$ rpki-client -vvf repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/323430313a616530303a3a2f33322d3438203d3e203338373533.roa File: 323430313a616530303a3a2f33322d3438203d3e203338373533.roa (raw, json) Hash identifier: r2tM11CkA2+KnMeY8FHfYzCrXaFuevx9K115bLTbcyE= Subject key identifier: 0D:9B:C6:72:0D:BD:2E:9D:FA:30:5C:C2:0D:A2:1C:ED:88:89:0F:93 Certificate issuer: /CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14 Certificate serial: 0C2BF902617DF4A9D784B34885390D663B8296BC Authority key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/323430313a616530303a3a2f33322d3438203d3e203338373533.roa Signing time: Wed 24 Sep 2025 07:00:01 +0000 ROA not before: Wed 24 Sep 2025 06:55:01 +0000 ROA not after: Wed 23 Sep 2026 07:00:01 +0000 asID: 38753 IP address blocks: 2401:ae00::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 09:53:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:2b:f9:02:61:7d:f4:a9:d7:84:b3:48:85:39:0d:66:3b:82:96:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14 Validity Not Before: Sep 24 06:55:01 2025 GMT Not After : Sep 23 07:00:01 2026 GMT Subject: CN=0D9BC6720DBD2E9DFA305CC20DA21CED88890F93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:1e:63:c1:72:02:a1:67:77:cb:9a:85:08:85: cb:86:8a:9d:12:15:cf:27:18:34:09:88:e3:48:68: 74:0f:ba:cf:61:a2:a3:a2:01:ad:b5:5a:3e:7a:a0: 12:8d:bf:ca:d0:62:dc:17:e9:90:bb:1e:11:89:fe: c0:e8:84:57:12:58:a5:b1:fc:ea:7c:f3:ad:5d:c1: c5:db:49:7d:66:b0:f8:25:ca:fd:93:4a:78:0b:1e: 99:20:e2:58:bb:d0:b4:d8:81:e8:9e:0b:b0:97:87: d1:0d:1e:ad:62:ae:2d:eb:54:ef:4a:9f:1b:34:5e: 86:57:bf:83:25:96:eb:49:f6:9f:7f:30:03:e5:ed: 52:bd:3e:84:f3:1c:4a:90:8c:54:1b:2c:39:e7:6d: 66:93:a9:b6:0e:54:8f:8f:41:10:be:a8:de:92:65: 79:08:a0:d2:81:93:bd:c1:8b:92:fe:c5:98:d8:ce: a7:4d:12:8f:8e:4c:d6:5a:70:77:92:17:e2:94:27: ae:92:22:a4:53:f9:02:c9:af:a5:6d:cd:1e:e7:01: c6:71:96:99:cc:03:6c:79:ab:eb:40:d5:5f:c6:7e: 7b:84:ad:17:da:38:52:e9:61:02:e5:f6:72:38:6f: 59:5f:cd:2b:0c:9a:bd:5f:5c:c4:a5:1c:68:d6:da: 05:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:9B:C6:72:0D:BD:2E:9D:FA:30:5C:C2:0D:A2:1C:ED:88:89:0F:93 X509v3 Authority Key Identifier: keyid:11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/323430313a616530303a3a2f33322d3438203d3e203338373533.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:ae00::/32 Signature Algorithm: sha256WithRSAEncryption 5f:39:a8:3f:a6:9d:46:ee:ec:1c:a5:a6:aa:b8:c4:0b:f1:3d: 69:4f:1c:0c:4b:a8:f6:1e:fc:e7:e8:83:aa:35:f4:b3:5c:3a: 9e:11:7b:1d:a9:16:63:68:53:e0:eb:ae:05:95:77:08:02:98: c8:42:9d:71:05:a7:cf:c6:52:19:10:c0:3e:01:ac:86:65:29: 4c:52:69:36:0f:38:33:a9:a4:36:26:9b:1b:07:70:7a:f3:12: b6:aa:48:bf:51:f2:e5:ca:4a:63:1d:b4:67:ff:c8:aa:89:78: 68:59:a2:0f:93:c0:f6:ec:af:27:93:c0:32:b7:67:6b:c7:60: fa:b6:7c:b2:b7:db:f8:2e:d0:c6:32:18:24:c5:72:2d:4c:d5: b8:87:8e:1a:61:de:c1:83:b8:c5:4c:2e:35:5f:3e:94:68:10: 73:8a:d0:dc:26:c1:b4:d5:2d:fd:3e:32:4c:5b:db:d1:62:84: 7c:25:e3:ed:d7:37:4d:1b:09:42:73:e9:37:5e:14:f7:30:29: bd:22:2b:b1:27:78:22:78:a9:69:2c:2b:70:67:72:31:da:fb: 46:e0:37:ae:52:e4:90:2f:fc:18:9e:85:f8:ab:1a:da:b3:b0: 3a:ae:43:3a:d1:5b:91:69:15:8c:31:83:5d:aa:cd:39:39:de: 71:dc:52:b5 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgIUDCv5AmF99KnXhLNIhTkNZjuClrwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2 OERGNkUxNDAeFw0yNTA5MjQwNjU1MDFaFw0yNjA5MjMwNzAwMDFaMDMxMTAvBgNV BAMTKDBEOUJDNjcyMERCRDJFOURGQTMwNUNDMjBEQTIxQ0VEODg4OTBGOTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeHmPBcgKhZ3fLmoUIhcuGip0S Fc8nGDQJiONIaHQPus9hoqOiAa21Wj56oBKNv8rQYtwX6ZC7HhGJ/sDohFcSWKWx /Op8861dwcXbSX1msPglyv2TSngLHpkg4li70LTYgeieC7CXh9ENHq1iri3rVO9K nxs0XoZXv4MllutJ9p9/MAPl7VK9PoTzHEqQjFQbLDnnbWaTqbYOVI+PQRC+qN6S ZXkIoNKBk73Bi5L+xZjYzqdNEo+OTNZacHeSF+KUJ66SIqRT+QLJr6VtzR7nAcZx lpnMA2x5q+tA1V/GfnuErRfaOFLpYQLl9nI4b1lfzSsMmr1fXMSlHGjW2gWtAgMB AAGjggIxMIICLTAdBgNVHQ4EFgQUDZvGcg29Lp36MFzCDaIc7YiJD5MwHwYDVR0j BBgwFoAUEcm6KFNLpEmZtLpdaw8o5WjfbhQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMC8xMUM5QkEyODUz NEJBNDQ5OTlCNEJBNUQ2QjBGMjhFNTY4REY2RTE0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2OERG NkUxNC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EwNmI2NjczLTQ3YTEtNDVlNS1i NmMyLTQyYWI4YjQ3NjI0OS8wLzMyMzQzMDMxM2E2MTY1MzAzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMzMzgzNzM1MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAa4AMA0GCSqGSIb3 DQEBCwUAA4IBAQBfOag/pp1G7uwcpaaquMQL8T1pTxwMS6j2Hvzn6IOqNfSzXDqe EXsdqRZjaFPg664FlXcIApjIQp1xBafPxlIZEMA+AayGZSlMUmk2DzgzqaQ2Jpsb B3B68xK2qki/UfLlykpjHbRn/8iqiXhoWaIPk8D27K8nk8Ayt2drx2D6tnyyt9v4 LtDGMhgkxXItTNW4h44aYd7Bg7jFTC41Xz6UaBBzitDcJsG01S39PjJMW9vRYoR8 JePt1zdNGwlCc+k3XhT3MCm9IiuxJ3gieKlpLCtwZ3Ix2vtG4DeuUuSQL/wYnoX4 qxras7A6rkM60VuRaRWMMYNdqs05Od5x3FK1 -----END CERTIFICATE-----Generated at Tue Oct 21 02:21:25 2025 by rpki-client