$ rpki-client -vvf repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a353a3a2f34382d3438203d3e20313337333330.roa File: 323430323a616134303a353a3a2f34382d3438203d3e20313337333330.roa (raw, json) Hash identifier: aznR+rxjjEIsUxFM5mh1iq4hQzHytRItzxTk14wm3KQ= Subject key identifier: 1D:E4:5B:7C:B5:CF:D0:68:BD:7B:BC:BF:70:FE:0D:02:A0:07:65:36 Certificate issuer: /CN=923D4A10E1DBBF6927183BF3419F512FE4C1D003 Certificate serial: 7D3EA6F9A213A3E89A9F7D398A1A3A81E35E7115 Authority key identifier: 92:3D:4A:10:E1:DB:BF:69:27:18:3B:F3:41:9F:51:2F:E4:C1:D0:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a353a3a2f34382d3438203d3e20313337333330.roa Signing time: Thu 12 Mar 2026 05:00:00 +0000 ROA not before: Thu 12 Mar 2026 04:55:00 +0000 ROA not after: Thu 11 Mar 2027 05:00:00 +0000 asID: 137330 IP address blocks: 2402:aa40:5::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.crl rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 02:22:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:3e:a6:f9:a2:13:a3:e8:9a:9f:7d:39:8a:1a:3a:81:e3:5e:71:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=923D4A10E1DBBF6927183BF3419F512FE4C1D003 Validity Not Before: Mar 12 04:55:00 2026 GMT Not After : Mar 11 05:00:00 2027 GMT Subject: CN=1DE45B7CB5CFD068BD7BBCBF70FE0D02A0076536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:a9:3c:c4:d9:06:f5:fb:7f:3b:ed:76:2f:c8: 20:8c:8f:da:d9:de:f9:5f:e0:c2:63:2b:82:8f:8c: 70:d9:15:3c:8b:ff:88:21:07:f7:d1:48:05:83:78: a7:68:1c:fd:73:e6:d1:a0:0f:86:5c:b2:18:8a:85: 63:54:2c:9e:17:28:44:d3:2f:eb:bd:39:da:ff:6d: 61:ef:cf:1c:69:88:c4:aa:4e:48:42:c6:9b:b7:80: d7:76:d5:bf:0c:41:52:03:d3:0d:00:d1:80:89:29: 31:84:37:19:0b:1d:a6:8d:81:3a:cb:fa:f5:16:55: a5:47:c4:6d:22:f1:66:4c:ab:53:34:bd:c2:a8:a3: 17:17:5f:7e:14:c9:b0:a7:33:97:01:4c:fd:b6:1d: 5c:37:f8:4d:6c:61:14:ca:21:f9:db:a3:e6:a7:56: 83:c0:c8:61:c4:83:2d:7b:eb:7c:57:83:7c:c9:a7: cb:51:cb:80:e8:6d:06:0f:ca:82:30:84:ba:ac:9d: 2b:98:f2:b0:dc:37:16:29:a8:17:51:68:dd:84:77: b6:60:91:88:66:82:b7:7d:f6:0a:0f:88:3b:c5:b7: 71:ec:0a:ce:39:4f:16:27:6a:d7:2a:a6:bd:46:ba: 46:4e:27:85:5e:ef:34:a8:f2:5b:38:b1:6e:25:3a: 06:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:E4:5B:7C:B5:CF:D0:68:BD:7B:BC:BF:70:FE:0D:02:A0:07:65:36 X509v3 Authority Key Identifier: keyid:92:3D:4A:10:E1:DB:BF:69:27:18:3B:F3:41:9F:51:2F:E4:C1:D0:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a353a3a2f34382d3438203d3e20313337333330.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:aa40:5::/48 Signature Algorithm: sha256WithRSAEncryption 1a:28:ea:3e:e3:9f:2c:7f:0e:d1:4e:e2:24:df:59:3a:c4:0d: c9:4c:ba:d4:ff:9e:c5:64:96:46:e6:b8:45:5b:ef:8d:43:06: 2d:ff:5d:fd:f4:a1:c3:b7:33:e4:60:d9:ed:91:2d:23:1a:da: b6:e5:87:34:17:7e:14:23:e7:fb:55:09:b8:ea:74:d5:e4:08: 4b:9e:e1:fd:12:4b:1a:db:58:fc:f4:c4:40:08:ab:7b:04:31: 6e:f0:6a:55:94:27:59:d3:7c:db:52:fc:fa:1d:ce:be:db:21: df:e5:c5:8e:22:e1:c7:02:96:e0:8f:25:91:61:32:0b:a1:c4: 7d:2c:69:aa:ae:7e:5a:94:cb:c9:19:97:25:07:5d:ea:6c:31: 59:70:2b:7d:3b:27:72:7c:79:3b:8d:5d:de:d9:48:66:0c:ce: 45:65:9a:19:df:00:42:b5:0b:b3:b5:2a:ef:68:c3:dd:5d:a7: e5:7b:8d:2c:9f:08:dd:8f:05:92:d6:01:33:1a:a1:ef:d1:86: 98:cf:79:89:a1:1f:1e:fd:06:b1:3f:ea:4d:ab:0b:fa:2d:ec: 8d:f3:2a:f4:be:46:cb:38:5a:17:67:02:a1:94:c8:a3:24:62: 59:d6:dc:fe:91:7e:db:8e:55:21:32:39:cf:d9:89:27:f0:2a: ae:9f:7e:f4 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUfT6m+aITo+ian305iho6geNecRUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTIzRDRBMTBFMURCQkY2OTI3MTgzQkYzNDE5RjUxMkZF NEMxRDAwMzAeFw0yNjAzMTIwNDU1MDBaFw0yNzAzMTEwNTAwMDBaMDMxMTAvBgNV BAMTKDFERTQ1QjdDQjVDRkQwNjhCRDdCQkNCRjcwRkUwRDAyQTAwNzY1MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoqTzE2Qb1+3877XYvyCCMj9rZ 3vlf4MJjK4KPjHDZFTyL/4ghB/fRSAWDeKdoHP1z5tGgD4ZcshiKhWNULJ4XKETT L+u9Odr/bWHvzxxpiMSqTkhCxpu3gNd21b8MQVID0w0A0YCJKTGENxkLHaaNgTrL +vUWVaVHxG0i8WZMq1M0vcKooxcXX34UybCnM5cBTP22HVw3+E1sYRTKIfnbo+an VoPAyGHEgy1763xXg3zJp8tRy4DobQYPyoIwhLqsnSuY8rDcNxYpqBdRaN2Ed7Zg kYhmgrd99goPiDvFt3HsCs45TxYnatcqpr1GukZOJ4Ve7zSo8ls4sW4lOgahAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUHeRbfLXP0Gi9e7y/cP4NAqAHZTYwHwYDVR0j BBgwFoAUkj1KEOHbv2knGDvzQZ9RL+TB0AMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w YzM0ZmYwOC1kMjFmLTQyMGItODdkZi01MzEwM2I2ZGMyNTMvMC85MjNENEExMEUx REJCRjY5MjcxODNCRjM0MTlGNTEyRkU0QzFEMDAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTIzRDRBMTBFMURCQkY2OTI3MTgzQkYzNDE5RjUxMkZFNEMx RDAwMy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBjMzRmZjA4LWQyMWYtNDIwYi04 N2RmLTUzMTAzYjZkYzI1My8wLzMyMzQzMDMyM2E2MTYxMzQzMDNhMzUzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMTMzMzczMzMzMzAucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAqpAAAUw DQYJKoZIhvcNAQELBQADggEBABoo6j7jnyx/DtFO4iTfWTrEDclMutT/nsVklkbm uEVb741DBi3/Xf30ocO3M+Rg2e2RLSMa2rblhzQXfhQj5/tVCbjqdNXkCEue4f0S SxrbWPz0xEAIq3sEMW7walWUJ1nTfNtS/Podzr7bId/lxY4i4ccCluCPJZFhMguh xH0saaquflqUy8kZlyUHXepsMVlwK307J3J8eTuNXd7ZSGYMzkVlmhnfAEK1C7O1 Ku9ow91dp+V7jSyfCN2PBZLWATMaoe/RhpjPeYmhHx79BrE/6k2rC/ot7I3zKvS+ Rss4WhdnAqGUyKMkYlnW3P6RftuOVSEyOc/ZiSfwKq6ffvQ= -----END CERTIFICATE-----Generated at Thu Mar 26 20:13:08 2026 by rpki-client