$ rpki-client -vvf repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa File: 323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa (raw, json) Hash identifier: ylDWnunXe+P0sSpHe2ems7WUQ+PsguFxQzvub0cWxiw= Subject key identifier: 67:D1:10:36:DD:B9:74:D2:00:B8:E9:57:80:69:D0:E9:4E:B5:A2:5C Certificate issuer: /CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Certificate serial: 1E642B088759BCCE99798C6930BB36BB4B5429B9 Authority key identifier: CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa Signing time: Sun 19 Oct 2025 15:00:01 +0000 ROA not before: Sun 19 Oct 2025 14:55:01 +0000 ROA not after: Sun 18 Oct 2026 15:00:01 +0000 asID: 139399 IP address blocks: 2001:df0:f700::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 19:45:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:64:2b:08:87:59:bc:ce:99:79:8c:69:30:bb:36:bb:4b:54:29:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C Validity Not Before: Oct 19 14:55:01 2025 GMT Not After : Oct 18 15:00:01 2026 GMT Subject: CN=67D11036DDB974D200B8E9578069D0E94EB5A25C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:e9:03:7b:e7:47:02:37:b8:5d:cc:0d:bb:91: 70:a9:c8:d1:a3:f1:e7:79:52:f0:b8:18:26:d1:d3: 01:24:4a:a6:99:e8:0e:39:8a:c9:ab:c6:9e:fb:a9: 33:15:6b:17:9f:31:37:d5:fc:c9:67:05:3c:12:96: ed:e5:dc:f8:3b:21:74:fc:c4:96:d9:b7:bf:7e:f3: d7:bf:f8:04:d0:e1:a2:ed:10:bf:ab:58:99:62:f9: da:87:71:48:c8:fc:42:4a:5b:bc:a8:74:c9:69:03: aa:c0:25:79:fa:d2:c9:b3:2b:c0:5b:10:bd:6f:a5: c4:18:46:2c:7d:5a:fa:f1:c9:b8:6a:d0:44:97:1d: 8a:75:27:cb:8e:0e:e6:e2:5f:4e:cd:b7:ad:4b:40: 57:aa:e9:d4:01:11:a6:3c:af:cf:d4:ad:c4:9d:11: 2a:b9:9c:c7:31:e4:ce:1e:e7:48:f9:7f:5d:f3:fa: 1e:ad:d1:a0:02:f4:7e:88:d5:65:9c:b6:2d:1d:a9: f8:7b:ca:4c:df:06:e8:a6:fa:e0:e1:6c:99:7e:13: 2f:c9:02:6e:e7:4b:07:75:9d:f5:f5:72:49:c6:6a: a5:20:85:81:ea:b8:e9:cb:5e:49:ed:64:b4:c7:37: 4c:f0:d6:34:63:69:ff:d4:7e:8f:58:35:65:55:41: 97:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:D1:10:36:DD:B9:74:D2:00:B8:E9:57:80:69:D0:E9:4E:B5:A2:5C X509v3 Authority Key Identifier: keyid:CA:70:4F:78:5E:A5:8B:3F:65:9E:6E:3C:8F:71:E2:D4:CF:D7:E2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA704F785EA58B3F659E6E3C8F71E2D4CFD7E26C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4421985b-a0e6-4e05-bef6-fe6f5a6e2f43/0/323030313a6466303a663730303a3a2f34382d3438203d3e20313339333939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df0:f700::/48 Signature Algorithm: sha256WithRSAEncryption 79:d7:ce:b3:f9:e7:e7:9b:b5:46:db:68:95:b9:d7:05:ae:ab: 26:b7:fa:ed:2b:24:e4:f1:fd:83:47:b1:a6:d0:2c:e5:c8:8c: 51:52:8b:65:01:4e:f2:e1:a3:ac:51:ab:cb:13:64:ca:8a:b2: fc:d5:e6:55:6a:36:34:16:ed:f8:8c:cc:37:ab:33:fa:bc:66: f0:94:c0:05:da:f1:25:2f:82:f8:78:36:78:e6:10:09:da:a8: 36:60:1f:3a:24:40:a9:5d:26:1d:2b:c1:e0:76:f4:06:50:36: 6f:50:70:38:cf:ee:31:53:fc:18:06:5e:9a:72:32:8d:50:44: 92:57:e8:7b:37:ba:7f:52:ff:f3:4c:ff:77:2c:65:04:86:0b: 0c:f2:16:f9:6f:24:7c:24:4d:d4:1a:1c:27:73:2f:ee:c0:78: 2e:b0:1e:53:67:b7:4f:88:13:c3:c6:b4:11:c9:5f:e8:76:20: d7:f9:6e:60:16:8c:7d:b9:53:d7:d0:58:66:06:3c:ee:b4:9c: 8b:84:90:39:b9:af:e6:a5:9f:27:ec:dc:15:6c:06:ba:90:cf: 4f:e5:7d:ce:97:60:b8:ed:44:2a:70:15:ed:4d:3f:57:01:fa: 62:da:50:90:d9:4c:35:63:39:17:bb:18:83:a6:a0:42:54:70: 3e:81:76:74 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUHmQrCIdZvM6ZeYxpMLs2u0tUKbkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRD RkQ3RTI2QzAeFw0yNTEwMTkxNDU1MDFaFw0yNjEwMTgxNTAwMDFaMDMxMTAvBgNV BAMTKDY3RDExMDM2RERCOTc0RDIwMEI4RTk1NzgwNjlEMEU5NEVCNUEyNUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDy6QN750cCN7hdzA27kXCpyNGj 8ed5UvC4GCbR0wEkSqaZ6A45ismrxp77qTMVaxefMTfV/MlnBTwSlu3l3Pg7IXT8 xJbZt79+89e/+ATQ4aLtEL+rWJli+dqHcUjI/EJKW7yodMlpA6rAJXn60smzK8Bb EL1vpcQYRix9Wvrxybhq0ESXHYp1J8uODubiX07Nt61LQFeq6dQBEaY8r8/UrcSd ESq5nMcx5M4e50j5f13z+h6t0aAC9H6I1WWcti0dqfh7ykzfBuim+uDhbJl+Ey/J Am7nSwd1nfX1cknGaqUghYHquOnLXkntZLTHN0zw1jRjaf/Ufo9YNWVVQZcJAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUZ9EQNt25dNIAuOlXgGnQ6U61olwwHwYDVR0j BBgwFoAUynBPeF6liz9lnm48j3Hi1M/X4mwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 NDIxOTg1Yi1hMGU2LTRlMDUtYmVmNi1mZTZmNWE2ZTJmNDMvMC9DQTcwNEY3ODVF QTU4QjNGNjU5RTZFM0M4RjcxRTJENENGRDdFMjZDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQ0E3MDRGNzg1RUE1OEIzRjY1OUU2RTNDOEY3MUUyRDRDRkQ3 RTI2Qy5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ0MjE5ODViLWEwZTYtNGUwNS1i ZWY2LWZlNmY1YTZlMmY0My8wLzMyMzAzMDMxM2E2NDY2MzAzYTY2MzczMDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM5MzMzOTM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8PcAMA0GCSqGSIb3DQEBCwUAA4IBAQB5186z+efnm7VG22iVudcFrqsmt/rtKyTk 8f2DR7Gm0CzlyIxRUotlAU7y4aOsUavLE2TKirL81eZVajY0Fu34jMw3qzP6vGbw lMAF2vElL4L4eDZ45hAJ2qg2YB86JECpXSYdK8HgdvQGUDZvUHA4z+4xU/wYBl6a cjKNUESSV+h7N7p/Uv/zTP93LGUEhgsM8hb5byR8JE3UGhwncy/uwHgusB5TZ7dP iBPDxrQRyV/odiDX+W5gFox9uVPX0FhmBjzutJyLhJA5ua/mpZ8n7NwVbAa6kM9P 5X3Ol2C47UQqcBXtTT9XAfpi2lCQ2Uw1YzkXuxiDpqBCVHA+gXZ0 -----END CERTIFICATE-----Generated at Mon Oct 20 15:33:22 2025 by rpki-client