$ rpki-client -vvf repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/323030313a6466313a396563303a3a2f34382d3438203d3e20313439383831.roa File: 323030313a6466313a396563303a3a2f34382d3438203d3e20313439383831.roa (raw, json) Hash identifier: icoM+EmZmnaUSNYe+M3YT7QPi2377uDTJ5GrlCTs7Lw= Subject key identifier: 43:05:AB:B3:FE:06:06:70:F6:41:A4:C5:8E:FA:0D:AC:31:26:D8:DE Certificate issuer: /CN=E1FE69A34216C24D1870F5CED3A4309234A0F1B2 Certificate serial: 67E97DE65BB0A9389EBDBED142854693486E857D Authority key identifier: E1:FE:69:A3:42:16:C2:4D:18:70:F5:CE:D3:A4:30:92:34:A0:F1:B2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/323030313a6466313a396563303a3a2f34382d3438203d3e20313439383831.roa Signing time: Fri 19 Sep 2025 10:00:01 +0000 ROA not before: Fri 19 Sep 2025 09:55:01 +0000 ROA not after: Fri 18 Sep 2026 10:00:01 +0000 asID: 149881 IP address blocks: 2001:df1:9ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.crl rsync://repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 07:03:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:e9:7d:e6:5b:b0:a9:38:9e:bd:be:d1:42:85:46:93:48:6e:85:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E1FE69A34216C24D1870F5CED3A4309234A0F1B2 Validity Not Before: Sep 19 09:55:01 2025 GMT Not After : Sep 18 10:00:01 2026 GMT Subject: CN=4305ABB3FE060670F641A4C58EFA0DAC3126D8DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:3a:cd:37:f4:07:29:ee:d8:2e:84:0a:c1:ee: 2f:8d:3b:e6:cc:c3:df:d8:72:95:1e:07:1f:e1:ba: 1f:9e:27:2d:80:71:0c:a0:7b:4b:a8:5d:f3:81:55: 4c:66:a6:6c:f6:b5:06:50:67:64:ef:47:95:45:8c: 58:62:6b:e7:89:77:ed:58:b1:31:63:91:38:04:28: 84:e6:1e:6d:7d:cd:e3:d1:75:ea:a9:b8:7b:eb:99: da:ef:f9:93:63:48:05:f8:8d:3c:91:ed:da:c9:fe: 10:8d:94:b6:fa:9e:90:e0:7e:8a:9a:41:1a:95:66: d9:83:95:74:ef:9e:47:9c:80:a1:27:9f:c3:6c:d1: 9e:14:90:e3:58:06:5b:c2:c8:4f:a8:8f:82:f3:b4: dd:3f:70:86:14:a9:38:10:c4:26:5f:b5:05:0f:b9: 59:4c:f3:7c:f2:7d:73:69:ae:be:92:19:09:f1:52: e7:ef:65:87:b7:44:d2:b8:a5:c0:39:a1:08:cc:26: c7:ac:32:2c:3a:e9:c1:8b:a9:40:f4:b8:cc:9a:36: 48:79:25:ef:d9:ce:94:50:71:66:49:49:d2:78:6b: a7:bc:4b:ac:b2:99:9b:c6:16:5b:a1:cb:c9:98:e5: 91:f9:6d:9a:d2:e6:6e:43:b3:fe:5d:35:42:8f:c8: 66:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:05:AB:B3:FE:06:06:70:F6:41:A4:C5:8E:FA:0D:AC:31:26:D8:DE X509v3 Authority Key Identifier: keyid:E1:FE:69:A3:42:16:C2:4D:18:70:F5:CE:D3:A4:30:92:34:A0:F1:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E1FE69A34216C24D1870F5CED3A4309234A0F1B2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/188e3a17-1c91-4793-83c4-211d4210aea8/0/323030313a6466313a396563303a3a2f34382d3438203d3e20313439383831.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:9ec0::/48 Signature Algorithm: sha256WithRSAEncryption 68:d7:45:da:8b:f8:cc:a0:03:cb:b0:55:01:d7:10:f6:d1:9a: f2:d2:79:89:37:b6:71:43:43:20:f3:0f:7f:15:ce:22:4f:4a: ef:5a:59:fc:08:61:99:e2:51:ea:db:87:db:7a:cd:54:15:9b: 14:2f:7e:51:ad:f2:73:1f:2b:73:97:95:f2:4a:66:30:74:b6: 2e:24:f0:d2:27:be:3c:66:03:d8:5d:3d:7f:08:44:5a:f6:26: 75:ea:1f:6d:1b:d6:5e:58:9a:bd:67:03:2e:df:88:d9:db:3e: 2a:74:f7:ec:27:f7:32:c5:ce:2d:7c:58:1d:06:2a:3d:f5:da: 5c:e6:01:03:0c:ba:8a:b9:5d:70:92:d9:51:26:42:81:f9:76: 0d:88:f8:d7:a8:d6:aa:f7:c6:44:b4:2f:60:a6:49:1e:66:74: 4c:dc:33:31:ee:78:e6:d2:dd:51:0e:a3:03:b5:b0:b8:14:62: 4e:89:83:83:73:6b:70:7b:27:89:8e:c3:f4:53:fe:95:96:32: c0:18:af:99:76:54:f9:37:78:77:82:1c:ea:34:41:df:9f:38: f3:d2:1c:a1:f1:bb:bd:d7:58:11:56:60:d8:a1:1a:8c:57:e1: 54:e7:2b:24:7f:18:81:b2:00:b2:e0:1f:e5:d7:31:f1:ff:61: b8:2c:7d:0a -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUZ+l95luwqTievb7RQoVGk0huhX0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRTFGRTY5QTM0MjE2QzI0RDE4NzBGNUNFRDNBNDMwOTIz NEEwRjFCMjAeFw0yNTA5MTkwOTU1MDFaFw0yNjA5MTgxMDAwMDFaMDMxMTAvBgNV BAMTKDQzMDVBQkIzRkUwNjA2NzBGNjQxQTRDNThFRkEwREFDMzEyNkQ4REUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKOs039Acp7tguhArB7i+NO+bM w9/YcpUeBx/huh+eJy2AcQyge0uoXfOBVUxmpmz2tQZQZ2TvR5VFjFhia+eJd+1Y sTFjkTgEKITmHm19zePRdeqpuHvrmdrv+ZNjSAX4jTyR7drJ/hCNlLb6npDgfoqa QRqVZtmDlXTvnkecgKEnn8Ns0Z4UkONYBlvCyE+oj4LztN0/cIYUqTgQxCZftQUP uVlM83zyfXNprr6SGQnxUufvZYe3RNK4pcA5oQjMJsesMiw66cGLqUD0uMyaNkh5 Je/ZzpRQcWZJSdJ4a6e8S6yymZvGFluhy8mY5ZH5bZrS5m5Ds/5dNUKPyGZBAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUQwWrs/4GBnD2QaTFjvoNrDEm2N4wHwYDVR0j BBgwFoAU4f5po0IWwk0YcPXO06QwkjSg8bIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ODhlM2ExNy0xYzkxLTQ3OTMtODNjNC0yMTFkNDIxMGFlYTgvMC9FMUZFNjlBMzQy MTZDMjREMTg3MEY1Q0VEM0E0MzA5MjM0QTBGMUIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRTFGRTY5QTM0MjE2QzI0RDE4NzBGNUNFRDNBNDMwOTIzNEEw RjFCMi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4OGUzYTE3LTFjOTEtNDc5My04 M2M0LTIxMWQ0MjEwYWVhOC8wLzMyMzAzMDMxM2E2NDY2MzEzYTM5NjU2MzMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDM5MzgzODMxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8Z7AMA0GCSqGSIb3DQEBCwUAA4IBAQBo10Xai/jMoAPLsFUB1xD20Zry0nmJN7Zx Q0Mg8w9/Fc4iT0rvWln8CGGZ4lHq24fbes1UFZsUL35RrfJzHytzl5XySmYwdLYu JPDSJ748ZgPYXT1/CERa9iZ16h9tG9ZeWJq9ZwMu34jZ2z4qdPfsJ/cyxc4tfFgd Bio99dpc5gEDDLqKuV1wktlRJkKB+XYNiPjXqNaq98ZEtC9gpkkeZnRM3DMx7njm 0t1RDqMDtbC4FGJOiYODc2tweyeJjsP0U/6VljLAGK+ZdlT5N3h3ghzqNEHfnzjz 0hyh8bu911gRVmDYoRqMV+FU5yskfxiBsgCy4B/l1zHx/2G4LH0K -----END CERTIFICATE-----Generated at Mon Oct 20 23:09:48 2025 by rpki-client