$ rpki-client -vvf repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/323430313a626663303a3a2f33322d3332203d3e20313336383430.roa File: 323430313a626663303a3a2f33322d3332203d3e20313336383430.roa (raw, json) Hash identifier: OD6ds+KTm//KkPIe0CnHbGgyxy24D56HEq7afLGbIc8= Subject key identifier: FA:89:46:18:CD:9B:90:50:22:90:72:C5:8F:A4:52:6B:DA:69:28:13 Certificate issuer: /CN=F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3 Certificate serial: 4979CAF07CC41E5543E902D183B58E0063C65D7A Authority key identifier: F3:F9:AB:30:AC:2C:50:B3:ED:F7:C9:1C:45:31:CC:9A:EE:9C:9D:A3 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/323430313a626663303a3a2f33322d3332203d3e20313336383430.roa Signing time: Mon 02 Jun 2025 02:04:38 +0000 ROA not before: Mon 02 Jun 2025 01:59:38 +0000 ROA not after: Mon 01 Jun 2026 02:04:38 +0000 asID: 136840 IP address blocks: 2401:bfc0::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.crl rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 03:26:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:79:ca:f0:7c:c4:1e:55:43:e9:02:d1:83:b5:8e:00:63:c6:5d:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3 Validity Not Before: Jun 2 01:59:38 2025 GMT Not After : Jun 1 02:04:38 2026 GMT Subject: CN=FA894618CD9B9050229072C58FA4526BDA692813 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:37:d2:21:24:8e:46:8c:26:b7:ae:06:f5:84: 43:61:69:13:db:73:51:cc:54:87:39:95:fb:ac:65: 28:bf:e6:74:6a:ad:22:13:69:3a:df:2b:8e:e7:d1: 40:48:9e:70:25:03:4c:de:af:c4:e3:da:64:bc:9d: b6:5c:3a:6f:e9:ff:6d:7c:28:a4:d4:f1:00:37:58: 24:3c:f2:45:85:73:61:ad:eb:18:43:08:b3:19:53: 07:3c:78:a2:c5:44:01:db:32:a3:a6:ec:0b:44:44: 3d:ac:cd:56:32:74:9a:68:0c:1e:33:fd:fc:e6:43: e6:ad:0e:7c:b5:34:65:58:6e:ad:bc:5e:e0:90:dc: 6e:a7:06:65:86:26:fb:31:ec:c7:c6:24:e7:e4:01: 88:61:9e:98:4f:a9:c0:ae:3b:26:ab:29:f4:48:3e: 26:ad:d3:17:42:58:4b:b3:2c:bb:a3:72:89:06:66: 4d:66:e3:71:89:e8:0f:c5:c5:67:b0:c0:37:39:3e: 20:c9:24:9c:0c:4d:f8:6a:66:ff:1c:ed:cc:82:2b: b3:27:cc:7e:7c:75:77:c3:fd:8e:cf:35:1c:25:a1: ac:17:e4:e8:92:89:6f:fa:ee:ee:58:ce:52:ab:fe: e4:5d:18:5e:1c:ba:c8:8c:2a:8f:21:76:ea:14:14: d9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:89:46:18:CD:9B:90:50:22:90:72:C5:8F:A4:52:6B:DA:69:28:13 X509v3 Authority Key Identifier: keyid:F3:F9:AB:30:AC:2C:50:B3:ED:F7:C9:1C:45:31:CC:9A:EE:9C:9D:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/323430313a626663303a3a2f33322d3332203d3e20313336383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:bfc0::/32 Signature Algorithm: sha256WithRSAEncryption 52:16:33:31:fe:2d:23:01:93:af:49:80:7e:2d:a5:d7:eb:da: 9a:ee:f2:64:7b:45:46:c0:cc:de:a3:ec:03:e7:ca:e5:4c:c6: c4:f1:2d:5a:2f:3c:ab:57:4c:f6:aa:9e:09:a7:f3:8e:ac:e2: 74:4c:2d:4d:60:3d:24:6f:12:b8:e4:78:9c:26:69:0f:bb:39: be:12:62:1b:72:11:1d:bb:08:f3:37:2b:46:31:a4:cf:9e:ee: b5:d2:0c:f3:f2:16:43:3e:77:ff:d4:fe:9b:1d:bf:55:1a:8f: 85:cb:23:0b:ed:1b:a1:09:5b:3c:12:f5:92:ac:ad:16:0d:5a: c5:f4:d0:db:5a:0f:0d:7b:3a:e4:8d:61:13:d0:1f:f3:53:17: d5:80:3d:47:5e:1c:d3:a3:b6:c0:63:b3:bc:06:a1:a6:02:76: e4:03:7b:0d:2b:28:63:b8:51:49:ee:af:d2:c9:5e:19:f9:b2: 33:35:ca:0d:2f:e4:b7:f3:80:4e:ae:00:c7:b0:ae:8c:a2:68: 04:23:4a:a4:c6:af:bd:31:f2:25:12:29:df:1a:e4:b5:de:1c: cc:17:33:9c:ea:ac:fc:59:66:53:e1:2a:c4:02:34:1f:ac:32: 3b:4a:68:fd:83:20:76:33:c8:9e:13:78:58:69:a6:53:b1:fd: 30:e0:58:68 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUSXnK8HzEHlVD6QLRg7WOAGPGXXowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjNGOUFCMzBBQzJDNTBCM0VERjdDOTFDNDUzMUNDOUFF RTlDOURBMzAeFw0yNTA2MDIwMTU5MzhaFw0yNjA2MDEwMjA0MzhaMDMxMTAvBgNV BAMTKEZBODk0NjE4Q0Q5QjkwNTAyMjkwNzJDNThGQTQ1MjZCREE2OTI4MTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaN9IhJI5GjCa3rgb1hENhaRPb c1HMVIc5lfusZSi/5nRqrSITaTrfK47n0UBInnAlA0zer8Tj2mS8nbZcOm/p/218 KKTU8QA3WCQ88kWFc2Gt6xhDCLMZUwc8eKLFRAHbMqOm7AtERD2szVYydJpoDB4z /fzmQ+atDny1NGVYbq28XuCQ3G6nBmWGJvsx7MfGJOfkAYhhnphPqcCuOyarKfRI Piat0xdCWEuzLLujcokGZk1m43GJ6A/FxWewwDc5PiDJJJwMTfhqZv8c7cyCK7Mn zH58dXfD/Y7PNRwloawX5OiSiW/67u5YzlKr/uRdGF4cusiMKo8hduoUFNlLAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU+olGGM2bkFAikHLFj6RSa9ppKBMwHwYDVR0j BBgwFoAU8/mrMKwsULPt98kcRTHMmu6cnaMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZWYwODkwMC1mMmM2LTRkMDctYjY5NC1kMTg4YmFhM2I4ZjIvMC9GM0Y5QUIzMEFD MkM1MEIzRURGN0M5MUM0NTMxQ0M5QUVFOUM5REEzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjNGOUFCMzBBQzJDNTBCM0VERjdDOTFDNDUzMUNDOUFFRTlD OURBMy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVlZjA4OTAwLWYyYzYtNGQwNy1i Njk0LWQxODhiYWEzYjhmMi8wLzMyMzQzMDMxM2E2MjY2NjMzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzMzNjM4MzQzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQBv8AwDQYJKoZI hvcNAQELBQADggEBAFIWMzH+LSMBk69JgH4tpdfr2pru8mR7RUbAzN6j7APnyuVM xsTxLVovPKtXTPaqngmn846s4nRMLU1gPSRvErjkeJwmaQ+7Ob4SYhtyER27CPM3 K0YxpM+e7rXSDPPyFkM+d//U/psdv1Uaj4XLIwvtG6EJWzwS9ZKsrRYNWsX00Nta Dw17OuSNYRPQH/NTF9WAPUdeHNOjtsBjs7wGoaYCduQDew0rKGO4UUnur9LJXhn5 sjM1yg0v5LfzgE6uAMewroyiaAQjSqTGr70x8iUSKd8a5LXeHMwXM5zqrPxZZlPh KsQCNB+sMjtKaP2DIHYzyJ4TeFhpplOx/TDgWGg= -----END CERTIFICATE-----Generated at Tue Jul 1 14:05:23 2025 by rpki-client