$ rpki-client -vvf repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa File: 323430323a616230303a3a2f34382d3438203d3e203234323036.roa (raw, json) Hash identifier: DzgPlEX76YPqKshtrhPz/EVID2lXXaNvCCo/tHgJE8c= Subject key identifier: 20:FF:F1:5C:D8:F1:04:DA:BF:D7:B8:3A:22:C3:21:BE:B2:55:34:22 Certificate issuer: /CN=981E5677AC602950ABE1A442C2779E7CB0C108A9 Certificate serial: 7ADE973620DB6AA4527BE40AF0F1D11499B87B64 Authority key identifier: 98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer Subject info access: rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa Signing time: Thu 12 Jun 2025 09:00:00 +0000 ROA not before: Thu 12 Jun 2025 08:55:00 +0000 ROA not after: Thu 11 Jun 2026 09:00:00 +0000 asID: 24206 IP address blocks: 2402:ab00::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 15:45:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:de:97:36:20:db:6a:a4:52:7b:e4:0a:f0:f1:d1:14:99:b8:7b:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=981E5677AC602950ABE1A442C2779E7CB0C108A9 Validity Not Before: Jun 12 08:55:00 2025 GMT Not After : Jun 11 09:00:00 2026 GMT Subject: CN=20FFF15CD8F104DABFD7B83A22C321BEB2553422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:c5:5a:87:bc:bb:39:88:8d:e1:94:db:85:30: 3c:bc:55:09:44:56:d4:4b:c4:27:29:71:13:4e:d1: 8d:9e:47:55:11:ff:54:03:91:3d:7f:24:19:3f:fc: 3c:e2:83:c4:93:4c:f7:7d:8c:89:45:7d:93:b7:3d: 6c:5f:c9:9f:22:11:f5:0e:27:af:c9:24:59:7c:b3: 30:15:f9:0d:ec:1b:02:de:65:9d:29:4d:c4:04:48: 1c:dd:cb:25:3d:4e:f0:ad:d8:28:9a:0c:a0:d2:81: 2a:7a:87:40:6d:83:7a:d1:82:61:cf:c8:59:f7:08: 5e:4e:30:e5:17:de:c4:48:c2:a7:ff:1b:f0:0c:5f: 9d:d3:ce:75:da:4b:01:c5:2f:bc:be:82:f9:ea:34: 2a:2f:0e:14:db:b8:46:76:b8:ce:d0:37:dc:fc:2d: ca:97:f9:6c:c9:ab:df:d4:67:57:71:6c:1e:34:1c: 6f:f9:d6:34:55:33:08:42:df:c0:78:eb:03:19:e5: 66:d2:b1:87:62:db:b3:38:e8:3c:2d:22:b1:63:f4: a2:6e:73:80:d0:7e:9e:99:7b:1f:fa:5c:f4:e6:5d: ff:55:38:15:fb:f2:63:ef:a9:3e:25:77:18:09:8e: 87:2b:8a:01:d4:83:57:9b:40:3a:15:79:c2:d8:fb: 3b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:FF:F1:5C:D8:F1:04:DA:BF:D7:B8:3A:22:C3:21:BE:B2:55:34:22 X509v3 Authority Key Identifier: keyid:98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:ab00::/48 Signature Algorithm: sha256WithRSAEncryption 0b:99:57:83:63:a1:3f:71:23:2c:b1:49:99:34:88:37:cf:df: 65:ac:d8:8e:2c:1a:a1:9b:c5:b6:4a:64:9f:af:fc:e3:82:30: ae:be:c3:f4:98:db:7b:ca:1b:be:cf:6e:3c:32:9e:c0:da:63: 7c:c0:69:1c:c3:42:16:45:dc:04:dd:f3:6b:2b:72:18:5d:42: 2c:3e:21:0a:a3:4f:2c:db:de:2d:78:a0:82:99:f0:05:af:54: ee:25:d0:44:34:c8:15:50:0b:c7:d4:3a:95:93:2e:d8:d1:1a: c9:a9:f3:ac:28:67:6a:94:9a:0e:d4:24:94:37:74:75:81:58: be:f7:c1:16:e8:bc:e1:97:a4:fd:bb:0f:bd:6c:5a:b3:d2:d3: 09:bf:2d:8b:d5:54:a0:3a:22:22:0b:b3:94:b7:6c:48:5f:6b: b2:bd:67:3f:0f:fa:92:c2:6e:dd:ee:0a:76:1a:1c:d1:ab:e4: a4:c1:f1:21:ce:d3:8b:22:7f:a0:24:35:93:22:4a:c4:56:9a: 41:68:62:87:1e:b9:31:e0:d2:56:d0:84:2b:ba:dd:c8:aa:f2: 62:11:37:4e:db:89:ac:b5:b7:0e:b0:e0:e7:c2:73:c5:74:e1: 3a:35:c7:42:5c:e4:a5:25:1d:1a:76:bf:d2:c2:d2:4d:d2:5a: 14:dc:3c:f4 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUet6XNiDbaqRSe+QK8PHRFJm4e2QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NC MEMxMDhBOTAeFw0yNTA2MTIwODU1MDBaFw0yNjA2MTEwOTAwMDBaMDMxMTAvBgNV BAMTKDIwRkZGMTVDRDhGMTA0REFCRkQ3QjgzQTIyQzMyMUJFQjI1NTM0MjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzxVqHvLs5iI3hlNuFMDy8VQlE VtRLxCcpcRNO0Y2eR1UR/1QDkT1/JBk//Dzig8STTPd9jIlFfZO3PWxfyZ8iEfUO J6/JJFl8szAV+Q3sGwLeZZ0pTcQESBzdyyU9TvCt2CiaDKDSgSp6h0Btg3rRgmHP yFn3CF5OMOUX3sRIwqf/G/AMX53TznXaSwHFL7y+gvnqNCovDhTbuEZ2uM7QN9z8 LcqX+WzJq9/UZ1dxbB40HG/51jRVMwhC38B46wMZ5WbSsYdi27M46DwtIrFj9KJu c4DQfp6Zex/6XPTmXf9VOBX78mPvqT4ldxgJjocrigHUg1ebQDoVecLY+zvbAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUIP/xXNjxBNq/17g6IsMhvrJVNCIwHwYDVR0j BBgwFoAUmB5Wd6xgKVCr4aRCwneefLDBCKkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h NzkyMmY4OS0zZTliLTRiMjEtOTE4Ni1hNjQ4YzJkYTNmN2IvMC85ODFFNTY3N0FD NjAyOTUwQUJFMUE0NDJDMjc3OUU3Q0IwQzEwOEE5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NCMEMx MDhBOS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3OTIyZjg5LTNlOWItNGIyMS05 MTg2LWE2NDhjMmRhM2Y3Yi8wLzMyMzQzMDMyM2E2MTYyMzAzMDNhM2EyZjM0Mzgy ZDM0MzgyMDNkM2UyMDMyMzQzMjMwMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAqsAAAAwDQYJKoZI hvcNAQELBQADggEBAAuZV4NjoT9xIyyxSZk0iDfP32Ws2I4sGqGbxbZKZJ+v/OOC MK6+w/SY23vKG77PbjwynsDaY3zAaRzDQhZF3ATd82srchhdQiw+IQqjTyzb3i14 oIKZ8AWvVO4l0EQ0yBVQC8fUOpWTLtjRGsmp86woZ2qUmg7UJJQ3dHWBWL73wRbo vOGXpP27D71sWrPS0wm/LYvVVKA6IiILs5S3bEhfa7K9Zz8P+pLCbt3uCnYaHNGr 5KTB8SHO04sif6AkNZMiSsRWmkFoYoceuTHg0lbQhCu63ciq8mIRN07biay1tw6w 4OfCc8V04To1x0Jc5KUlHRp2v9LC0k3SWhTcPPQ= -----END CERTIFICATE-----Generated at Tue Jul 1 23:28:03 2025 by rpki-client