$ rpki-client -vvf repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/323430313a646234303a3a2f33322d3332203d3e20313336383635.roa File: 323430313a646234303a3a2f33322d3332203d3e20313336383635.roa (raw, json) Hash identifier: UT/qgOwK8olv5pQQFj9edHID/ib1GBwuK0WKe6OXhBw= Subject key identifier: 9D:6F:4A:82:A1:3B:92:8E:F2:D4:E3:5E:E8:A6:57:58:84:C3:3B:25 Certificate issuer: /CN=08773191FBFC21A3C8615A3E36A2ACB187F63C25 Certificate serial: 36395A0E20C7D4836543B4E14F70222574E23FDD Authority key identifier: 08:77:31:91:FB:FC:21:A3:C8:61:5A:3E:36:A2:AC:B1:87:F6:3C:25 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/323430313a646234303a3a2f33322d3332203d3e20313336383635.roa Signing time: Sat 21 Mar 2026 06:00:01 +0000 ROA not before: Sat 21 Mar 2026 05:55:01 +0000 ROA not after: Sat 20 Mar 2027 06:00:01 +0000 asID: 136865 IP address blocks: 2401:db40::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.crl rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 00:41:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:39:5a:0e:20:c7:d4:83:65:43:b4:e1:4f:70:22:25:74:e2:3f:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08773191FBFC21A3C8615A3E36A2ACB187F63C25 Validity Not Before: Mar 21 05:55:01 2026 GMT Not After : Mar 20 06:00:01 2027 GMT Subject: CN=9D6F4A82A13B928EF2D4E35EE8A6575884C33B25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:dd:d5:c1:c3:1c:17:71:09:30:3e:12:d4:f5: da:38:3a:85:7d:4f:01:09:55:ce:59:a4:13:b3:02: 69:31:b6:23:57:62:ce:2f:b2:06:f5:dc:71:90:4f: 4c:79:a6:5f:16:a4:9b:4f:b2:58:26:32:ad:a4:ad: 09:83:83:68:e3:bf:b8:d1:90:28:27:b2:56:48:67: c9:be:d6:ee:97:c8:40:98:8e:6a:c0:28:ee:57:c6: e3:58:aa:db:f4:ab:aa:97:be:49:84:3f:8f:28:cf: 15:22:39:db:41:ad:7f:e2:b9:8e:3c:da:53:38:f3: 08:55:8d:7b:a3:c7:7a:6a:31:2d:15:2a:06:04:21: f0:c0:b7:24:83:8f:09:e0:ce:2e:fc:86:66:b6:92: 9e:cb:68:43:ed:d0:f0:76:bc:4f:f1:da:72:df:df: 2b:bb:43:5a:46:36:46:3a:58:69:51:b1:8d:08:f3: 4d:cb:b4:0a:59:45:48:f5:78:d6:a0:f4:28:89:ae: 9b:5c:ec:05:da:94:96:bc:c3:fb:4e:9d:90:42:a0: 17:a3:f7:bc:7d:39:b5:5f:22:75:95:76:28:ed:21: af:2d:77:41:a6:3d:f9:92:8e:1f:0f:4d:da:58:58: fd:df:c4:65:7d:87:80:45:5e:3d:52:2d:c1:68:8f: dd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:6F:4A:82:A1:3B:92:8E:F2:D4:E3:5E:E8:A6:57:58:84:C3:3B:25 X509v3 Authority Key Identifier: keyid:08:77:31:91:FB:FC:21:A3:C8:61:5A:3E:36:A2:AC:B1:87:F6:3C:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/08773191FBFC21A3C8615A3E36A2ACB187F63C25.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08773191FBFC21A3C8615A3E36A2ACB187F63C25.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5f86b12e-e574-426b-aa6b-4939e3b030ba/0/323430313a646234303a3a2f33322d3332203d3e20313336383635.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:db40::/32 Signature Algorithm: sha256WithRSAEncryption 17:54:71:0b:80:21:46:a0:80:30:6d:7c:9a:73:74:2b:ba:e0: 75:ca:ae:9a:fc:7f:4f:43:bc:8d:d5:ca:c7:1d:c6:69:5a:22: ac:e0:fe:25:38:4a:fb:8d:45:89:52:09:cc:4c:94:07:96:e8: 53:6d:da:6c:0f:19:db:3c:3b:f3:2b:a2:fb:bc:67:8b:d9:6c: c3:df:f4:3d:08:6c:82:b0:7e:9d:04:32:fc:4b:ba:ff:37:25: 92:4f:c9:5d:11:47:0e:6b:36:28:92:73:1f:61:62:b5:11:9d: f3:53:b0:1d:f0:2b:9b:1d:6b:b0:09:87:59:52:13:e6:01:18: 52:81:85:d5:fe:99:24:45:fe:86:c4:f7:23:7e:16:d8:fd:00: fc:b3:da:27:35:59:ba:27:69:6b:48:14:85:ac:4f:45:e2:61: 0d:50:b5:d3:91:e7:3a:23:0c:c7:38:0c:26:68:0e:03:ff:b6: 04:a4:2a:5d:f1:e1:cf:2c:a7:9b:32:05:6d:45:4b:57:31:a0: 73:82:5b:79:48:33:fa:db:e0:74:fd:0c:8d:5b:79:a9:f7:0d: 7c:0b:c9:b4:37:46:72:00:82:79:e9:55:86:4b:bb:2f:28:6f: 1a:27:70:35:5b:f5:0d:75:97:23:97:79:f3:a5:69:ad:11:ca: 9a:38:63:6d -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUNjlaDiDH1INlQ7ThT3AiJXTiP90wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg3NzMxOTFGQkZDMjFBM0M4NjE1QTNFMzZBMkFDQjE4 N0Y2M0MyNTAeFw0yNjAzMjEwNTU1MDFaFw0yNzAzMjAwNjAwMDFaMDMxMTAvBgNV BAMTKDlENkY0QTgyQTEzQjkyOEVGMkQ0RTM1RUU4QTY1NzU4ODRDMzNCMjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC63dXBwxwXcQkwPhLU9do4OoV9 TwEJVc5ZpBOzAmkxtiNXYs4vsgb13HGQT0x5pl8WpJtPslgmMq2krQmDg2jjv7jR kCgnslZIZ8m+1u6XyECYjmrAKO5XxuNYqtv0q6qXvkmEP48ozxUiOdtBrX/iuY48 2lM48whVjXujx3pqMS0VKgYEIfDAtySDjwngzi78hma2kp7LaEPt0PB2vE/x2nLf 3yu7Q1pGNkY6WGlRsY0I803LtApZRUj1eNag9CiJrptc7AXalJa8w/tOnZBCoBej 97x9ObVfInWVdijtIa8td0GmPfmSjh8PTdpYWP3fxGV9h4BFXj1SLcFoj91bAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUnW9KgqE7ko7y1ONe6KZXWITDOyUwHwYDVR0j BBgwFoAUCHcxkfv8IaPIYVo+NqKssYf2PCUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 Zjg2YjEyZS1lNTc0LTQyNmItYWE2Yi00OTM5ZTNiMDMwYmEvMC8wODc3MzE5MUZC RkMyMUEzQzg2MTVBM0UzNkEyQUNCMTg3RjYzQzI1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDg3NzMxOTFGQkZDMjFBM0M4NjE1QTNFMzZBMkFDQjE4N0Y2 M0MyNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmODZiMTJlLWU1NzQtNDI2Yi1h YTZiLTQ5MzllM2IwMzBiYS8wLzMyMzQzMDMxM2E2NDYyMzQzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzMzNjM4MzYzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQB20AwDQYJKoZI hvcNAQELBQADggEBABdUcQuAIUaggDBtfJpzdCu64HXKrpr8f09DvI3Vyscdxmla Iqzg/iU4SvuNRYlSCcxMlAeW6FNt2mwPGds8O/Mrovu8Z4vZbMPf9D0IbIKwfp0E MvxLuv83JZJPyV0RRw5rNiiScx9hYrURnfNTsB3wK5sda7AJh1lSE+YBGFKBhdX+ mSRF/obE9yN+Ftj9APyz2ic1WbonaWtIFIWsT0XiYQ1QtdOR5zojDMc4DCZoDgP/ tgSkKl3x4c8sp5syBW1FS1cxoHOCW3lIM/rb4HT9DI1bean3DXwLybQ3RnIAgnnp VYZLuy8obxoncDVb9Q11lyOXefOlaa0Rypo4Y20= -----END CERTIFICATE-----Generated at Thu Mar 26 21:58:31 2026 by rpki-client