$ rpki-client -vvf rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130382e302f32342d3234203d3e2034383231.roa File: 3232332e32352e3130382e302f32342d3234203d3e2034383231.roa (raw, json) Hash identifier: lZy/D3zEI+V1zNnvBB6OJZ7BzAoFD7HSvYryTbhRU2s= Subject key identifier: 36:BB:96:AD:09:D3:D8:FE:28:48:75:EE:26:3A:2B:71:C9:5D:C3:B1 Certificate issuer: /CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Certificate serial: 328548387CF48C5C4CE6F3B822704F88A5FD4DB8 Authority key identifier: DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130382e302f32342d3234203d3e2034383231.roa Signing time: Sun 03 May 2026 02:50:49 +0000 ROA not before: Sun 03 May 2026 02:45:49 +0000 ROA not after: Sun 02 May 2027 02:50:49 +0000 asID: 4821 IP address blocks: 223.25.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 18:04:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:85:48:38:7c:f4:8c:5c:4c:e6:f3:b8:22:70:4f:88:a5:fd:4d:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Validity Not Before: May 3 02:45:49 2026 GMT Not After : May 2 02:50:49 2027 GMT Subject: CN=36BB96AD09D3D8FE284875EE263A2B71C95DC3B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:e8:32:73:72:39:72:d1:02:85:03:51:01:77: d9:8d:2a:e7:42:bc:24:2f:2a:9f:1a:7f:58:44:51: f3:01:b6:80:83:76:6d:7a:5f:da:67:a3:9d:14:99: 0f:40:5a:32:72:b8:9e:ee:21:75:6d:09:ad:17:b1: 95:2b:56:ab:bb:b7:61:af:24:66:6f:c5:9c:25:93: 2e:9b:10:cd:13:bd:e8:b3:b9:28:db:c2:44:c6:fa: 31:bb:4a:dd:cd:fe:d7:74:81:1a:f3:ae:d8:c8:60: 2f:58:db:09:66:a9:48:74:86:c5:cb:63:59:0c:ef: ea:46:cf:32:9c:3a:91:a6:11:fe:98:a0:03:71:60: 2a:52:0f:34:37:19:0c:82:17:7f:ca:0e:21:a6:9e: ec:dd:c8:28:5b:f3:96:46:1b:87:86:19:e8:fe:63: 51:20:43:6c:56:9e:1e:c9:8d:ac:0e:95:04:a7:d5: 86:8d:2c:b1:1e:af:0a:b8:1a:ae:b3:c0:5b:db:6a: 16:15:01:63:7c:f7:b7:5b:e3:89:b4:63:8c:bc:71: 9c:9f:db:32:48:55:5c:d1:47:c7:0b:5e:da:88:4a: 20:c8:e6:7c:e7:96:a5:b5:b7:34:fd:08:2b:b7:df: 94:a0:b0:cd:db:6f:ac:45:23:22:8e:92:7a:f2:c3: d3:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:BB:96:AD:09:D3:D8:FE:28:48:75:EE:26:3A:2B:71:C9:5D:C3:B1 X509v3 Authority Key Identifier: keyid:DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3130382e302f32342d3234203d3e2034383231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.108.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:b9:af:57:96:15:96:ff:3b:5d:b6:3c:ba:26:07:9a:af:7c: 69:ba:43:c2:db:19:71:b0:85:60:02:e2:ce:1d:6e:aa:ac:7d: 85:88:f1:f4:d3:55:a3:ff:40:a3:f7:24:f8:cb:50:da:0a:5a: a6:01:b1:c2:3f:96:aa:95:2a:a3:2d:98:aa:bf:ff:9d:fd:06: 12:be:12:fb:a9:dd:6e:06:77:ea:62:91:a3:a5:cc:b4:b4:58: cf:5c:56:59:ab:d6:fa:67:59:a9:04:78:26:c9:35:20:1c:25: 60:7c:c4:30:0a:2f:0d:76:cd:0c:0d:cf:18:2a:21:35:9a:f9: ba:8d:9e:2d:80:33:93:60:50:3f:1f:33:b8:e6:dd:91:86:e9: 22:e5:a8:44:2c:df:79:c9:ce:30:a1:f9:70:75:1f:bb:6d:9c: 86:0b:ae:f3:e1:80:d9:26:c8:d3:61:18:df:34:73:5f:9b:1e: 77:89:dc:ac:96:af:44:aa:9f:48:3d:95:cb:db:69:27:a6:ef: 14:31:b8:78:aa:ac:53:af:cf:3e:ca:98:7d:92:0d:04:f0:02: 78:d7:0b:dc:9d:67:9b:42:ef:a5:a5:d4:0b:99:b8:f5:45:bf: 9d:bf:e4:37:8d:c9:2e:fd:34:89:f0:72:00:8e:10:cf:e0:15: de:52:a9:86 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgIUMoVIOHz0jFxM5vO4InBPiKX9TbgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREU0RTk5RUEwMzBBRjhBRUJGQjdCNkE3QTBFOTE2NzRE REIyOUFDMzAeFw0yNjA1MDMwMjQ1NDlaFw0yNzA1MDIwMjUwNDlaMDMxMTAvBgNV BAMTKDM2QkI5NkFEMDlEM0Q4RkUyODQ4NzVFRTI2M0EyQjcxQzk1REMzQjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC66DJzcjly0QKFA1EBd9mNKudC vCQvKp8af1hEUfMBtoCDdm16X9pno50UmQ9AWjJyuJ7uIXVtCa0XsZUrVqu7t2Gv JGZvxZwlky6bEM0TveizuSjbwkTG+jG7St3N/td0gRrzrtjIYC9Y2wlmqUh0hsXL Y1kM7+pGzzKcOpGmEf6YoANxYCpSDzQ3GQyCF3/KDiGmnuzdyChb85ZGG4eGGej+ Y1EgQ2xWnh7JjawOlQSn1YaNLLEerwq4Gq6zwFvbahYVAWN897db44m0Y4y8cZyf 2zJIVVzRR8cLXtqISiDI5nznlqW1tzT9CCu335SgsM3bb6xFIyKOknryw9MdAgMB AAGjggIwMIICLDAdBgNVHQ4EFgQUNruWrQnT2P4oSHXuJjorccldw7EwHwYDVR0j BBgwFoAU3k6Z6gMK+K6/t7anoOkWdN2ymsMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OGQyNTQ0MTktNTNiZS00YWQ0LWJmN2YtMjlmODkxMjUyM2QwLzAvREU0RTk5RUEw MzBBRjhBRUJGQjdCNkE3QTBFOTE2NzREREIyOUFDMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ERTRFOTlFQTAzMEFGOEFFQkZCN0I2QTdBMEU5MTY3NEREQjI5 QUMzLmNlcjCBoQYIKwYBBQUHAQsEgZQwgZEwgY4GCCsGAQUFBzALhoGBcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMDM4MmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzQzODMyMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADfGWwwDQYJKoZIhvcN AQELBQADggEBAC65r1eWFZb/O122PLomB5qvfGm6Q8LbGXGwhWAC4s4dbqqsfYWI 8fTTVaP/QKP3JPjLUNoKWqYBscI/lqqVKqMtmKq//539BhK+Evup3W4Gd+pikaOl zLS0WM9cVlmr1vpnWakEeCbJNSAcJWB8xDAKLw12zQwNzxgqITWa+bqNni2AM5Ng UD8fM7jm3ZGG6SLlqEQs33nJzjCh+XB1H7ttnIYLrvPhgNkmyNNhGN80c1+bHneJ 3KyWr0Sqn0g9lcvbaSem7xQxuHiqrFOvzz7KmH2SDQTwAnjXC9ydZ5tC76Wl1AuZ uPVFv52/5DeNyS79NInwcgCOEM/gFd5SqYY= -----END CERTIFICATE-----Generated at Tue May 5 11:53:33 2026 by rpki-client