$ rpki-client -vvf repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/323030313a6466343a326438303a3a2f34382d3438203d3e20313430343532.roa File: 323030313a6466343a326438303a3a2f34382d3438203d3e20313430343532.roa (raw, json) Hash identifier: CPeh5pcKIP6qJ3Jzx7KUROvLf3APBLJFmjl0GUWh3r8= Subject key identifier: 29:D2:2B:2D:B0:10:3E:0E:E7:30:92:EA:CC:7D:45:20:74:D6:1E:D4 Certificate issuer: /CN=B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7 Certificate serial: 0A464E926778D8FFA04C452DAA70B64491F8E1BE Authority key identifier: B5:91:05:9B:6A:F2:F5:D6:6E:BB:D1:40:31:DA:23:E5:AA:FC:64:F7 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/323030313a6466343a326438303a3a2f34382d3438203d3e20313430343532.roa Signing time: Wed 11 Mar 2026 17:07:36 +0000 ROA not before: Wed 11 Mar 2026 17:02:36 +0000 ROA not after: Wed 10 Mar 2027 17:07:36 +0000 asID: 140452 IP address blocks: 2001:df4:2d80::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.crl rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 12:29:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:46:4e:92:67:78:d8:ff:a0:4c:45:2d:aa:70:b6:44:91:f8:e1:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7 Validity Not Before: Mar 11 17:02:36 2026 GMT Not After : Mar 10 17:07:36 2027 GMT Subject: CN=29D22B2DB0103E0EE73092EACC7D452074D61ED4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c4:36:dc:cb:ce:ef:14:27:e5:2c:56:48:4a: f6:9e:3a:6f:cf:21:2c:57:e9:a6:f1:6f:d2:33:70: 97:6c:bc:a7:42:99:4c:60:03:3d:45:75:65:5f:9c: 72:f6:c1:8f:27:13:4c:e7:de:b4:b9:b0:3a:cf:02: 76:27:13:04:fd:51:aa:b6:f0:f3:de:c1:ac:a3:ed: 56:5f:e1:c4:b8:57:11:13:03:4b:aa:9d:97:bd:bc: 60:0c:c2:13:46:2e:80:7b:e6:ff:07:1a:ca:d7:93: 9f:6a:02:5a:06:79:3b:f9:28:97:8a:2a:16:66:23: 4f:f0:18:b5:2f:25:50:35:a2:bf:ca:da:36:0c:48: c2:eb:7f:da:bd:5f:50:8d:e7:3f:6f:96:ca:50:ed: 2c:ad:3c:73:18:aa:8d:f8:ae:40:a1:a1:bf:70:8d: 59:aa:34:70:fc:bd:b2:3b:cd:56:44:d7:81:b5:83: 84:99:88:b3:3a:87:4e:1e:3c:fb:ff:e5:20:5b:e7: 46:1a:99:b2:c2:4d:b8:39:8a:eb:4f:2d:25:bb:41: f6:41:52:1e:20:e3:b5:12:7c:f6:ec:44:8e:f3:c7: 35:ed:cd:27:07:89:30:db:ef:33:1e:38:b5:3e:9f: ee:a8:2d:8b:64:51:1b:2e:3e:1e:c2:b3:e4:70:f2: 26:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:D2:2B:2D:B0:10:3E:0E:E7:30:92:EA:CC:7D:45:20:74:D6:1E:D4 X509v3 Authority Key Identifier: keyid:B5:91:05:9B:6A:F2:F5:D6:6E:BB:D1:40:31:DA:23:E5:AA:FC:64:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B591059B6AF2F5D66EBBD14031DA23E5AAFC64F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/bdc41c1a-e088-4ef6-9d28-814c61456d30/0/323030313a6466343a326438303a3a2f34382d3438203d3e20313430343532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:2d80::/48 Signature Algorithm: sha256WithRSAEncryption 49:17:00:dd:f5:3e:eb:82:bc:0e:69:51:4c:ed:7b:e0:d0:00: 69:f6:dd:a7:93:60:a8:68:4f:42:85:8a:c6:88:e4:30:03:f1: 90:1c:eb:70:2a:d5:c6:8c:74:f0:a2:6e:75:87:70:aa:5c:6c: a7:5e:8f:0c:1d:6c:68:7b:1f:df:19:0b:16:ed:b4:b2:75:7f: 58:81:2f:70:f9:73:be:1e:50:16:56:61:fc:7d:fd:91:30:1d: cf:e7:20:6c:f1:23:60:74:9a:f6:03:8b:23:11:d8:aa:a8:48: 67:db:2d:a4:a5:74:50:1d:f2:29:dc:da:76:5c:68:35:c7:78: 44:ef:b0:78:90:8a:3e:78:a8:b2:80:b7:5a:f0:8a:63:b8:28: 5a:94:7f:30:bb:9e:64:78:22:d2:97:36:ca:ba:67:39:1d:b8: 8f:9a:f0:c0:9d:da:ac:9b:ce:37:18:74:3c:e7:65:53:f5:cb: 57:20:3e:0b:c2:42:cd:23:7f:80:e1:7a:5e:36:4d:fe:71:48: 04:0d:f9:44:97:d5:7c:81:ef:64:81:3f:6d:28:10:a8:d1:e2: 41:7c:fe:09:59:0f:be:db:7d:cb:c8:99:c2:45:a5:11:0b:c0: da:d6:2e:ca:c6:2f:79:e4:ac:d4:db:e7:c8:f1:f0:69:66:06: 73:42:5d:22 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUCkZOkmd42P+gTEUtqnC2RJH44b4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjU5MTA1OUI2QUYyRjVENjZFQkJEMTQwMzFEQTIzRTVB QUZDNjRGNzAeFw0yNjAzMTExNzAyMzZaFw0yNzAzMTAxNzA3MzZaMDMxMTAvBgNV BAMTKDI5RDIyQjJEQjAxMDNFMEVFNzMwOTJFQUNDN0Q0NTIwNzRENjFFRDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGxDbcy87vFCflLFZISvaeOm/P ISxX6abxb9IzcJdsvKdCmUxgAz1FdWVfnHL2wY8nE0zn3rS5sDrPAnYnEwT9Uaq2 8PPewayj7VZf4cS4VxETA0uqnZe9vGAMwhNGLoB75v8HGsrXk59qAloGeTv5KJeK KhZmI0/wGLUvJVA1or/K2jYMSMLrf9q9X1CN5z9vlspQ7SytPHMYqo34rkChob9w jVmqNHD8vbI7zVZE14G1g4SZiLM6h04ePPv/5SBb50YambLCTbg5iutPLSW7QfZB Uh4g47USfPbsRI7zxzXtzScHiTDb7zMeOLU+n+6oLYtkURsuPh7Cs+Rw8iYRAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUKdIrLbAQPg7nMJLqzH1FIHTWHtQwHwYDVR0j BBgwFoAUtZEFm2ry9dZuu9FAMdoj5ar8ZPcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i ZGM0MWMxYS1lMDg4LTRlZjYtOWQyOC04MTRjNjE0NTZkMzAvMC9CNTkxMDU5QjZB RjJGNUQ2NkVCQkQxNDAzMURBMjNFNUFBRkM2NEY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjU5MTA1OUI2QUYyRjVENjZFQkJEMTQwMzFEQTIzRTVBQUZD NjRGNy5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkYzQxYzFhLWUwODgtNGVmNi05 ZDI4LTgxNGM2MTQ1NmQzMC8wLzMyMzAzMDMxM2E2NDY2MzQzYTMyNjQzODMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMwMzQzNTMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9C2AMA0GCSqGSIb3DQEBCwUAA4IBAQBJFwDd9T7rgrwOaVFM7Xvg0ABp9t2nk2Co aE9ChYrGiOQwA/GQHOtwKtXGjHTwom51h3CqXGynXo8MHWxoex/fGQsW7bSydX9Y gS9w+XO+HlAWVmH8ff2RMB3P5yBs8SNgdJr2A4sjEdiqqEhn2y2kpXRQHfIp3Np2 XGg1x3hE77B4kIo+eKiygLda8IpjuChalH8wu55keCLSlzbKumc5HbiPmvDAndqs m843GHQ852VT9ctXID4LwkLNI3+A4XpeNk3+cUgEDflEl9V8ge9kgT9tKBCo0eJB fP4JWQ++233LyJnCRaURC8Da1i7Kxi955KzU2+fI8fBpZgZzQl0i -----END CERTIFICATE-----Generated at Thu Mar 26 20:53:07 2026 by rpki-client