$ rpki-client -vvf repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3430303a3a2f34302d3430203d3e20313339393439.roa File: 323430353a616163303a3430303a3a2f34302d3430203d3e20313339393439.roa (raw, json) Hash identifier: a8iO9XKyrx/7I+Oqk1y5Kkr+vsH7bAdu5KpclfnTwaY= Subject key identifier: A9:BA:7F:9D:8A:3F:3F:AA:63:94:40:08:89:2D:1E:70:37:EB:B1:9C Certificate issuer: /CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Certificate serial: 28B84707C9F532BB648896F590BAA6DE791CFBA1 Authority key identifier: DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3430303a3a2f34302d3430203d3e20313339393439.roa Signing time: Sat 20 Sep 2025 20:00:01 +0000 ROA not before: Sat 20 Sep 2025 19:55:01 +0000 ROA not after: Sat 19 Sep 2026 20:00:01 +0000 asID: 139949 IP address blocks: 2405:aac0:400::/40 maxlen: 40 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 08:44:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:b8:47:07:c9:f5:32:bb:64:88:96:f5:90:ba:a6:de:79:1c:fb:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Validity Not Before: Sep 20 19:55:01 2025 GMT Not After : Sep 19 20:00:01 2026 GMT Subject: CN=A9BA7F9D8A3F3FAA63944008892D1E7037EBB19C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:7e:5f:70:38:88:f2:9d:24:ca:73:64:e7:04: 93:38:a8:ee:5f:31:63:da:17:ba:79:8e:0d:08:6a: 52:dd:52:88:64:0f:d9:40:40:03:b1:67:36:8f:78: ef:99:33:cb:7c:08:2e:7f:16:3e:aa:60:5e:bf:e1: d1:d3:13:b3:db:3f:8a:f1:22:99:66:eb:71:61:4f: ce:a2:40:23:25:ce:04:2d:6c:c8:da:08:0b:53:b9: 29:a1:19:1a:48:0c:a9:10:8a:2d:67:ea:cb:2d:e2: 19:ea:22:c3:ba:6e:d8:1d:91:22:bb:44:bd:a2:05: f5:dd:78:c8:81:5d:68:ce:9a:af:21:0c:b7:82:f7: eb:13:84:4c:7f:c1:8a:cc:ac:45:86:55:11:97:57: 0a:52:d5:04:25:68:94:eb:58:1f:95:ef:fb:89:d2: 1c:02:c8:73:81:10:88:02:f4:af:3c:9a:62:29:53: 2a:8b:73:24:7e:9a:91:6f:4c:a0:e4:e2:79:f2:a0: 03:86:42:20:b8:69:61:2e:18:7f:f0:0a:e6:33:f0: e8:69:94:8a:58:ed:4a:ea:42:df:d9:42:1b:81:9f: 7c:6a:78:38:7a:3f:dc:0e:ce:7c:94:bb:51:18:e2: ee:20:f9:a7:03:92:99:c6:0e:e9:c4:01:2a:eb:de: 01:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:BA:7F:9D:8A:3F:3F:AA:63:94:40:08:89:2D:1E:70:37:EB:B1:9C X509v3 Authority Key Identifier: keyid:DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3430303a3a2f34302d3430203d3e20313339393439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:aac0:400::/40 Signature Algorithm: sha256WithRSAEncryption 66:99:56:c1:a3:fe:78:1e:2e:6c:02:b3:96:5d:89:b2:b0:42: 6d:cd:0b:25:d9:29:4f:27:7c:5a:86:89:36:81:b2:fe:ed:41: 92:06:6e:0e:51:47:da:8c:ba:ae:5b:3a:8f:55:1f:8e:cb:92: 1a:7e:24:39:1a:45:97:9d:f8:bc:71:f2:46:8f:8a:a8:6e:d1: 7f:62:b3:85:6e:02:e0:6c:51:7a:5b:fd:ac:22:ee:21:f3:23: 37:91:ba:3b:d9:2f:39:e0:d5:14:0f:13:38:ab:4f:33:c0:5d: 20:dc:91:d5:c6:f6:e1:26:f1:fb:74:a1:31:a9:73:f1:04:04: 01:7d:ac:9b:06:d1:a1:ae:e5:6d:9d:11:c8:07:b1:15:4a:d1: 0f:c8:ec:cd:ed:87:00:f7:7d:d0:52:9b:0f:69:b5:53:17:42: 2b:7d:5a:d5:30:8d:db:b4:f5:6c:30:56:d9:9b:6c:a8:8d:7d: e6:5c:3b:fa:f3:cd:88:41:ca:66:86:17:a6:ad:f4:5d:a0:cf: 2d:1e:8e:32:5b:6b:f8:c0:c2:16:9b:8e:6c:79:94:de:de:62: a5:8b:ce:f8:fa:ab:ad:69:18:fd:3e:2c:7e:fd:41:04:a2:22: eb:1e:f2:31:0e:5b:59:c2:92:c8:47:cb:6b:1c:c9:7f:e3:a1: 67:fc:37:57 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUKLhHB8n1MrtkiJb1kLqm3nkc+6EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAx NjRGRTVDRjAeFw0yNTA5MjAxOTU1MDFaFw0yNjA5MTkyMDAwMDFaMDMxMTAvBgNV BAMTKEE5QkE3RjlEOEEzRjNGQUE2Mzk0NDAwODg5MkQxRTcwMzdFQkIxOUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2fl9wOIjynSTKc2TnBJM4qO5f MWPaF7p5jg0IalLdUohkD9lAQAOxZzaPeO+ZM8t8CC5/Fj6qYF6/4dHTE7PbP4rx Iplm63FhT86iQCMlzgQtbMjaCAtTuSmhGRpIDKkQii1n6sst4hnqIsO6btgdkSK7 RL2iBfXdeMiBXWjOmq8hDLeC9+sThEx/wYrMrEWGVRGXVwpS1QQlaJTrWB+V7/uJ 0hwCyHOBEIgC9K88mmIpUyqLcyR+mpFvTKDk4nnyoAOGQiC4aWEuGH/wCuYz8Ohp lIpY7UrqQt/ZQhuBn3xqeDh6P9wOznyUu1EY4u4g+acDkpnGDunEASrr3gGDAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUqbp/nYo/P6pjlEAIiS0ecDfrsZwwHwYDVR0j BBgwFoAU2odmqQhRrkTXa4Vj2DWG8BZP5c8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZGVkYzAzMy1jZDRkLTQ2MjAtOTM3Mi1lNmUwMzlmYzA2YjkvMC9EQTg3NjZBOTA4 NTFBRTQ0RDc2Qjg1NjNEODM1ODZGMDE2NEZFNUNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAxNjRG RTVDRi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkZWRjMDMzLWNkNGQtNDYyMC05 MzcyLWU2ZTAzOWZjMDZiOS8wLzMyMzQzMDM1M2E2MTYxNjMzMDNhMzQzMDMwM2Ez YTJmMzQzMDJkMzQzMDIwM2QzZTIwMzEzMzM5MzkzNDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAJAWq wAQwDQYJKoZIhvcNAQELBQADggEBAGaZVsGj/ngeLmwCs5ZdibKwQm3NCyXZKU8n fFqGiTaBsv7tQZIGbg5RR9qMuq5bOo9VH47Lkhp+JDkaRZed+Lxx8kaPiqhu0X9i s4VuAuBsUXpb/awi7iHzIzeRujvZLzng1RQPEzirTzPAXSDckdXG9uEm8ft0oTGp c/EEBAF9rJsG0aGu5W2dEcgHsRVK0Q/I7M3thwD3fdBSmw9ptVMXQit9WtUwjdu0 9WwwVtmbbKiNfeZcO/rzzYhBymaGF6at9F2gzy0ejjJba/jAwhabjmx5lN7eYqWL zvj6q61pGP0+LH79QQSiIuse8jEOW1nCkshHy2scyX/joWf8N1c= -----END CERTIFICATE-----Generated at Mon Oct 20 10:47:30 2025 by rpki-client