$ rpki-client -vvf repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/323030313a6466313a373334303a3a2f34382d3438203d3e20313530323439.roa File: 323030313a6466313a373334303a3a2f34382d3438203d3e20313530323439.roa (raw, json) Hash identifier: eNkBoyVM5lmriR4TCktsibpcmvUKMiPu24PT3RZP9b8= Subject key identifier: 3A:D4:98:1C:3E:87:BA:96:60:09:82:33:7E:14:6B:D0:E5:DA:AE:EB Certificate issuer: /CN=968A6FAD637E47068D2FBC547FBF2C1C12F8C588 Certificate serial: 26C46ADF130CF57DBF11467EE162D869368AB4F3 Authority key identifier: 96:8A:6F:AD:63:7E:47:06:8D:2F:BC:54:7F:BF:2C:1C:12:F8:C5:88 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/323030313a6466313a373334303a3a2f34382d3438203d3e20313530323439.roa Signing time: Mon 11 Aug 2025 16:00:00 +0000 ROA not before: Mon 11 Aug 2025 15:55:00 +0000 ROA not after: Mon 10 Aug 2026 16:00:00 +0000 asID: 150249 IP address blocks: 2001:df1:7340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.crl rsync://repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 08:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:c4:6a:df:13:0c:f5:7d:bf:11:46:7e:e1:62:d8:69:36:8a:b4:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=968A6FAD637E47068D2FBC547FBF2C1C12F8C588 Validity Not Before: Aug 11 15:55:00 2025 GMT Not After : Aug 10 16:00:00 2026 GMT Subject: CN=3AD4981C3E87BA96600982337E146BD0E5DAAEEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:79:ec:56:8b:f4:fe:62:a2:53:42:b6:17:04: bf:bc:d2:3f:7e:66:a8:a0:04:b4:38:14:a0:e7:0f: 82:00:4e:d8:8c:f5:f8:0b:c0:80:7e:3d:ad:1e:b4: 5c:30:18:62:15:1c:d8:7d:a5:c4:01:b1:17:8d:1d: 6d:38:a3:5c:2e:82:ed:6f:b1:47:61:6a:f2:75:32: 7f:94:67:1d:80:48:91:23:75:46:24:78:33:b4:4d: 49:48:67:2c:07:2a:bb:d6:b6:dd:23:d8:35:57:40: 24:ec:6c:e2:a1:e0:db:76:0b:77:90:4d:3f:ea:f7: 42:83:0a:ff:fb:8a:52:bb:b0:86:e4:67:e6:4b:7e: 0d:a4:b8:ca:a3:89:78:ed:8a:f0:29:83:a8:aa:ec: 84:68:56:8e:34:65:be:d9:2e:16:b7:2b:fe:04:7c: f6:a3:eb:bb:2d:71:20:27:03:5c:01:df:95:35:01: 60:0f:1e:13:76:19:97:bb:0c:62:f8:ca:d0:86:83: 83:ca:1f:29:d3:ae:2a:33:42:9a:6e:8c:cf:d6:9b: e6:dd:b4:bd:15:29:b7:27:b4:bf:a3:b6:e6:79:dc: ee:3f:02:44:ac:71:7a:69:2a:31:6a:db:3d:4d:11: 8f:c6:77:1f:cf:78:aa:6a:09:a6:29:ba:c2:aa:50: 4d:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D4:98:1C:3E:87:BA:96:60:09:82:33:7E:14:6B:D0:E5:DA:AE:EB X509v3 Authority Key Identifier: keyid:96:8A:6F:AD:63:7E:47:06:8D:2F:BC:54:7F:BF:2C:1C:12:F8:C5:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/968A6FAD637E47068D2FBC547FBF2C1C12F8C588.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a39c5484-2e37-48f9-8eba-0af4ef62947d/0/323030313a6466313a373334303a3a2f34382d3438203d3e20313530323439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:7340::/48 Signature Algorithm: sha256WithRSAEncryption 37:17:a9:70:43:bf:dc:52:55:7e:ce:ff:37:1b:3e:b0:02:f2: 05:e8:38:0e:03:a2:9a:d8:18:a2:b1:92:90:fe:f3:c6:1f:67: 52:5a:0b:48:34:8a:37:c5:8a:62:70:56:48:87:13:05:d7:5c: 5a:c9:86:0b:0b:ff:50:08:ff:d2:87:58:db:55:05:7a:d2:0b: 7f:c3:3d:09:29:f3:f5:25:ce:5a:04:40:53:cb:81:d8:fa:35: e7:d4:8c:e6:c6:45:8e:41:9f:fe:d1:7b:59:2c:07:1e:c6:b0: bd:ca:88:9c:56:6e:d6:7d:90:8c:3d:b7:da:0a:af:f5:a7:89: c2:77:8b:85:85:a9:22:fd:e1:f1:40:58:40:da:ad:0c:3a:53: 76:75:69:9d:ab:49:6f:81:68:ee:57:59:1e:a7:02:ee:ec:fb: 4d:e9:61:ef:70:8c:4b:bd:ea:7f:6f:db:28:ae:b1:78:b0:3e: ba:d4:20:50:d2:99:a2:2a:59:6b:c2:ca:cf:2f:b4:24:ab:95: 06:ad:e3:e5:d1:5c:f5:0b:92:9a:9c:77:95:84:24:8c:ba:41: 02:3c:bf:62:8f:55:ef:56:04:1a:7d:f6:a6:62:87:ee:3c:61: fc:e7:6a:20:61:d2:cf:90:1f:f2:36:54:53:23:8f:d2:9a:4f: b4:39:77:e7 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUJsRq3xMM9X2/EUZ+4WLYaTaKtPMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTY4QTZGQUQ2MzdFNDcwNjhEMkZCQzU0N0ZCRjJDMUMx MkY4QzU4ODAeFw0yNTA4MTExNTU1MDBaFw0yNjA4MTAxNjAwMDBaMDMxMTAvBgNV BAMTKDNBRDQ5ODFDM0U4N0JBOTY2MDA5ODIzMzdFMTQ2QkQwRTVEQUFFRUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDieexWi/T+YqJTQrYXBL+80j9+ ZqigBLQ4FKDnD4IATtiM9fgLwIB+Pa0etFwwGGIVHNh9pcQBsReNHW04o1wugu1v sUdhavJ1Mn+UZx2ASJEjdUYkeDO0TUlIZywHKrvWtt0j2DVXQCTsbOKh4Nt2C3eQ TT/q90KDCv/7ilK7sIbkZ+ZLfg2kuMqjiXjtivApg6iq7IRoVo40Zb7ZLha3K/4E fPaj67stcSAnA1wB35U1AWAPHhN2GZe7DGL4ytCGg4PKHynTriozQppujM/Wm+bd tL0VKbcntL+jtuZ53O4/AkSscXppKjFq2z1NEY/Gdx/PeKpqCaYpusKqUE0ZAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUOtSYHD6HupZgCYIzfhRr0OXaruswHwYDVR0j BBgwFoAUlopvrWN+RwaNL7xUf78sHBL4xYgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h MzljNTQ4NC0yZTM3LTQ4ZjktOGViYS0wYWY0ZWY2Mjk0N2QvMC85NjhBNkZBRDYz N0U0NzA2OEQyRkJDNTQ3RkJGMkMxQzEyRjhDNTg4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTY4QTZGQUQ2MzdFNDcwNjhEMkZCQzU0N0ZCRjJDMUMxMkY4 QzU4OC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EzOWM1NDg0LTJlMzctNDhmOS04 ZWJhLTBhZjRlZjYyOTQ3ZC8wLzMyMzAzMDMxM2E2NDY2MzEzYTM3MzMzNDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMwMzIzNDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8XNAMA0GCSqGSIb3DQEBCwUAA4IBAQA3F6lwQ7/cUlV+zv83Gz6wAvIF6DgOA6Ka 2BiisZKQ/vPGH2dSWgtINIo3xYpicFZIhxMF11xayYYLC/9QCP/Sh1jbVQV60gt/ wz0JKfP1Jc5aBEBTy4HY+jXn1IzmxkWOQZ/+0XtZLAcexrC9yoicVm7WfZCMPbfa Cq/1p4nCd4uFhaki/eHxQFhA2q0MOlN2dWmdq0lvgWjuV1kepwLu7PtN6WHvcIxL vep/b9sorrF4sD661CBQ0pmiKllrwsrPL7Qkq5UGrePl0Vz1C5KanHeVhCSMukEC PL9ij1XvVgQaffamYofuPGH852ogYdLPkB/yNlRTI4/Smk+0OXfn -----END CERTIFICATE-----Generated at Sat Aug 23 13:36:00 2025 by rpki-client