$ rpki-client -vvf repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/323430343a3838303a31323a3a2f34382d3438203d3e203338373530.roa File: 323430343a3838303a31323a3a2f34382d3438203d3e203338373530.roa (raw, json) Hash identifier: S44Epk6JeUeZ5yWvR8asx7nMX9C6VHuBZKO5BYosW8I= Subject key identifier: B6:1E:DA:BA:1D:91:95:C7:93:44:2C:BC:A5:FD:53:BF:6A:49:41:0D Certificate issuer: /CN=D55BE8217A22212F977BD95B41F7C9EE9DE3201B Certificate serial: 5F4F380865E4A2315956B4B00E9F039DCA4C66AC Authority key identifier: D5:5B:E8:21:7A:22:21:2F:97:7B:D9:5B:41:F7:C9:EE:9D:E3:20:1B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/323430343a3838303a31323a3a2f34382d3438203d3e203338373530.roa Signing time: Thu 26 Mar 2026 04:33:17 +0000 ROA not before: Thu 26 Mar 2026 04:28:17 +0000 ROA not after: Thu 25 Mar 2027 04:33:17 +0000 asID: 38750 IP address blocks: 2404:880:12::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.crl rsync://repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 10:24:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:4f:38:08:65:e4:a2:31:59:56:b4:b0:0e:9f:03:9d:ca:4c:66:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D55BE8217A22212F977BD95B41F7C9EE9DE3201B Validity Not Before: Mar 26 04:28:17 2026 GMT Not After : Mar 25 04:33:17 2027 GMT Subject: CN=B61EDABA1D9195C793442CBCA5FD53BF6A49410D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:bd:f9:9d:e3:27:63:bf:fa:ae:47:1f:45:3b: 78:93:59:42:e0:25:78:56:91:08:53:39:6b:78:a1: 87:90:58:f1:a0:2c:ba:61:b4:c2:4f:a1:ae:41:09: e8:29:dc:ac:bf:a5:43:2f:c7:48:a8:bc:00:c5:75: e9:83:72:c1:5c:0c:55:93:f4:3f:a8:a8:57:cd:15: c7:fa:ff:bb:46:0b:2f:b8:19:29:88:b4:71:0b:e6: 9f:e8:79:6d:54:e6:58:da:43:02:d7:da:e0:b4:73: 7c:f7:f9:58:58:ab:c3:bb:3c:1f:fa:a1:13:1e:7e: 39:26:54:1e:cf:48:3b:ec:d2:c7:3d:87:b4:b0:72: 31:a5:fa:17:31:13:21:0f:20:18:01:a1:44:d2:c7: d0:e7:2b:81:f3:54:44:91:11:6d:65:3d:fe:85:ee: 4e:e7:38:6a:4e:24:80:06:0c:28:7f:8c:1f:91:bc: ed:32:49:ea:b8:1c:1e:59:58:0a:7e:3a:01:e5:e7: 27:7f:e3:95:0e:55:5e:7e:1e:f4:c7:b4:99:73:f5: 6d:66:75:e5:1f:30:72:74:98:e5:ca:2c:a6:18:27: 21:dc:ab:7a:51:22:54:1b:6e:4d:31:99:2f:f2:e1: 84:b2:78:2d:69:ff:21:6d:9f:91:29:f0:7b:a5:f7: 1c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:1E:DA:BA:1D:91:95:C7:93:44:2C:BC:A5:FD:53:BF:6A:49:41:0D X509v3 Authority Key Identifier: keyid:D5:5B:E8:21:7A:22:21:2F:97:7B:D9:5B:41:F7:C9:EE:9D:E3:20:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D55BE8217A22212F977BD95B41F7C9EE9DE3201B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/70f5cfdb-7987-4351-bc2e-66c24f49f440/0/323430343a3838303a31323a3a2f34382d3438203d3e203338373530.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:880:12::/48 Signature Algorithm: sha256WithRSAEncryption 72:7a:e8:d0:43:0d:ae:11:b2:35:2f:2e:b9:a0:a5:40:80:7b: a8:39:1c:ef:15:d6:41:78:d7:92:9f:2f:b9:d5:b9:d3:a5:8e: dd:26:d6:b3:e4:57:18:5b:c2:94:93:23:e2:c7:0c:3b:30:a3: 0b:71:eb:9f:a8:bc:e1:58:78:fe:99:23:e2:3d:bd:e1:77:60: 0d:18:32:21:0e:da:9a:c5:f3:6d:d7:89:3e:82:82:e8:54:79: 61:35:a9:96:1d:d3:e2:fa:1b:57:8a:d0:eb:c1:aa:f2:f9:c1: 22:4a:31:47:e2:e0:65:8f:29:47:a2:0c:5a:52:bf:b7:42:cf: 2a:6d:c2:76:f6:12:6d:cb:a9:f2:60:df:38:e9:72:9d:52:59: fd:63:7e:03:8b:27:bd:a2:31:af:eb:1f:11:c9:68:47:1e:97: 4a:8a:24:f2:0e:af:a6:54:31:9d:20:29:81:bc:17:21:01:8a: ab:9c:ef:3a:1a:40:97:9d:49:e6:8a:bc:9f:ed:2b:ff:ae:65: bf:d3:3c:78:03:df:67:11:c1:ab:88:34:42:a3:06:69:91:54: e1:c1:97:4e:36:da:d7:44:44:24:36:a5:7b:63:7a:a9:6d:6d: 43:9c:ee:b0:a5:eb:95:6e:46:c3:85:50:2b:ce:04:07:a1:8a: 91:9f:9a:d9 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUX084CGXkojFZVrSwDp8DncpMZqwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDU1QkU4MjE3QTIyMjEyRjk3N0JEOTVCNDFGN0M5RUU5 REUzMjAxQjAeFw0yNjAzMjYwNDI4MTdaFw0yNzAzMjUwNDMzMTdaMDMxMTAvBgNV BAMTKEI2MUVEQUJBMUQ5MTk1Qzc5MzQ0MkNCQ0E1RkQ1M0JGNkE0OTQxMEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuvfmd4ydjv/quRx9FO3iTWULg JXhWkQhTOWt4oYeQWPGgLLphtMJPoa5BCegp3Ky/pUMvx0iovADFdemDcsFcDFWT 9D+oqFfNFcf6/7tGCy+4GSmItHEL5p/oeW1U5ljaQwLX2uC0c3z3+VhYq8O7PB/6 oRMefjkmVB7PSDvs0sc9h7SwcjGl+hcxEyEPIBgBoUTSx9DnK4HzVESREW1lPf6F 7k7nOGpOJIAGDCh/jB+RvO0ySeq4HB5ZWAp+OgHl5yd/45UOVV5+HvTHtJlz9W1m deUfMHJ0mOXKLKYYJyHcq3pRIlQbbk0xmS/y4YSyeC1p/yFtn5Ep8Hul9xwfAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUth7auh2RlceTRCy8pf1Tv2pJQQ0wHwYDVR0j BBgwFoAU1VvoIXoiIS+Xe9lbQffJ7p3jIBswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 MGY1Y2ZkYi03OTg3LTQzNTEtYmMyZS02NmMyNGY0OWY0NDAvMC9ENTVCRTgyMTdB MjIyMTJGOTc3QkQ5NUI0MUY3QzlFRTlERTMyMDFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDU1QkU4MjE3QTIyMjEyRjk3N0JEOTVCNDFGN0M5RUU5REUz MjAxQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcwZjVjZmRiLTc5ODctNDM1MS1i YzJlLTY2YzI0ZjQ5ZjQ0MC8wLzMyMzQzMDM0M2EzODM4MzAzYTMxMzIzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzczNTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAQIgAASMA0G CSqGSIb3DQEBCwUAA4IBAQByeujQQw2uEbI1Ly65oKVAgHuoORzvFdZBeNeSny+5 1bnTpY7dJtaz5FcYW8KUkyPixww7MKMLceufqLzhWHj+mSPiPb3hd2ANGDIhDtqa xfNt14k+goLoVHlhNamWHdPi+htXitDrwary+cEiSjFH4uBljylHogxaUr+3Qs8q bcJ29hJty6nyYN846XKdUln9Y34Diye9ojGv6x8RyWhHHpdKiiTyDq+mVDGdICmB vBchAYqrnO86GkCXnUnmiryf7Sv/rmW/0zx4A99nEcGriDRCowZpkVThwZdONtrX REQkNqV7Y3qpbW1DnO6wpeuVbkbDhVArzgQHoYqRn5rZ -----END CERTIFICATE-----Generated at Thu Mar 26 15:48:21 2026 by rpki-client