$ rpki-client -vvf repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa File: 323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa (raw, json) Hash identifier: 82yOGmzbVqcCrn1bsvHBPAxt3dwBS7UeQFQIwikGg9M= Subject key identifier: 04:26:ED:42:86:81:8F:D0:0A:89:AD:78:4A:F0:34:11:0F:3C:0E:09 Certificate issuer: /CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Certificate serial: 4C9F99AE7919D1461B08D7EEE0BBB46D79CB3888 Authority key identifier: 74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa Signing time: Mon 23 Mar 2026 04:00:00 +0000 ROA not before: Mon 23 Mar 2026 03:55:00 +0000 ROA not after: Mon 22 Mar 2027 04:00:00 +0000 asID: 140443 IP address blocks: 2001:df3:3480::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 17:53:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:9f:99:ae:79:19:d1:46:1b:08:d7:ee:e0:bb:b4:6d:79:cb:38:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749E8F6C5F22D18A70B682F86C65ECD3EA27635C Validity Not Before: Mar 23 03:55:00 2026 GMT Not After : Mar 22 04:00:00 2027 GMT Subject: CN=0426ED4286818FD00A89AD784AF034110F3C0E09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:73:e9:ab:7a:ca:f5:69:35:0e:4d:00:9d:df: 6a:ee:3d:3d:49:4d:5d:cd:fe:a1:dd:f9:6d:38:57: ad:68:86:0c:8f:19:a0:bd:7a:ec:19:b9:10:27:d2: 52:72:75:78:56:48:12:97:da:3b:e9:6f:1b:78:a9: 78:a7:04:f1:7c:32:84:da:1e:23:09:7d:b5:fb:27: 31:4b:e4:06:7a:6f:31:6e:06:84:40:4e:a0:1f:3d: 0a:2e:7d:38:24:01:18:35:68:7f:61:4e:80:be:e7: 84:9b:f0:c1:c5:2d:9b:1c:c5:1b:a7:16:34:f0:bf: 8c:3e:9a:a6:4c:55:26:47:6e:38:15:a3:25:a2:4f: ef:db:a2:73:b7:9c:ea:ad:d6:d1:4e:d6:4f:6a:33: d4:fa:34:83:9b:64:13:71:71:1d:cd:06:6b:a2:48: 71:b8:9f:f3:2b:b5:92:85:72:9e:58:df:26:30:ff: 60:71:9b:53:14:75:06:e7:88:a8:a8:6f:4c:4e:97: 68:d2:2c:ff:64:bf:77:64:cc:bc:c6:a2:ba:ae:a7: f1:92:42:15:44:0b:c2:a9:e7:0b:da:e6:83:46:88: 7a:28:3b:79:b6:ee:f7:be:59:3b:92:a3:20:02:7d: 35:49:d4:58:84:5b:7f:bc:56:a7:22:31:03:15:5a: 22:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:26:ED:42:86:81:8F:D0:0A:89:AD:78:4A:F0:34:11:0F:3C:0E:09 X509v3 Authority Key Identifier: keyid:74:9E:8F:6C:5F:22:D1:8A:70:B6:82:F8:6C:65:EC:D3:EA:27:63:5C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/749E8F6C5F22D18A70B682F86C65ECD3EA27635C.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8ae8db38-63a8-413c-a9f6-cc223afa4a75/0/323030313a6466333a333438303a3a2f34382d3438203d3e20313430343433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:3480::/48 Signature Algorithm: sha256WithRSAEncryption 5c:93:cb:79:91:cd:37:8d:78:bd:38:8c:1d:db:68:6e:19:43: 4b:44:55:4c:33:4b:28:47:9c:f6:eb:84:66:c6:46:9e:ca:6b: 25:03:2d:ad:52:7b:39:0f:31:dc:ac:13:cd:2d:40:aa:e2:a3: 5a:8e:28:14:fb:93:4c:11:f0:50:b4:59:97:c9:ef:ba:8b:d6: bd:b2:37:bc:26:89:8e:fd:da:41:69:2e:43:e4:74:40:86:9c: 33:39:12:95:f6:81:87:cf:c4:9d:63:21:72:99:16:ca:11:1f: 08:28:3a:c2:27:10:06:93:ab:3e:aa:71:f2:6b:c4:5d:ae:8e: 62:03:d7:41:2b:96:9b:f7:97:ef:1d:5d:6a:e3:aa:76:d6:76: 5a:5a:ce:c5:7b:89:2c:8f:7f:02:c4:42:5b:60:cb:f9:10:57: 07:40:43:7b:1e:78:46:2e:a9:53:93:1c:b4:9f:50:46:8b:5e: 8b:1f:d4:73:b0:b9:4e:1f:af:12:0c:eb:c3:49:a0:2a:22:eb: 45:df:b5:4a:25:09:5a:56:4e:ee:22:bf:0a:78:17:09:71:2d: bd:c8:47:30:b8:b2:24:e2:57:71:a8:99:de:60:91:a6:26:9b: 9b:1f:0b:5e:dd:cc:ec:1e:f7:73:69:5b:4e:00:6b:78:10:68: 83:0a:22:64 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUTJ+ZrnkZ0UYbCNfu4Lu0bXnLOIgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNF QTI3NjM1QzAeFw0yNjAzMjMwMzU1MDBaFw0yNzAzMjIwNDAwMDBaMDMxMTAvBgNV BAMTKDA0MjZFRDQyODY4MThGRDAwQTg5QUQ3ODRBRjAzNDExMEYzQzBFMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMc+mresr1aTUOTQCd32ruPT1J TV3N/qHd+W04V61ohgyPGaC9euwZuRAn0lJydXhWSBKX2jvpbxt4qXinBPF8MoTa HiMJfbX7JzFL5AZ6bzFuBoRATqAfPQoufTgkARg1aH9hToC+54Sb8MHFLZscxRun FjTwv4w+mqZMVSZHbjgVoyWiT+/bonO3nOqt1tFO1k9qM9T6NIObZBNxcR3NBmui SHG4n/MrtZKFcp5Y3yYw/2Bxm1MUdQbniKiob0xOl2jSLP9kv3dkzLzGorqup/GS QhVEC8Kp5wva5oNGiHooO3m27ve+WTuSoyACfTVJ1FiEW3+8VqciMQMVWiJTAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUBCbtQoaBj9AKia14SvA0EQ88DgkwHwYDVR0j BBgwFoAUdJ6PbF8i0YpwtoL4bGXs0+onY1wwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 YWU4ZGIzOC02M2E4LTQxM2MtYTlmNi1jYzIyM2FmYTRhNzUvMC83NDlFOEY2QzVG MjJEMThBNzBCNjgyRjg2QzY1RUNEM0VBMjc2MzVDLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNzQ5RThGNkM1RjIyRDE4QTcwQjY4MkY4NkM2NUVDRDNFQTI3 NjM1Qy5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhhZThkYjM4LTYzYTgtNDEzYy1h OWY2LWNjMjIzYWZhNGE3NS8wLzMyMzAzMDMxM2E2NDY2MzMzYTMzMzQzODMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMwMzQzNDMzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8zSAMA0GCSqGSIb3DQEBCwUAA4IBAQBck8t5kc03jXi9OIwd22huGUNLRFVMM0so R5z264RmxkaeymslAy2tUns5DzHcrBPNLUCq4qNajigU+5NMEfBQtFmXye+6i9a9 sje8JomO/dpBaS5D5HRAhpwzORKV9oGHz8SdYyFymRbKER8IKDrCJxAGk6s+qnHy a8Rdro5iA9dBK5ab95fvHV1q46p21nZaWs7Fe4ksj38CxEJbYMv5EFcHQEN7HnhG LqlTkxy0n1BGi16LH9RzsLlOH68SDOvDSaAqIutF37VKJQlaVk7uIr8KeBcJcS29 yEcwuLIk4ldxqJneYJGmJpubHwte3czsHvdzaVtOAGt4EGiDCiJk -----END CERTIFICATE-----Generated at Thu Mar 26 19:47:46 2026 by rpki-client