$ rpki-client -vvf repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a35343a3a2f34362d3436203d3e20313331373336.roa File: 323430343a326363303a35343a3a2f34362d3436203d3e20313331373336.roa (raw, json) Hash identifier: Al1Cb9gaat4a2Ee45ZJPgZJcZy5w/2h4JhkpuSVxWBg= Subject key identifier: 2C:7D:2D:2D:8F:F4:A5:49:EC:1E:B7:54:1B:44:6B:5F:4C:21:7C:4A Certificate issuer: /CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Certificate serial: 20F8B4DFCBA71295A5F00194FD93E4AE90525E39 Authority key identifier: DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a35343a3a2f34362d3436203d3e20313331373336.roa Signing time: Fri 06 Mar 2026 14:54:47 +0000 ROA not before: Fri 06 Mar 2026 14:49:47 +0000 ROA not after: Fri 05 Mar 2027 14:54:47 +0000 asID: 131736 IP address blocks: 2404:2cc0:54::/46 maxlen: 46 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 07:29:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:f8:b4:df:cb:a7:12:95:a5:f0:01:94:fd:93:e4:ae:90:52:5e:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A Validity Not Before: Mar 6 14:49:47 2026 GMT Not After : Mar 5 14:54:47 2027 GMT Subject: CN=2C7D2D2D8FF4A549EC1EB7541B446B5F4C217C4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:04:ff:62:82:e0:b5:f2:7b:29:6e:a7:e3:db: 5f:df:d3:f5:ca:89:5d:0a:35:c8:4c:4c:7d:d3:23: b8:59:68:91:ad:ad:5d:82:50:47:c3:91:39:55:32: 81:f6:1a:76:48:cd:59:f0:17:17:63:29:ac:39:ff: e4:8b:e0:01:5c:09:b8:95:f6:35:76:23:a0:d4:f8: 97:4f:73:d6:67:40:43:b6:4f:df:d2:cf:a9:37:d7: be:00:64:ae:4c:9d:f7:09:6b:99:d4:a4:41:13:ba: d3:e9:a9:06:1f:ed:45:1d:f6:3b:ae:b4:e1:6e:70: ae:13:39:43:0d:34:59:dc:29:8d:ba:bb:3e:7a:40: 50:12:aa:3d:fc:d1:57:a6:35:b6:45:6f:a8:9b:90: bd:6a:48:0f:5c:fc:b5:3d:68:b0:3e:45:73:88:91: 1d:3c:9a:bb:f0:b6:b6:78:18:cc:39:2b:2c:81:f5: a8:e3:18:4f:99:8f:83:71:88:c7:3e:60:64:25:ba: 65:fa:70:55:72:c6:5e:ab:5a:42:b7:16:c0:6f:37: 19:d1:7d:54:ba:06:0f:d6:4b:0f:de:19:26:6e:a1: 4b:85:92:c6:e1:2f:fa:f9:c2:98:7e:c4:bd:f5:55: e8:29:02:1c:fb:b0:a0:9d:dd:fd:56:3a:53:3a:f3: 24:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:7D:2D:2D:8F:F4:A5:49:EC:1E:B7:54:1B:44:6B:5F:4C:21:7C:4A X509v3 Authority Key Identifier: keyid:DF:8E:F2:99:4C:B5:42:09:F2:C2:A3:9A:7B:CE:7D:A0:D9:C3:4E:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DF8EF2994CB54209F2C2A39A7BCE7DA0D9C34E4A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/925cda36-693a-4c1a-ba9e-e0e178112140/0/323430343a326363303a35343a3a2f34362d3436203d3e20313331373336.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:2cc0:54::/46 Signature Algorithm: sha256WithRSAEncryption 9f:da:d7:72:fc:fd:67:88:71:7e:4a:7a:21:39:84:1a:56:e7: d9:85:20:10:29:2f:22:1c:c5:ae:9f:cd:6b:bc:11:be:83:d2: 8f:28:b1:fd:d1:be:92:13:4e:ff:e9:88:fc:b7:68:af:d6:47: 6d:2a:c2:b8:a5:bb:fb:c5:c0:79:f3:f8:40:88:9f:d6:52:7f: 9d:30:91:65:da:ba:f8:61:74:f1:de:78:e9:ea:98:f8:e6:e1: 4d:55:8f:73:96:fc:82:30:5e:f4:58:fc:05:88:f7:d1:12:bb: dd:f1:0b:48:48:80:83:63:4d:0f:dc:2a:33:cf:ec:87:0d:b0: 7e:a8:5e:08:10:e0:e7:c4:04:5f:e9:34:2a:0c:91:3e:44:3c: 8e:ab:e1:96:d3:1c:b7:64:3b:04:37:28:43:1c:08:ed:a2:f6: dc:5a:b3:59:f8:ce:55:60:6e:72:59:cb:4b:cf:41:7f:53:c0: c1:de:79:72:60:25:7c:85:64:26:1f:37:1b:5c:14:3b:e1:f2: 64:05:d8:99:93:53:50:ed:44:fa:0c:99:40:57:d2:72:58:cc: a1:84:21:c5:97:ef:fe:32:18:e1:dc:d0:ff:27:a5:df:ec:e0: a7:58:01:2d:03:93:c0:fe:99:53:c8:9a:7e:c3:5a:f8:ae:22: 0a:12:6e:56 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUIPi038unEpWl8AGU/ZPkrpBSXjkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBE OUMzNEU0QTAeFw0yNjAzMDYxNDQ5NDdaFw0yNzAzMDUxNDU0NDdaMDMxMTAvBgNV BAMTKDJDN0QyRDJEOEZGNEE1NDlFQzFFQjc1NDFCNDQ2QjVGNEMyMTdDNEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcBP9iguC18nspbqfj21/f0/XK iV0KNchMTH3TI7hZaJGtrV2CUEfDkTlVMoH2GnZIzVnwFxdjKaw5/+SL4AFcCbiV 9jV2I6DU+JdPc9ZnQEO2T9/Sz6k3174AZK5MnfcJa5nUpEETutPpqQYf7UUd9juu tOFucK4TOUMNNFncKY26uz56QFASqj380VemNbZFb6ibkL1qSA9c/LU9aLA+RXOI kR08mrvwtrZ4GMw5KyyB9ajjGE+Zj4NxiMc+YGQlumX6cFVyxl6rWkK3FsBvNxnR fVS6Bg/WSw/eGSZuoUuFksbhL/r5wph+xL31VegpAhz7sKCd3f1WOlM68yTZAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQULH0tLY/0pUnsHrdUG0RrX0whfEowHwYDVR0j BBgwFoAU347ymUy1QgnywqOae859oNnDTkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 MjVjZGEzNi02OTNhLTRjMWEtYmE5ZS1lMGUxNzgxMTIxNDAvMC9ERjhFRjI5OTRD QjU0MjA5RjJDMkEzOUE3QkNFN0RBMEQ5QzM0RTRBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREY4RUYyOTk0Q0I1NDIwOUYyQzJBMzlBN0JDRTdEQTBEOUMz NEU0QS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkyNWNkYTM2LTY5M2EtNGMxYS1i YTllLWUwZTE3ODExMjE0MC8wLzMyMzQzMDM0M2EzMjYzNjMzMDNhMzUzNDNhM2Ey ZjM0MzYyZDM0MzYyMDNkM2UyMDMxMzMzMTM3MzMzNi5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAiQELMAA VDANBgkqhkiG9w0BAQsFAAOCAQEAn9rXcvz9Z4hxfkp6ITmEGlbn2YUgECkvIhzF rp/Na7wRvoPSjyix/dG+khNO/+mI/Ldor9ZHbSrCuKW7+8XAefP4QIif1lJ/nTCR Zdq6+GF08d546eqY+ObhTVWPc5b8gjBe9Fj8BYj30RK73fELSEiAg2NND9wqM8/s hw2wfqheCBDg58QEX+k0KgyRPkQ8jqvhltMct2Q7BDcoQxwI7aL23FqzWfjOVWBu clnLS89Bf1PAwd55cmAlfIVkJh83G1wUO+HyZAXYmZNTUO1E+gyZQFfScljMoYQh xZfv/jIY4dzQ/yel3+zgp1gBLQOTwP6ZU8iafsNa+K4iChJuVg== -----END CERTIFICATE-----Generated at Thu Mar 26 21:27:59 2026 by rpki-client