$ rpki-client -vvf rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa File: 3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa (raw, json) Hash identifier: 2xJo8vO5RtzGv7BkUmxulZhOANWhCfhuYoau31MaZh0= Subject key identifier: CE:3B:FF:BE:D3:56:E6:42:3F:7E:7A:D0:82:18:62:41:CC:F7:6C:79 Certificate issuer: /CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Certificate serial: 57C7D3E89FA977A1964F7AD9C2B8B6585EC99905 Authority key identifier: DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa Signing time: Sun 03 May 2026 02:50:50 +0000 ROA not before: Sun 03 May 2026 02:45:50 +0000 ROA not after: Sun 02 May 2027 02:50:50 +0000 asID: 141607 IP address blocks: 223.25.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 18:04:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:c7:d3:e8:9f:a9:77:a1:96:4f:7a:d9:c2:b8:b6:58:5e:c9:99:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3 Validity Not Before: May 3 02:45:50 2026 GMT Not After : May 2 02:50:50 2027 GMT Subject: CN=CE3BFFBED356E6423F7E7AD082186241CCF76C79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:65:3b:f2:46:d9:93:01:2f:16:46:a4:11:4c: 50:d0:6f:59:b6:e8:db:ee:59:6c:f1:66:15:af:29: 44:e6:cd:92:4c:a3:2e:95:e8:17:03:42:6e:d3:58: 1a:0a:c9:5d:84:9a:8d:4d:f2:21:a2:fc:77:33:5f: 2a:88:8f:ba:5c:b4:5e:0c:f0:1d:30:c5:0a:a7:be: fb:b6:08:95:dd:3b:37:a9:94:5f:92:12:4c:3d:c2: d6:7c:a3:13:a4:29:9b:7f:51:75:1c:9a:aa:17:e8: 1e:12:73:a8:6a:e0:4d:c6:ef:28:cf:81:cb:14:5f: af:38:3e:dd:07:0f:b6:67:0f:4b:f9:8e:39:83:e8: 1d:4d:1b:44:ef:1c:01:4e:9f:64:80:82:34:40:5d: 21:a4:19:a1:94:cb:df:f7:4a:a2:77:bd:fb:93:b4: 9a:ea:9b:1f:55:84:b1:14:6c:3c:ce:e1:ec:57:26: 5d:08:0a:20:9f:8e:f2:74:7a:f4:3c:75:cd:7d:fb: 80:9b:bf:85:ed:5b:c5:64:bc:f4:a8:a7:7c:20:5b: 40:8b:36:ef:17:86:5d:83:99:80:7d:b6:39:bd:25: 5d:04:ff:53:d1:bb:f1:18:9e:98:33:a7:ac:f4:38: 69:31:4c:5d:9c:15:22:8f:c0:f7:3b:00:d0:50:58: 13:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:3B:FF:BE:D3:56:E6:42:3F:7E:7A:D0:82:18:62:41:CC:F7:6C:79 X509v3 Authority Key Identifier: keyid:DE:4E:99:EA:03:0A:F8:AE:BF:B7:B6:A7:A0:E9:16:74:DD:B2:9A:C3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DE4E99EA030AF8AEBFB7B6A7A0E91674DDB29AC3.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/8d254419-53be-4ad4-bf7f-29f8912523d0/0/3232332e32352e3131312e302f32342d3234203d3e20313431363037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.25.111.0/24 Signature Algorithm: sha256WithRSAEncryption 49:ea:64:7c:b4:29:05:45:a8:e9:ff:d9:26:f7:30:89:4a:a1: 66:0d:fc:4c:e5:1a:56:9d:f7:2f:59:a0:59:f2:1a:ad:9a:8e: ae:9f:82:7a:f5:a9:43:e6:d3:b1:85:af:41:17:9f:11:71:fd: a7:88:87:90:7f:35:5a:13:bb:0c:fa:fe:c0:02:3c:19:61:5c: d9:3a:8f:7a:0f:35:2c:ae:aa:9c:94:c2:36:a7:72:40:9b:83: d3:df:d7:13:06:4b:6a:82:c2:6e:d4:cc:5d:07:89:ac:01:ce: 19:5e:a4:df:7f:c0:13:df:9c:f7:da:a6:c8:b8:c8:ce:ce:b5: 61:b5:1a:35:d9:e2:b6:0b:90:fc:2e:4f:5e:56:09:c7:d7:09: 21:69:a9:5c:cd:70:d0:fc:14:6b:e2:d7:fc:ae:03:39:31:b6: 86:db:33:f6:35:c3:ae:53:5a:1f:e7:db:cc:67:50:76:c5:87: 6d:3f:c3:2b:63:f6:f4:87:63:aa:c3:dd:a5:b7:19:a4:92:b1: be:54:87:a3:dc:33:ea:a0:c2:e4:55:26:bd:5c:c5:bb:c4:b0: 09:2b:d4:c3:ea:0b:6e:0c:4a:14:41:da:b6:a1:46:02:ec:b0: 1e:2e:b7:85:14:72:78:43:17:d9:f0:a8:39:de:45:59:8d:1f: 8a:d3:d9:d5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUV8fT6J+pd6GWT3rZwri2WF7JmQUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREU0RTk5RUEwMzBBRjhBRUJGQjdCNkE3QTBFOTE2NzRE REIyOUFDMzAeFw0yNjA1MDMwMjQ1NTBaFw0yNzA1MDIwMjUwNTBaMDMxMTAvBgNV BAMTKENFM0JGRkJFRDM1NkU2NDIzRjdFN0FEMDgyMTg2MjQxQ0NGNzZDNzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqZTvyRtmTAS8WRqQRTFDQb1m2 6NvuWWzxZhWvKUTmzZJMoy6V6BcDQm7TWBoKyV2Emo1N8iGi/HczXyqIj7pctF4M 8B0wxQqnvvu2CJXdOzeplF+SEkw9wtZ8oxOkKZt/UXUcmqoX6B4Sc6hq4E3G7yjP gcsUX684Pt0HD7ZnD0v5jjmD6B1NG0TvHAFOn2SAgjRAXSGkGaGUy9/3SqJ3vfuT tJrqmx9VhLEUbDzO4exXJl0ICiCfjvJ0evQ8dc19+4Cbv4XtW8VkvPSop3wgW0CL Nu8Xhl2DmYB9tjm9JV0E/1PRu/EYnpgzp6z0OGkxTF2cFSKPwPc7ANBQWBMZAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUzjv/vtNW5kI/fnrQghhiQcz3bHkwHwYDVR0j BBgwFoAU3k6Z6gMK+K6/t7anoOkWdN2ymsMwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v OGQyNTQ0MTktNTNiZS00YWQ0LWJmN2YtMjlmODkxMjUyM2QwLzAvREU0RTk5RUEw MzBBRjhBRUJGQjdCNkE3QTBFOTE2NzREREIyOUFDMy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9ERTRFOTlFQTAzMEFGOEFFQkZCN0I2QTdBMEU5MTY3NEREQjI5 QUMzLmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzhkMjU0NDE5LTUzYmUtNGFkNC1i ZjdmLTI5Zjg5MTI1MjNkMC8wLzMyMzIzMzJlMzIzNTJlMzEzMTMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzYzMDM3LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xlvMA0GCSqG SIb3DQEBCwUAA4IBAQBJ6mR8tCkFRajp/9km9zCJSqFmDfxM5RpWnfcvWaBZ8hqt mo6un4J69alD5tOxha9BF58Rcf2niIeQfzVaE7sM+v7AAjwZYVzZOo96DzUsrqqc lMI2p3JAm4PT39cTBktqgsJu1MxdB4msAc4ZXqTff8AT35z32qbIuMjOzrVhtRo1 2eK2C5D8Lk9eVgnH1wkhaalczXDQ/BRr4tf8rgM5MbaG2zP2NcOuU1of59vMZ1B2 xYdtP8MrY/b0h2Oqw92ltxmkkrG+VIej3DPqoMLkVSa9XMW7xLAJK9TD6gtuDEoU Qdq2oUYC7LAeLreFFHJ4QxfZ8Kg53kVZjR+K09nV -----END CERTIFICATE-----Generated at Tue May 5 11:54:51 2026 by rpki-client