$ rpki-client -vvf repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a383a3a2f34382d3438203d3e20313337333330.roa File: 323430323a616134303a383a3a2f34382d3438203d3e20313337333330.roa (raw, json) Hash identifier: rNDsRlOx+ZmLfoeW6nnGDsNn4s742wqQJvoJUhwEUPQ= Subject key identifier: F5:31:DC:B4:BB:DF:61:6D:6E:44:94:CA:16:37:01:83:84:89:FB:99 Certificate issuer: /CN=923D4A10E1DBBF6927183BF3419F512FE4C1D003 Certificate serial: 5F3F76D9D9D05D1623A4771E6EA70E4CACE2B0AD Authority key identifier: 92:3D:4A:10:E1:DB:BF:69:27:18:3B:F3:41:9F:51:2F:E4:C1:D0:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a383a3a2f34382d3438203d3e20313337333330.roa Signing time: Thu 12 Mar 2026 03:00:00 +0000 ROA not before: Thu 12 Mar 2026 02:55:00 +0000 ROA not after: Thu 11 Mar 2027 03:00:00 +0000 asID: 137330 IP address blocks: 2402:aa40:8::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.crl rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 02:22:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:3f:76:d9:d9:d0:5d:16:23:a4:77:1e:6e:a7:0e:4c:ac:e2:b0:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=923D4A10E1DBBF6927183BF3419F512FE4C1D003 Validity Not Before: Mar 12 02:55:00 2026 GMT Not After : Mar 11 03:00:00 2027 GMT Subject: CN=F531DCB4BBDF616D6E4494CA163701838489FB99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:40:cc:0b:80:e3:28:92:22:87:41:a3:7d:a1: ca:4b:e4:17:2c:c2:f6:55:0e:65:9f:00:a3:19:51: 5e:f2:ee:cf:62:75:bd:56:be:19:d8:c5:81:2d:8d: 3b:c2:c1:3f:0d:15:d1:03:1b:1c:ec:0b:61:53:ee: 40:33:47:90:9b:c5:44:29:be:11:5a:b7:0e:42:b0: 71:3c:f0:68:94:74:ee:d5:d1:e2:00:e4:52:91:9b: 2f:b8:97:c4:59:56:f7:15:aa:0e:6c:45:06:bc:21: d1:aa:22:38:a6:96:30:83:f9:53:61:d9:38:91:38: 4f:3f:e9:a8:c6:59:0f:a8:6d:5b:ff:f3:e1:76:79: ce:8f:b0:37:73:88:42:5c:1e:f5:47:d9:22:a9:eb: 22:f2:76:5c:f4:ac:35:3d:78:0f:52:cf:6e:64:11: 88:ec:94:29:c6:9c:3a:99:f3:b4:43:73:d6:11:3c: ab:75:47:79:9f:0a:d0:81:d7:97:45:b9:6a:9f:9f: e4:7b:76:be:8a:15:a3:98:1a:1b:8b:3f:83:59:62: d9:c0:0d:28:89:ae:10:d4:cb:aa:b5:41:eb:f9:18: 6b:33:1e:1a:c0:80:6a:32:f3:02:4f:7b:51:01:8d: ad:8a:4a:0d:59:12:f4:d2:3e:b3:a7:05:75:ea:ef: fc:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:31:DC:B4:BB:DF:61:6D:6E:44:94:CA:16:37:01:83:84:89:FB:99 X509v3 Authority Key Identifier: keyid:92:3D:4A:10:E1:DB:BF:69:27:18:3B:F3:41:9F:51:2F:E4:C1:D0:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/923D4A10E1DBBF6927183BF3419F512FE4C1D003.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/923D4A10E1DBBF6927183BF3419F512FE4C1D003.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0c34ff08-d21f-420b-87df-53103b6dc253/0/323430323a616134303a383a3a2f34382d3438203d3e20313337333330.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:aa40:8::/48 Signature Algorithm: sha256WithRSAEncryption 36:94:41:a6:45:c8:57:ee:11:c9:2c:01:1c:64:33:5a:3a:80: 34:5a:a9:83:e7:63:bd:9b:28:53:39:28:02:57:94:9e:d7:03: 3f:00:eb:02:c2:ff:bb:6d:12:a0:68:fe:52:ab:6f:59:77:34: 17:6e:3d:a7:d0:69:b9:8a:78:4f:45:09:de:4d:01:dc:f8:71: 3c:a4:27:85:a1:c7:3e:ca:83:55:9b:c5:ca:6d:f6:7b:c2:e1: 2c:94:3c:27:f9:0b:32:8d:1b:53:e3:b1:ad:b4:d9:d0:3f:fd: c5:bd:94:c7:18:a2:ba:aa:7c:00:ec:67:1c:3b:ba:4c:ff:33: ee:32:83:a8:d3:85:1a:e7:f7:5d:87:46:79:cd:00:9b:61:88: b6:06:11:08:04:4b:77:db:d7:cc:5f:b3:cc:84:80:cf:e6:1d: 4e:cb:d6:ae:b4:6c:03:ee:8b:db:c2:a5:2c:67:a2:84:f4:f0: 4d:1b:8d:cf:ab:4b:6a:12:24:5c:47:d2:98:1f:8b:64:bf:ae: 9e:2d:a8:d3:fc:af:5c:a3:f2:bb:03:34:61:05:d8:3c:75:5f: a2:bb:46:e7:57:a6:10:ab:dc:66:a5:67:db:4a:eb:82:d7:6b: 7f:0f:ad:5f:4f:b5:16:8f:02:8e:ad:2f:cb:ff:82:49:5f:d8: 32:df:be:94 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUXz922dnQXRYjpHcebqcOTKzisK0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTIzRDRBMTBFMURCQkY2OTI3MTgzQkYzNDE5RjUxMkZF NEMxRDAwMzAeFw0yNjAzMTIwMjU1MDBaFw0yNzAzMTEwMzAwMDBaMDMxMTAvBgNV BAMTKEY1MzFEQ0I0QkJERjYxNkQ2RTQ0OTRDQTE2MzcwMTgzODQ4OUZCOTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QMwLgOMokiKHQaN9ocpL5Bcs wvZVDmWfAKMZUV7y7s9idb1WvhnYxYEtjTvCwT8NFdEDGxzsC2FT7kAzR5CbxUQp vhFatw5CsHE88GiUdO7V0eIA5FKRmy+4l8RZVvcVqg5sRQa8IdGqIjimljCD+VNh 2TiROE8/6ajGWQ+obVv/8+F2ec6PsDdziEJcHvVH2SKp6yLydlz0rDU9eA9Sz25k EYjslCnGnDqZ87RDc9YRPKt1R3mfCtCB15dFuWqfn+R7dr6KFaOYGhuLP4NZYtnA DSiJrhDUy6q1Qev5GGszHhrAgGoy8wJPe1EBja2KSg1ZEvTSPrOnBXXq7/ybAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU9THctLvfYW1uRJTKFjcBg4SJ+5kwHwYDVR0j BBgwFoAUkj1KEOHbv2knGDvzQZ9RL+TB0AMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w YzM0ZmYwOC1kMjFmLTQyMGItODdkZi01MzEwM2I2ZGMyNTMvMC85MjNENEExMEUx REJCRjY5MjcxODNCRjM0MTlGNTEyRkU0QzFEMDAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTIzRDRBMTBFMURCQkY2OTI3MTgzQkYzNDE5RjUxMkZFNEMx RDAwMy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBjMzRmZjA4LWQyMWYtNDIwYi04 N2RmLTUzMTAzYjZkYzI1My8wLzMyMzQzMDMyM2E2MTYxMzQzMDNhMzgzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMTMzMzczMzMzMzAucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAqpAAAgw DQYJKoZIhvcNAQELBQADggEBADaUQaZFyFfuEcksARxkM1o6gDRaqYPnY72bKFM5 KAJXlJ7XAz8A6wLC/7ttEqBo/lKrb1l3NBduPafQabmKeE9FCd5NAdz4cTykJ4Wh xz7Kg1Wbxcpt9nvC4SyUPCf5CzKNG1Pjsa202dA//cW9lMcYorqqfADsZxw7ukz/ M+4yg6jThRrn912HRnnNAJthiLYGEQgES3fb18xfs8yEgM/mHU7L1q60bAPui9vC pSxnooT08E0bjc+rS2oSJFxH0pgfi2S/rp4tqNP8r1yj8rsDNGEF2Dx1X6K7RudX phCr3GalZ9tK64LXa38PrV9PtRaPAo6tL8v/gklf2DLfvpQ= -----END CERTIFICATE-----Generated at Thu Mar 26 23:12:41 2026 by rpki-client