$ rpki-client -vvf repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/323030313a6466333a643334303a3a2f34382d3438203d3e20313532373439.roa File: 323030313a6466333a643334303a3a2f34382d3438203d3e20313532373439.roa (raw, json) Hash identifier: Y6M3Rf10ondFVRavAz+BHrKvcEeqI6mWIsztyFy7iY4= Subject key identifier: 31:AA:F5:A5:A0:EF:D6:CD:0C:AF:6A:4D:05:05:E5:4E:54:92:80:0C Certificate issuer: /CN=33D2F1EAE44634CCF2B028FDCA2A11513D83B42D Certificate serial: 29C4B5645CDD3F75A6665EB18E074FBC5BB9BD3E Authority key identifier: 33:D2:F1:EA:E4:46:34:CC:F2:B0:28:FD:CA:2A:11:51:3D:83:B4:2D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/323030313a6466333a643334303a3a2f34382d3438203d3e20313532373439.roa Signing time: Tue 24 Jun 2025 07:00:00 +0000 ROA not before: Tue 24 Jun 2025 06:55:00 +0000 ROA not after: Tue 23 Jun 2026 07:00:00 +0000 asID: 152749 IP address blocks: 2001:df3:d340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.crl rsync://repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 03:12:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c4:b5:64:5c:dd:3f:75:a6:66:5e:b1:8e:07:4f:bc:5b:b9:bd:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=33D2F1EAE44634CCF2B028FDCA2A11513D83B42D Validity Not Before: Jun 24 06:55:00 2025 GMT Not After : Jun 23 07:00:00 2026 GMT Subject: CN=31AAF5A5A0EFD6CD0CAF6A4D0505E54E5492800C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:11:37:0a:8b:90:8c:52:54:99:37:b7:ec:ae: a6:ea:32:1e:77:e2:20:2a:f5:4c:a1:b5:c9:ef:9d: 26:a0:1d:60:cd:2b:1b:bf:3f:28:2d:96:22:2b:51: 48:56:14:f9:7a:24:5e:0f:b0:41:0a:bd:64:4d:b1: 8a:fe:a4:b2:2c:20:a1:6e:99:e6:aa:00:2b:ec:2a: 44:2c:80:13:0b:b0:22:17:f1:03:be:d5:34:bd:c7: 70:b5:ea:17:18:c8:94:f1:24:0f:0e:7a:fc:e2:9b: 05:fc:b5:4d:01:a6:a1:5e:fa:cc:d8:e0:97:48:2c: 72:2e:ca:d4:0f:a8:21:c1:83:13:90:6b:5b:d9:1f: 3f:43:e0:cd:fa:37:44:ce:d7:b2:0e:00:6b:9f:87: 28:b7:4c:c7:5b:40:08:08:7b:32:71:ac:98:78:76: 96:64:26:34:c6:7f:21:26:4c:ac:62:a6:b6:cd:de: 86:aa:65:31:a3:41:a8:70:01:17:80:e0:62:90:1e: 60:02:05:34:c0:0c:2a:33:58:6f:27:3f:fa:ac:ee: c2:01:e8:89:f4:51:9f:ec:32:40:79:a2:b2:41:71: 4a:5a:9e:c7:5d:02:bd:42:bf:ed:b1:7f:b2:c9:07: 88:20:0c:f4:e3:4f:45:cc:75:63:66:c6:8b:91:42: af:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:AA:F5:A5:A0:EF:D6:CD:0C:AF:6A:4D:05:05:E5:4E:54:92:80:0C X509v3 Authority Key Identifier: keyid:33:D2:F1:EA:E4:46:34:CC:F2:B0:28:FD:CA:2A:11:51:3D:83:B4:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/33D2F1EAE44634CCF2B028FDCA2A11513D83B42D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9b733dcf-9f5e-4775-9ce7-9dd525b44b86/1/323030313a6466333a643334303a3a2f34382d3438203d3e20313532373439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d340::/48 Signature Algorithm: sha256WithRSAEncryption e3:1a:dc:b4:fe:57:24:44:64:c8:84:2c:c2:2c:fa:ee:6c:29: 3f:a6:8a:2c:93:cd:69:8f:ec:0e:52:b0:0c:7c:a6:fe:ad:77: 37:b5:36:4b:2e:b8:ba:a2:69:06:1f:7c:d5:4e:07:0b:bf:cf: 83:8b:62:71:92:ef:05:a3:43:27:49:c8:65:60:0a:86:e1:1d: e2:20:2a:7d:16:1e:4e:eb:9c:83:e8:b3:dc:05:95:74:96:3a: c5:97:b9:df:9f:a7:30:76:e6:fa:06:57:f1:55:62:8a:4b:b0: 18:0e:4c:0c:23:5b:08:1c:28:48:1f:7a:8d:a8:a2:9d:d9:cd: 05:81:68:d8:bd:8c:38:3d:c9:be:a1:60:38:c6:f0:50:a8:83: 27:ce:c1:5b:a6:36:a3:50:59:dc:0a:99:cd:ae:3b:63:39:a6: b9:5a:67:f6:2a:a1:be:62:d8:44:f4:35:10:a8:7d:13:02:6d: 58:e5:64:f9:35:e1:a2:7e:72:18:58:9b:76:e9:d0:a6:48:49: 17:f5:5b:1b:d0:9b:48:47:44:ee:c9:97:3f:5d:a1:cc:58:1f: 85:e1:39:c3:eb:1c:f2:15:d3:f6:0c:14:ef:73:1a:14:8e:a6: 76:71:b2:52:ae:f7:6b:a6:12:a0:62:ce:0b:89:7b:90:11:8f: 68:ec:28:f1 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUKcS1ZFzdP3WmZl6xjgdPvFu5vT4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzNEMkYxRUFFNDQ2MzRDQ0YyQjAyOEZEQ0EyQTExNTEz RDgzQjQyRDAeFw0yNTA2MjQwNjU1MDBaFw0yNjA2MjMwNzAwMDBaMDMxMTAvBgNV BAMTKDMxQUFGNUE1QTBFRkQ2Q0QwQ0FGNkE0RDA1MDVFNTRFNTQ5MjgwMEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhETcKi5CMUlSZN7fsrqbqMh53 4iAq9UyhtcnvnSagHWDNKxu/PygtliIrUUhWFPl6JF4PsEEKvWRNsYr+pLIsIKFu meaqACvsKkQsgBMLsCIX8QO+1TS9x3C16hcYyJTxJA8OevzimwX8tU0BpqFe+szY 4JdILHIuytQPqCHBgxOQa1vZHz9D4M36N0TO17IOAGufhyi3TMdbQAgIezJxrJh4 dpZkJjTGfyEmTKxiprbN3oaqZTGjQahwAReA4GKQHmACBTTADCozWG8nP/qs7sIB 6In0UZ/sMkB5orJBcUpansddAr1Cv+2xf7LJB4ggDPTjT0XMdWNmxouRQq/rAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUMar1paDv1s0Mr2pNBQXlTlSSgAwwHwYDVR0j BBgwFoAUM9Lx6uRGNMzysCj9yioRUT2DtC0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 YjczM2RjZi05ZjVlLTQ3NzUtOWNlNy05ZGQ1MjViNDRiODYvMS8zM0QyRjFFQUU0 NDYzNENDRjJCMDI4RkRDQTJBMTE1MTNEODNCNDJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMzNEMkYxRUFFNDQ2MzRDQ0YyQjAyOEZEQ0EyQTExNTEzRDgz QjQyRC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzliNzMzZGNmLTlmNWUtNDc3NS05 Y2U3LTlkZDUyNWI0NGI4Ni8xLzMyMzAzMDMxM2E2NDY2MzMzYTY0MzMzNDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMyMzczNDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 89NAMA0GCSqGSIb3DQEBCwUAA4IBAQDjGty0/lckRGTIhCzCLPrubCk/poosk81p j+wOUrAMfKb+rXc3tTZLLri6omkGH3zVTgcLv8+Di2Jxku8Fo0MnSchlYAqG4R3i ICp9Fh5O65yD6LPcBZV0ljrFl7nfn6cwdub6BlfxVWKKS7AYDkwMI1sIHChIH3qN qKKd2c0FgWjYvYw4Pcm+oWA4xvBQqIMnzsFbpjajUFncCpnNrjtjOaa5Wmf2KqG+ YthE9DUQqH0TAm1Y5WT5NeGifnIYWJt26dCmSEkX9Vsb0JtIR0TuyZc/XaHMWB+F 4TnD6xzyFdP2DBTvcxoUjqZ2cbJSrvdrphKgYs4LiXuQEY9o7Cjx -----END CERTIFICATE-----Generated at Tue Jul 1 16:01:03 2025 by rpki-client