$ rpki-client -vvf repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34343a3a2f34362d3436203d3e20313331373336.roa File: 323430343a326363303a34343a3a2f34362d3436203d3e20313331373336.roa (raw, json) Hash identifier: 6fH1E2XiN11R45YeiVi/qasA6bheKToWNvCZcYmCi5U= Subject key identifier: 8C:E5:54:9B:A7:0F:5D:A9:67:1A:D3:FE:78:AC:27:CA:14:A9:CB:28 Certificate issuer: /CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Certificate serial: 397CD15CEEDA97504159AE33660ECE29F3208D2B Authority key identifier: DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34343a3a2f34362d3436203d3e20313331373336.roa Signing time: Fri 06 Mar 2026 14:53:12 +0000 ROA not before: Fri 06 Mar 2026 14:48:12 +0000 ROA not after: Fri 05 Mar 2027 14:53:12 +0000 asID: 131736 IP address blocks: 2404:2cc0:44::/46 maxlen: 46 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 07:29:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:7c:d1:5c:ee:da:97:50:41:59:ae:33:66:0e:ce:29:f3:20:8d:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Validity Not Before: Mar 6 14:48:12 2026 GMT Not After : Mar 5 14:53:12 2027 GMT Subject: CN=8CE5549BA70F5DA9671AD3FE78AC27CA14A9CB28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:96:90:a8:27:1d:09:8b:68:66:d1:ff:fe:32: d3:ef:b2:b8:da:54:7c:e9:0d:94:0c:be:fe:9b:b0: 57:b4:51:f9:b4:78:16:a4:a7:26:59:03:59:6d:6d: 1a:bb:45:3c:84:9b:6c:7f:22:d8:93:16:3b:10:2d: 59:a7:91:2b:23:4e:ac:b2:d4:f9:ed:c8:14:ab:12: cd:05:29:bf:6f:84:2f:8f:df:b7:ab:a7:1f:16:85: bb:17:df:e5:2a:f3:e8:2b:49:cb:d1:50:b0:7e:39: 05:3d:da:fd:94:0b:e2:b1:e4:e5:4c:42:46:a6:52: a0:a5:08:32:1b:ba:fb:14:08:c5:b0:b4:34:d6:c4: 85:eb:16:75:ab:45:07:45:96:b7:b2:18:f3:9a:23: 31:a9:62:4e:c6:70:56:85:a9:26:53:02:2e:bd:4e: 8e:f1:6c:2c:72:f4:a4:2b:3b:53:da:e9:e8:26:3c: cb:28:b5:bf:db:da:fd:e2:42:21:3e:87:d0:3e:99: 6e:a9:24:b3:27:5f:68:2c:ca:5a:9b:6a:b4:60:a3: d9:c3:3b:8f:a4:22:8b:70:33:d7:93:fc:53:f1:90: 2d:83:2b:eb:d2:19:dc:62:44:2a:08:b6:d5:3f:7d: d0:9d:00:42:88:7c:7a:62:b1:f8:92:cc:91:93:43: 98:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:E5:54:9B:A7:0F:5D:A9:67:1A:D3:FE:78:AC:27:CA:14:A9:CB:28 X509v3 Authority Key Identifier: keyid:DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a34343a3a2f34362d3436203d3e20313331373336.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:2cc0:44::/46 Signature Algorithm: sha256WithRSAEncryption 19:3d:7e:ab:83:2b:16:1c:35:63:8c:9e:68:34:2c:22:60:1b: f2:db:a9:2d:95:98:47:5f:72:bf:d4:ae:08:40:57:ac:62:11: 89:00:dd:cd:b2:a5:55:cf:05:28:ab:d9:a7:d2:26:18:f3:9c: 25:dc:32:fb:aa:29:ae:ef:5d:ac:15:38:89:e3:98:63:aa:eb: 30:52:3e:5b:85:0f:05:49:51:27:76:f2:6c:7a:9b:1c:ab:16: f4:48:4a:1f:61:d8:2c:69:6e:c3:32:7f:cd:7b:95:f7:2d:9f: 55:de:eb:ba:0c:16:07:bf:cf:03:b4:1f:68:17:db:4d:fe:a0: 33:87:1b:00:72:af:c3:59:9d:33:51:b8:28:f8:50:d1:71:2c: 80:ab:46:1a:af:d0:bb:97:4a:6f:6e:b7:76:c7:0d:d6:f9:72: 78:d0:b5:92:84:46:c0:02:cc:d0:c7:a0:2e:c9:a4:a4:06:dd: 69:99:63:cd:47:16:41:8b:6a:59:4f:12:c4:9c:aa:09:46:a2: 85:1a:84:34:b1:a4:e8:ef:3a:56:69:bf:78:6c:16:57:59:31: 67:07:db:27:29:be:a8:d1:3d:c5:a1:43:81:0f:ff:0a:f4:b6: 7d:1b:9f:e8:41:e1:fa:bf:5d:78:58:e6:23:0d:03:7e:7d:91: de:8a:32:c8 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUOXzRXO7al1BBWa4zZg7OKfMgjSswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBE OUMzNEU0QTAeFw0yNjAzMDYxNDQ4MTJaFw0yNzAzMDUxNDUzMTJaMDMxMTAvBgNV BAMTKDhDRTU1NDlCQTcwRjVEQTk2NzFBRDNGRTc4QUMyN0NBMTRBOUNCMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYlpCoJx0Ji2hm0f/+MtPvsrja VHzpDZQMvv6bsFe0Ufm0eBakpyZZA1ltbRq7RTyEm2x/ItiTFjsQLVmnkSsjTqyy 1PntyBSrEs0FKb9vhC+P37erpx8WhbsX3+Uq8+grScvRULB+OQU92v2UC+Kx5OVM QkamUqClCDIbuvsUCMWwtDTWxIXrFnWrRQdFlreyGPOaIzGpYk7GcFaFqSZTAi69 To7xbCxy9KQrO1Pa6egmPMsotb/b2v3iQiE+h9A+mW6pJLMnX2gsylqbarRgo9nD O4+kIotwM9eT/FPxkC2DK+vSGdxiRCoIttU/fdCdAEKIfHpisfiSzJGTQ5jtAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUjOVUm6cPXalnGtP+eKwnyhSpyygwHwYDVR0j BBgwFoAU347ymUy1QgnywqOae859oNnDTkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MjVjZGEzNi02OTNhLTRjMWEtYmE5ZS1lMGUxNzgxMTIxNDAvMC9ERjhFRjI5OTRD QjU0MjA5RjJDMkEzOUE3QkNFN0RBMEQ5QzM0RTRBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBEOUMz NEU0QS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkyNWNkYTM2LTY5M2EtNGMxYS1i YTllLWUwZTE3ODExMjE0MC8wLzMyMzQzMDM0M2EzMjYzNjMzMDNhMzQzNDNhM2Ey ZjM0MzYyZDM0MzYyMDNkM2UyMDMxMzMzMTM3MzMzNi5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiQELMAA RDANBgkqhkiG9w0BAQsFAAOCAQEAGT1+q4MrFhw1Y4yeaDQsImAb8tupLZWYR19y v9SuCEBXrGIRiQDdzbKlVc8FKKvZp9ImGPOcJdwy+6opru9drBU4ieOYY6rrMFI+ W4UPBUlRJ3bybHqbHKsW9EhKH2HYLGluwzJ/zXuV9y2fVd7rugwWB7/PA7QfaBfb Tf6gM4cbAHKvw1mdM1G4KPhQ0XEsgKtGGq/Qu5dKb263dscN1vlyeNC1koRGwALM 0MegLsmkpAbdaZljzUcWQYtqWU8SxJyqCUaihRqENLGk6O86Vmm/eGwWV1kxZwfb Jym+qNE9xaFDgQ//CvS2fRuf6EHh+r9deFjmIw0Dfn2R3ooyyA== -----END CERTIFICATE-----Generated at Thu Mar 26 18:32:49 2026 by rpki-client