$ rpki-client -vvf repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/323430313a383434303a3233313a3a2f34382d3438203d3e20313336313331.roa File: 323430313a383434303a3233313a3a2f34382d3438203d3e20313336313331.roa (raw, json) Hash identifier: rEf6YjuFCaTZqlCkAFbC2RNVpcLc80nNFxOAo8YH62o= Subject key identifier: A4:B2:65:C2:CC:91:CE:7D:08:DC:AC:8C:5A:C7:FE:E2:24:17:A7:0D Certificate issuer: /CN=7D64B8F4CFB687141137D10F9E73FFD0BAB93F67 Certificate serial: 635C4C2620146ACFE213842EF1AA8AED6E614ABF Authority key identifier: 7D:64:B8:F4:CF:B6:87:14:11:37:D1:0F:9E:73:FF:D0:BA:B9:3F:67 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.cer Subject info access: rsync://repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/323430313a383434303a3233313a3a2f34382d3438203d3e20313336313331.roa Signing time: Wed 18 Mar 2026 11:00:01 +0000 ROA not before: Wed 18 Mar 2026 10:55:01 +0000 ROA not after: Wed 17 Mar 2027 11:00:01 +0000 asID: 136131 IP address blocks: 2401:8440:231::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.crl rsync://repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 18:43:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:5c:4c:26:20:14:6a:cf:e2:13:84:2e:f1:aa:8a:ed:6e:61:4a:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7D64B8F4CFB687141137D10F9E73FFD0BAB93F67 Validity Not Before: Mar 18 10:55:01 2026 GMT Not After : Mar 17 11:00:01 2027 GMT Subject: CN=A4B265C2CC91CE7D08DCAC8C5AC7FEE22417A70D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:46:63:11:71:5b:82:a1:06:e3:58:0a:fd:4f: bd:70:cf:bf:ce:9e:35:f0:7f:22:af:82:0d:c7:b5: 85:06:fc:4a:e7:87:34:d4:24:e8:c1:fb:92:5d:1b: e6:8f:d7:69:22:34:c1:77:02:1e:4e:cb:fa:19:4f: bf:4d:ea:7b:8e:72:69:4a:97:70:f0:54:b2:18:c2: 9e:1a:48:6f:c7:73:41:fa:5f:db:f8:50:ec:52:b5: 87:4f:03:b7:27:f9:bb:a3:08:a8:80:35:f7:57:94: 83:99:18:45:68:3b:30:9d:7f:76:d6:cc:66:62:e0: e4:42:1c:28:d8:68:88:d7:31:cc:c1:9d:ae:ac:7c: a2:74:1e:9f:f9:5c:3c:6a:06:2f:3d:3f:92:c8:bb: d4:ef:c4:d8:bd:b7:e1:2a:37:3f:23:75:d5:18:0e: 3c:42:2b:71:7d:cd:ef:35:fb:3f:57:ff:d9:b8:08: 18:f8:11:6c:fd:6c:c5:b0:bc:ad:e9:c0:1e:cb:d7: 2e:d9:e7:14:31:62:b2:6f:53:07:ef:0b:45:54:4f: b9:d1:dc:8f:3b:d7:9c:ba:af:2c:67:e4:e5:47:6d: 6a:7b:89:f4:8f:08:b8:4a:4c:f3:4e:ff:b5:9d:f3: bf:60:96:e4:7e:85:c1:0f:b3:79:12:ef:d7:09:31: ce:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:B2:65:C2:CC:91:CE:7D:08:DC:AC:8C:5A:C7:FE:E2:24:17:A7:0D X509v3 Authority Key Identifier: keyid:7D:64:B8:F4:CF:B6:87:14:11:37:D1:0F:9E:73:FF:D0:BA:B9:3F:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7D64B8F4CFB687141137D10F9E73FFD0BAB93F67.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/957b0d7e-eade-4318-ab20-8c7f2d5be69f/0/323430313a383434303a3233313a3a2f34382d3438203d3e20313336313331.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:8440:231::/48 Signature Algorithm: sha256WithRSAEncryption 98:14:fb:41:8e:28:19:94:0c:87:84:6e:ea:4c:98:31:aa:dd: 80:0f:ae:27:ee:19:b1:89:e4:6f:dd:9a:95:1b:7d:04:74:ad: 5e:a1:b6:ec:57:4c:cb:fa:49:28:0f:b9:e5:b5:1c:98:bb:7e: 65:20:ee:09:df:a5:93:f3:1b:b3:c3:73:ec:76:3b:56:7e:5e: 9e:b9:a2:ef:f5:6b:b7:46:4e:2f:b0:18:3c:a0:21:5e:48:e1: f1:56:c1:cc:46:af:f5:51:be:14:57:59:e2:6f:d5:14:a4:4c: 89:5d:fd:e3:9a:5c:1d:55:72:17:10:20:91:dc:0d:e0:ec:2c: 58:cb:3b:12:a1:78:47:a2:64:b0:82:a4:11:4d:9b:95:fe:89: c0:8e:fa:3e:3c:cd:ab:2c:ae:e8:8a:7a:c7:ad:a7:33:4a:38: 8d:09:b3:08:5e:05:ac:21:9d:0a:94:ff:05:0d:b7:2f:5b:35: 26:c1:33:4e:3e:8b:d5:e2:f8:93:12:bd:8f:7d:3d:68:f2:f8: cb:ba:bb:89:fd:8a:6a:f5:24:f5:da:47:53:4f:25:ce:49:78: f1:5c:a5:b1:8a:72:e8:e9:3d:1c:80:30:d3:2e:89:90:b2:83: bc:2a:a6:c3:67:82:47:6c:99:a0:9c:0d:86:b7:19:15:e9:42: e4:4a:f9:10 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUY1xMJiAUas/iE4Qu8aqK7W5hSr8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0Q2NEI4RjRDRkI2ODcxNDExMzdEMTBGOUU3M0ZGRDBC QUI5M0Y2NzAeFw0yNjAzMTgxMDU1MDFaFw0yNzAzMTcxMTAwMDFaMDMxMTAvBgNV BAMTKEE0QjI2NUMyQ0M5MUNFN0QwOERDQUM4QzVBQzdGRUUyMjQxN0E3MEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwRmMRcVuCoQbjWAr9T71wz7/O njXwfyKvgg3HtYUG/ErnhzTUJOjB+5JdG+aP12kiNMF3Ah5Oy/oZT79N6nuOcmlK l3DwVLIYwp4aSG/Hc0H6X9v4UOxStYdPA7cn+bujCKiANfdXlIOZGEVoOzCdf3bW zGZi4ORCHCjYaIjXMczBna6sfKJ0Hp/5XDxqBi89P5LIu9TvxNi9t+EqNz8jddUY DjxCK3F9ze81+z9X/9m4CBj4EWz9bMWwvK3pwB7L1y7Z5xQxYrJvUwfvC0VUT7nR 3I8715y6ryxn5OVHbWp7ifSPCLhKTPNO/7Wd879gluR+hcEPs3kS79cJMc5bAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUpLJlwsyRzn0I3KyMWsf+4iQXpw0wHwYDVR0j BBgwFoAUfWS49M+2hxQRN9EPnnP/0Lq5P2cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NTdiMGQ3ZS1lYWRlLTQzMTgtYWIyMC04YzdmMmQ1YmU2OWYvMC83RDY0QjhGNENG QjY4NzE0MTEzN0QxMEY5RTczRkZEMEJBQjkzRjY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvN0Q2NEI4RjRDRkI2ODcxNDExMzdEMTBGOUU3M0ZGRDBCQUI5 M0Y2Ny5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk1N2IwZDdlLWVhZGUtNDMxOC1h YjIwLThjN2YyZDViZTY5Zi8wLzMyMzQzMDMxM2EzODM0MzQzMDNhMzIzMzMxM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM2MzEzMzMxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAGE QAIxMA0GCSqGSIb3DQEBCwUAA4IBAQCYFPtBjigZlAyHhG7qTJgxqt2AD64n7hmx ieRv3ZqVG30EdK1eobbsV0zL+kkoD7nltRyYu35lIO4J36WT8xuzw3PsdjtWfl6e uaLv9Wu3Rk4vsBg8oCFeSOHxVsHMRq/1Ub4UV1nib9UUpEyJXf3jmlwdVXIXECCR 3A3g7CxYyzsSoXhHomSwgqQRTZuV/onAjvo+PM2rLK7oinrHraczSjiNCbMIXgWs IZ0KlP8FDbcvWzUmwTNOPovV4viTEr2PfT1o8vjLuruJ/Ypq9ST12kdTTyXOSXjx XKWxinLo6T0cgDDTLomQsoO8KqbDZ4JHbJmgnA2GtxkV6ULkSvkQ -----END CERTIFICATE-----Generated at Thu Mar 26 17:11:37 2026 by rpki-client