$ rpki-client -vvf repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34303a3a2f34362d3436203d3e20313331373336.roa File: 323430343a326363303a34303a3a2f34362d3436203d3e20313331373336.roa (raw, json) Hash identifier: DmGOYbuQJFJ+kIRoU6OMH6WN9WshNxuiM0M3zqkQV6U= Subject key identifier: 34:8E:08:F3:F2:86:4B:CA:09:5C:49:73:D0:3C:4C:71:AD:B2:BA:A3 Certificate issuer: /CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Certificate serial: 2791BD3D9E34C21D11182FF0DBF87BE820D26BEA Authority key identifier: DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34303a3a2f34362d3436203d3e20313331373336.roa Signing time: Fri 06 Mar 2026 14:52:37 +0000 ROA not before: Fri 06 Mar 2026 14:47:37 +0000 ROA not after: Fri 05 Mar 2027 14:52:37 +0000 asID: 131736 IP address blocks: 2404:2cc0:40::/46 maxlen: 46 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 07:29:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:91:bd:3d:9e:34:c2:1d:11:18:2f:f0:db:f8:7b:e8:20:d2:6b:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Validity Not Before: Mar 6 14:47:37 2026 GMT Not After : Mar 5 14:52:37 2027 GMT Subject: CN=348E08F3F2864BCA095C4973D03C4C71ADB2BAA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:86:d6:e6:74:c1:9b:c2:d4:84:7b:60:67:fa: aa:56:ee:b9:a9:b2:56:86:27:9f:ef:7e:b1:00:f5: c9:1c:43:27:4b:8b:2f:12:9c:1a:c4:3c:1f:c2:e4: 6f:5b:86:e6:94:46:c4:1a:99:c6:67:40:90:2a:53: 68:95:4f:7c:37:5c:45:b8:bd:92:e1:14:e9:2e:19: d4:97:54:bb:f0:58:a9:0c:a3:c2:02:85:98:0f:98: 38:69:fc:b5:d4:8f:af:72:84:ab:22:f5:7c:bf:a9: 95:68:55:7b:ed:53:47:c1:04:64:3f:79:e8:0d:95: dd:09:0a:52:0c:50:3c:c5:2b:c0:f5:f8:b5:df:45: cb:25:f7:88:11:bc:46:0d:79:06:22:d4:c1:27:d6: 56:70:2a:1e:e7:33:63:d8:88:3f:73:0f:f5:2f:1a: 37:9f:97:b2:ab:fb:eb:62:ea:7c:ca:49:0a:e9:13: 41:d6:96:bd:a1:18:c1:6a:a4:d8:06:4a:9f:f9:36: 8f:a6:09:82:c6:6b:29:d6:cb:d7:ba:c3:7d:f7:a0: 99:62:77:93:0f:de:0e:41:c3:67:7e:8b:99:cb:f3: 3a:20:3c:ec:55:57:37:4d:fa:c7:cc:1d:8a:28:27: cf:b2:0f:4c:1e:68:9c:26:a0:30:84:ad:05:4e:26: 46:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:8E:08:F3:F2:86:4B:CA:09:5C:49:73:D0:3C:4C:71:AD:B2:BA:A3 X509v3 Authority Key Identifier: keyid:DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34303a3a2f34362d3436203d3e20313331373336.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:2cc0:40::/46 Signature Algorithm: sha256WithRSAEncryption 5a:d0:5f:cf:f6:f8:ed:09:94:b5:a0:01:51:f4:ff:1c:82:8f: ec:6c:29:b7:fe:ea:27:e6:b4:e9:9b:d4:93:8c:89:6d:f5:ae: 31:6f:36:15:ea:ce:9f:58:2d:27:1f:1d:1b:64:1b:93:24:fa: 3d:88:ec:48:a7:94:84:7b:b9:59:b2:8b:d4:99:ce:3c:1f:a6: 97:82:96:ca:a8:f1:57:db:8a:3d:14:6d:bd:b6:3b:05:db:5c: 1e:bb:db:9a:1e:f2:e1:a1:b4:58:83:29:00:04:c6:a0:ce:cd: a1:de:2c:ec:a4:a3:52:e2:8e:3b:45:7f:c5:6f:de:c3:8e:56: b6:d5:ce:44:29:c1:2a:85:84:44:6f:be:ab:27:49:49:e8:58: 4c:c4:ba:6b:95:a7:8e:92:f3:58:cd:6a:b8:06:13:17:24:0d: 59:b6:3f:d2:c6:52:3f:05:64:05:b0:a7:6a:35:bf:ea:e0:fa: cc:df:91:93:96:cf:3c:72:75:80:d4:ba:2c:75:46:ce:c1:7f: 9e:d1:77:ed:5e:9b:5a:94:46:34:5e:70:fc:d8:4a:f8:29:a2: 3e:09:67:b1:4b:32:60:ab:aa:c5:bf:64:9e:16:b3:65:ea:d1: 60:9c:d8:70:d9:b9:c6:00:74:5d:b2:3f:65:32:2d:a5:00:fc: 17:e4:45:cd -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUJ5G9PZ40wh0RGC/w2/h76CDSa+owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBE OUMzNEU0QTAeFw0yNjAzMDYxNDQ3MzdaFw0yNzAzMDUxNDUyMzdaMDMxMTAvBgNV BAMTKDM0OEUwOEYzRjI4NjRCQ0EwOTVDNDk3M0QwM0M0QzcxQURCMkJBQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBhtbmdMGbwtSEe2Bn+qpW7rmp slaGJ5/vfrEA9ckcQydLiy8SnBrEPB/C5G9bhuaURsQamcZnQJAqU2iVT3w3XEW4 vZLhFOkuGdSXVLvwWKkMo8IChZgPmDhp/LXUj69yhKsi9Xy/qZVoVXvtU0fBBGQ/ eegNld0JClIMUDzFK8D1+LXfRcsl94gRvEYNeQYi1MEn1lZwKh7nM2PYiD9zD/Uv Gjefl7Kr++ti6nzKSQrpE0HWlr2hGMFqpNgGSp/5No+mCYLGaynWy9e6w333oJli d5MP3g5Bw2d+i5nL8zogPOxVVzdN+sfMHYooJ8+yD0weaJwmoDCErQVOJkZfAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUNI4I8/KGS8oJXElz0DxMca2yuqMwHwYDVR0j BBgwFoAU347ymUy1QgnywqOae859oNnDTkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MjVjZGEzNi02OTNhLTRjMWEtYmE5ZS1lMGUxNzgxMTIxNDAvMC9ERjhFRjI5OTRD QjU0MjA5RjJDMkEzOUE3QkNFN0RBMEQ5QzM0RTRBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBEOUMz NEU0QS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkyNWNkYTM2LTY5M2EtNGMxYS1i YTllLWUwZTE3ODExMjE0MC8wLzMyMzQzMDM0M2EzMjYzNjMzMDNhMzQzMDNhM2Ey ZjM0MzYyZDM0MzYyMDNkM2UyMDMxMzMzMTM3MzMzNi5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiQELMAA QDANBgkqhkiG9w0BAQsFAAOCAQEAWtBfz/b47QmUtaABUfT/HIKP7Gwpt/7qJ+a0 6ZvUk4yJbfWuMW82FerOn1gtJx8dG2QbkyT6PYjsSKeUhHu5WbKL1JnOPB+ml4KW yqjxV9uKPRRtvbY7BdtcHrvbmh7y4aG0WIMpAATGoM7Nod4s7KSjUuKOO0V/xW/e w45WttXORCnBKoWERG++qydJSehYTMS6a5WnjpLzWM1quAYTFyQNWbY/0sZSPwVk BbCnajW/6uD6zN+Rk5bPPHJ1gNS6LHVGzsF/ntF37V6bWpRGNF5w/NhK+CmiPgln sUsyYKuqxb9knhazZerRYJzYcNm5xgB0XbI/ZTItpQD8F+RFzQ== -----END CERTIFICATE-----Generated at Thu Mar 26 23:01:12 2026 by rpki-client