May 3 02:45:47 2026 GMT Not After : May 2 02:50:47 2027 GMT Subject: CN=2BAB269C56736E1978AEC8EDA310DACBE810E1C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:e8:7f:2d:31:59:2e:e2:5e:0d:f5:29:66:8d: 08:19:fd:ac:87:7e:51:32:be:bf:13:69:b7:93:a4: 77:1e:e8:47:c7:47:11:55:24:70:71:de:dc:26:90: 97:58:61:9b:f6:ef:fb:9d:c7:3b:0d:09:5b:e0:d1: 4a:bd:66:21:c5:7d:21:44:05:bd:cb:c2:58:96:4d: 12:44:63:11:08:68:9f:df:3e:c2:29:e2:8e:9d:f7: 17:64:56:50:a1:62:f4:77:a4:e5:c6:66:f1:43:28: df:d1:df:35:e3:28:45:9f:8b:db:5a:a3:02:ca:a1: 99:d9:62:d3:86:25:04:cc:16:02:97:81:75:56:2a: b4:4d:ac:6a:92:26:80:8d:e1:03:45:a8:4e:2f:57: 7a:7e:b2:70:6e:93:df:d2:ad:71:56:7a:0b:79:5d: 61:2b:a3:b4:3c:d8:c8:a5:5d:e4:76:b5:e5:6a:ee: 5f:73:2d:c3:05:f0:5c:62:84:54:43:02:86:0b:b1: 7c:cd:ed:f1:e9:9b:e0:03:e5:36:06:f2:6f:6f:a5: fd:00:3d:7c:7d:0b:d7:25:50:8b:ed:2c:9c:89:c3: 01:e1:d1:50:59:50:f7:07:24:e0:ce:5a:bb:82:b8: 00:b7:2b:e3:44:52:53:ed:48:40:bf:e3:5d:90:28: 5f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:AB:26:9C:56:73:6E:19:78:AE:C8:ED:A3:10:DA:CB:E8:10:E1:C6 X509v3 Authority Key Identifier: keyid:DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130342e302f32342d3234203d3e20313530323238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.104.0/24 Signature Algorithm: sha256WithRSAEncryption 98:5a:e8:1d:9e:82:26:b9:c6:b5:49:f7:97:68:06:80:6b:da: f7:2c:1e:9c:f0:82:c6:51:79:f5:1e:e0:ac:9a:47:fa:39:f2: 24:fc:ac:a2:d3:cd:c9:9b:ba:8a:ea:95:7b:f6:ee:91:8c:d8: 39:f3:ff:70:98:a9:9b:9e:3c:98:3b:d2:9b:c6:41:bc:29:c4: c0:36:82:8d:7f:db:f2:d9:50:49:56:1b:89:8d:a4:76:29:8d: f6:ee:06:e9:56:ff:1b:03:fd:33:1a:de:d7:21:e9:e5:f5:1d: eb:f7:56:ff:2d:4d:1d:ce:88:b6:81:10:38:95:7d:39:c4:e0: 28:05:64:8e:2d:9e:bc:e2:a0:11:2b:c3:3a:3f:50:a5:f3:f7: 23:53:7a:91:ae:22:fd:4e:b4:63:69:89:50:26:81:8f:c9:f6: c8:13:7c:0a:6e:86:7f:28:2f:2d:b6:17:1c:52:ad:32:42:34: fe:67:6e:4d:ba:09:ff:e9:66:78:cf:f3:62:8d:00:7c:6b:f5: e2:3a:f6:27:81:51:ac:10:1c:de:94:d0:a9:c9:d6:d2:6d:15: 01:7c:d7:e1:b2:f8:70:6f:6e:50:9d:5e:73:25:0a:86:eb:ba: 2b:b7:52:31:0e:18:7c:67:3e:92:7e:a5:d9:d7:fe:16:e3:4a: fe:1f:14:63 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUatVYFy2OfZpaufgTfBKVPvErOWMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREU0RTk5RUEwMzBBRjhBRUJGQjdCNkE3QTBFOTE2NzRE REIyOUFDMzAeFw0yNjA1MDMwMjQ1NDdaFw0yNzA1MDIwMjUwNDdaMDMxMTAvBgNV BAMTKDJCQUIyNjlDNTY3MzZFMTk3OEFFQzhFREEzMTBEQUNCRTgxMEUxQzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT6H8tMVku4l4N9SlmjQgZ/ayH flEyvr8TabeTpHce6EfHRxFVJHBx3twmkJdYYZv27/udxzsNCVvg0Uq9ZiHFfSFE Bb3LwliWTRJEYxEIaJ/fPsIp4o6d9xdkVlChYvR3pOXGZvFDKN/R3zXjKEWfi9ta owLKoZnZYtOGJQTMFgKXgXVWKrRNrGqSJoCN4QNFqE4vV3p+snBuk9/SrXFWegt5 XWEro7Q82MilXeR2teVq7l9zLcMF8FxihFRDAoYLsXzN7fHpm+AD5TYG8m9vpf0A PXx9C9clUIvtLJyJwwHh0VBZUPcHJODOWruCuAC3K+NEUlPtSEC/412QKF9/AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUK6smnFZzbhl4rsjtoxDay+gQ4cYwHwYDVR0j BBgwFoAU3k6Z6gMK+K6/t7anoOkWdN2ymsMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OGQyNTQ0MTktNTNiZS00YWQ0LWJmN2YtMjlmODkxMjUyM2QwLzAvREU0RTk5RUEw MzBBRjhBRUJGQjdCNkE3QTBFOTE2NzREREIyOUFDMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ERTRFOTlFQTAzMEFGOEFFQkZCN0I2QTdBMEU5MTY3NEREQjI5 QUMzLmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM0MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzIzMjM4LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xloMA0GCSqG SIb3DQEBCwUAA4IBAQCYWugdnoImuca1SfeXaAaAa9r3LB6c8ILGUXn1HuCsmkf6 OfIk/Kyi083Jm7qK6pV79u6RjNg58/9wmKmbnjyYO9KbxkG8KcTANoKNf9vy2VBJ VhuJjaR2KY327gbpVv8bA/0zGt7XIenl9R3r91b/LU0dzoi2gRA4lX05xOAoBWSO LZ684qARK8M6P1Cl8/cjU3qRriL9TrRjaYlQJoGPyfbIE3wKboZ/KC8tthccUq0y QjT+Z25Nugn/6WZ4z/NijQB8a/XiOvYngVGsEBzelNCpydbSbRUBfNfhsvhwb25Q nV5zJQqG67ort1IxDhh8Zz6SfqXZ1/4W40r+HxRj -----END CERTIFICATE-----Generated at Tue May 5 10:22:04 2026 by rpki-client