$ rpki-client -vvf repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/323430363a313334303a3a2f33322d3430203d3e20313430343037.roa File: 323430363a313334303a3a2f33322d3430203d3e20313430343037.roa (raw, json) Hash identifier: YXWscdbOPG7qvw2mmsnb+X+s9hfMQV8vOG0qP8N0uSc= Subject key identifier: B7:54:A5:D2:0F:B1:33:72:6D:5A:FA:81:63:BC:15:E8:D9:95:A1:32 Certificate issuer: /CN=F10DEA85A199138D0AD96DC4D3CB537CDA662C53 Certificate serial: 2EAFE8DE092020AC11244EFD236468401A8B2BD4 Authority key identifier: F1:0D:EA:85:A1:99:13:8D:0A:D9:6D:C4:D3:CB:53:7C:DA:66:2C:53 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/323430363a313334303a3a2f33322d3430203d3e20313430343037.roa Signing time: Wed 18 Mar 2026 09:02:52 +0000 ROA not before: Wed 18 Mar 2026 08:57:52 +0000 ROA not after: Wed 17 Mar 2027 09:02:52 +0000 asID: 140407 IP address blocks: 2406:1340::/32 maxlen: 40 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.crl rsync://repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 05:08:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:af:e8:de:09:20:20:ac:11:24:4e:fd:23:64:68:40:1a:8b:2b:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F10DEA85A199138D0AD96DC4D3CB537CDA662C53 Validity Not Before: Mar 18 08:57:52 2026 GMT Not After : Mar 17 09:02:52 2027 GMT Subject: CN=B754A5D20FB133726D5AFA8163BC15E8D995A132 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e8:1b:94:61:50:49:e6:39:1b:2d:52:a9:61: 87:b4:ef:57:4b:3c:c7:b3:1d:78:78:64:3e:99:27: e9:dc:c6:68:48:a7:65:8c:fc:6a:23:1f:53:71:d5: e6:7b:0e:06:ff:26:51:f9:6c:a1:62:ed:db:f9:c7: f3:40:5e:35:2e:0f:c8:4a:df:62:e2:82:64:cc:cb: f3:b2:33:6f:62:76:3f:fc:22:4d:e4:f7:07:47:e9: 1f:4f:e1:05:84:c4:c9:65:a6:bd:fe:ee:5b:64:54: fd:74:d2:9f:eb:bb:bf:12:5d:52:10:b8:43:c5:aa: 95:8a:f5:24:8b:e6:23:1b:de:2b:57:09:a1:c6:55: 3e:6f:9e:f3:9d:94:4f:57:90:05:76:0e:26:ff:82: 21:a9:13:99:19:f5:7e:0c:58:2b:3a:94:17:9b:92: 79:80:cd:42:78:ce:4e:51:b6:df:bb:51:00:69:27: 9b:11:02:ba:cf:69:0d:cc:6c:bf:68:12:8e:cc:68: 83:65:7a:88:4a:44:4e:16:de:87:34:bf:c9:34:99: ed:72:f7:7d:9e:17:0d:f2:ef:11:dc:2a:e2:51:cc: 93:a1:01:87:50:03:05:1b:c2:a4:99:d6:13:e0:83: 91:f3:d9:e2:07:6a:c8:31:1c:99:3b:57:c2:31:7c: da:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:54:A5:D2:0F:B1:33:72:6D:5A:FA:81:63:BC:15:E8:D9:95:A1:32 X509v3 Authority Key Identifier: keyid:F1:0D:EA:85:A1:99:13:8D:0A:D9:6D:C4:D3:CB:53:7C:DA:66:2C:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F10DEA85A199138D0AD96DC4D3CB537CDA662C53.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c596bcc8-38cd-4437-80b1-5bae9f857937/0/323430363a313334303a3a2f33322d3430203d3e20313430343037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:1340::/32 Signature Algorithm: sha256WithRSAEncryption 33:ee:13:d0:c0:b2:d9:de:9a:b6:db:25:23:66:01:87:a9:4d: 56:a1:3f:2b:e8:73:38:2b:b6:bb:67:55:0d:bb:cb:01:07:ce: da:2a:66:5c:dc:8b:a9:46:6c:ba:ac:0e:1f:fc:fb:30:0d:82: de:0d:c4:da:e7:94:33:77:e5:5d:b8:0d:a3:30:15:44:cc:d0: 06:0d:72:d6:da:df:d9:9e:03:2e:82:66:35:58:fa:e6:af:8f: 7b:69:63:41:fe:9b:65:d6:b3:54:be:b3:a4:94:71:41:92:78: 3a:b2:e5:91:39:10:ad:b0:d9:c7:82:45:72:31:c3:3d:d1:34: 4f:b7:68:59:1e:c5:a8:fc:b4:14:a4:85:68:d7:3c:fa:9c:29: c2:3e:0a:35:6b:d4:51:04:e7:b4:3e:da:78:6f:da:31:01:94: 84:24:28:8d:06:8f:ae:98:d3:81:18:e4:22:22:25:28:b0:b2: 46:2b:37:5f:ca:74:5e:7d:a3:a0:5f:9e:db:4d:20:e4:7b:6c: 0c:1c:f7:8b:7e:e6:3c:71:0c:f2:11:c8:21:18:4f:69:e7:00: d0:b7:e3:42:e4:75:79:8c:52:20:a1:64:5c:45:4f:ea:0c:7c: de:dc:a5:58:da:e1:1e:a1:93:6f:27:be:48:cd:3f:38:d8:fa: 87:09:2c:0d -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIULq/o3gkgIKwRJE79I2RoQBqLK9QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjEwREVBODVBMTk5MTM4RDBBRDk2REM0RDNDQjUzN0NE QTY2MkM1MzAeFw0yNjAzMTgwODU3NTJaFw0yNzAzMTcwOTAyNTJaMDMxMTAvBgNV BAMTKEI3NTRBNUQyMEZCMTMzNzI2RDVBRkE4MTYzQkMxNUU4RDk5NUExMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr6BuUYVBJ5jkbLVKpYYe071dL PMezHXh4ZD6ZJ+ncxmhIp2WM/GojH1Nx1eZ7Dgb/JlH5bKFi7dv5x/NAXjUuD8hK 32LigmTMy/OyM29idj/8Ik3k9wdH6R9P4QWExMllpr3+7ltkVP100p/ru78SXVIQ uEPFqpWK9SSL5iMb3itXCaHGVT5vnvOdlE9XkAV2Dib/giGpE5kZ9X4MWCs6lBeb knmAzUJ4zk5Rtt+7UQBpJ5sRArrPaQ3MbL9oEo7MaINleohKRE4W3oc0v8k0me1y 932eFw3y7xHcKuJRzJOhAYdQAwUbwqSZ1hPgg5Hz2eIHasgxHJk7V8IxfNoXAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUt1Sl0g+xM3JtWvqBY7wV6NmVoTIwHwYDVR0j BBgwFoAU8Q3qhaGZE40K2W3E08tTfNpmLFMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j NTk2YmNjOC0zOGNkLTQ0MzctODBiMS01YmFlOWY4NTc5MzcvMC9GMTBERUE4NUEx OTkxMzhEMEFEOTZEQzREM0NCNTM3Q0RBNjYyQzUzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjEwREVBODVBMTk5MTM4RDBBRDk2REM0RDNDQjUzN0NEQTY2 MkM1My5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M1OTZiY2M4LTM4Y2QtNDQzNy04 MGIxLTViYWU5Zjg1NzkzNy8wLzMyMzQzMDM2M2EzMTMzMzQzMDNhM2EyZjMzMzIy ZDM0MzAyMDNkM2UyMDMxMzQzMDM0MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQGE0AwDQYJKoZI hvcNAQELBQADggEBADPuE9DAstnemrbbJSNmAYepTVahPyvoczgrtrtnVQ27ywEH ztoqZlzci6lGbLqsDh/8+zANgt4NxNrnlDN35V24DaMwFUTM0AYNctba39meAy6C ZjVY+uavj3tpY0H+m2XWs1S+s6SUcUGSeDqy5ZE5EK2w2ceCRXIxwz3RNE+3aFke xaj8tBSkhWjXPPqcKcI+CjVr1FEE57Q+2nhv2jEBlIQkKI0Gj66Y04EY5CIiJSiw skYrN1/KdF59o6BfnttNIOR7bAwc94t+5jxxDPIRyCEYT2nnANC340LkdXmMUiCh ZFxFT+oMfN7cpVja4R6hk28nvkjNPzjY+ocJLA0= -----END CERTIFICATE-----Generated at Thu Mar 26 20:13:35 2026 by rpki-client