$ rpki-client -vvf repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/323430343a613463303a3a2f33322d3438203d3e20313338383232.roa File: 323430343a613463303a3a2f33322d3438203d3e20313338383232.roa (raw, json) Hash identifier: Elof/C3fNtJbCl8TUF91oukaJ7adl9S3GZZ+iL/gCtw= Subject key identifier: 86:F6:31:B9:56:4D:5F:60:C4:F6:E4:F2:28:0F:A4:11:CF:C8:1D:73 Certificate issuer: /CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Certificate serial: 2C66425959C6B2570463D043A4A9F787C03A813C Authority key identifier: 2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/323430343a613463303a3a2f33322d3438203d3e20313338383232.roa Signing time: Sat 21 Mar 2026 11:00:02 +0000 ROA not before: Sat 21 Mar 2026 10:55:02 +0000 ROA not after: Sat 20 Mar 2027 11:00:02 +0000 asID: 138822 IP address blocks: 2404:a4c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 23:46:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:66:42:59:59:c6:b2:57:04:63:d0:43:a4:a9:f7:87:c0:3a:81:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4 Validity Not Before: Mar 21 10:55:02 2026 GMT Not After : Mar 20 11:00:02 2027 GMT Subject: CN=86F631B9564D5F60C4F6E4F2280FA411CFC81D73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:7f:35:cf:e0:03:e1:4f:47:04:4f:a7:20:bc: 6b:f2:85:d3:5b:cb:24:ab:7a:70:19:8e:5b:a4:fd: 35:c4:b8:39:86:a8:ba:1a:77:74:c6:6c:45:6b:cb: 13:16:78:0d:ad:57:79:5d:a3:43:10:99:02:94:7a: 89:dc:fd:0d:9f:a2:b9:e2:a5:4b:c0:05:c9:8d:b1: 8e:c9:e3:74:04:43:86:a6:b6:0a:0f:0f:58:22:5d: 49:4c:7b:20:50:95:4f:e1:e6:b9:b6:ca:f2:83:59: 93:ca:3c:bc:f4:a8:c6:9b:9c:a3:eb:d8:fe:63:f0: 43:92:c0:2f:f0:03:32:58:ca:10:0e:32:ea:de:4d: 5c:09:92:5f:9f:bc:e8:f4:2c:03:ac:8e:a4:0b:ca: bf:0e:78:ed:e1:ad:b5:1a:66:5d:db:37:9b:06:7a: b7:fd:5a:9a:f0:e0:9d:c2:a5:34:f2:fb:bb:7a:30: 5d:5a:62:a6:b4:b3:39:1b:14:b2:1e:4c:ab:8b:39: 85:fe:25:db:f4:fa:42:b2:6b:a5:a0:14:0f:87:39: e7:bb:a6:32:83:55:52:fe:a7:41:a1:1c:65:53:c2: f6:76:ea:46:65:f0:0f:ff:1d:4d:52:49:e7:e7:70: fc:99:17:5b:0e:dc:4d:b8:75:47:c5:cf:0b:d6:85: db:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:F6:31:B9:56:4D:5F:60:C4:F6:E4:F2:28:0F:A4:11:CF:C8:1D:73 X509v3 Authority Key Identifier: keyid:2D:EC:7D:B2:A5:C9:62:CF:A5:3D:57:8D:EA:7D:C8:43:83:A6:33:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2DEC7DB2A5C962CFA53D578DEA7DC84383A633D4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e3bbf1da-e317-48ef-ad6d-fe8a8bf08400/0/323430343a613463303a3a2f33322d3438203d3e20313338383232.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:a4c0::/32 Signature Algorithm: sha256WithRSAEncryption ad:02:7b:13:be:f4:40:16:8c:84:1d:09:44:7f:60:ca:1d:1a: a2:48:70:ec:44:4b:61:c9:a9:1a:3e:d6:be:ed:cc:f9:38:c2: 66:b0:03:cc:6b:3a:f5:28:58:b9:b8:7d:ec:fa:52:59:56:b0: 16:6c:0e:e3:67:cf:11:23:45:5f:8a:98:df:5a:66:be:9d:da: 72:71:d6:f3:c4:0d:b1:26:9b:33:9b:f6:8c:4e:42:2f:60:6a: dc:fd:c8:58:1a:fb:02:55:9c:6f:cb:f0:53:4c:44:59:99:bb: d1:09:92:40:aa:50:c8:88:d1:5e:a9:51:5b:85:1e:6e:1d:b8: 4c:22:75:99:38:11:14:17:30:9a:76:94:a5:5c:99:50:c1:3a: 6b:dc:f0:29:fd:22:bb:b1:21:5c:b5:16:a8:0c:86:12:6e:c8: 7a:b6:f0:98:c1:8e:25:63:d3:bd:b8:de:4f:f1:70:60:f0:b8: c6:c4:67:98:bc:e6:c2:b1:0a:ed:0e:d4:92:80:d1:fb:1a:d2: d5:3f:19:7f:56:08:65:16:0e:b2:ca:cb:34:dc:5a:d4:27:5e: 9e:b6:70:ff:30:6e:86:dd:36:21:0a:94:51:cc:b7:c5:21:5e: 91:f3:1b:83:20:c6:b7:03:2b:d5:61:50:4d:7b:60:9c:75:fb: 47:52:d7:6e -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIULGZCWVnGslcEY9BDpKn3h8A6gTwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4 M0E2MzNENDAeFw0yNjAzMjExMDU1MDJaFw0yNzAzMjAxMTAwMDJaMDMxMTAvBgNV BAMTKDg2RjYzMUI5NTY0RDVGNjBDNEY2RTRGMjI4MEZBNDExQ0ZDODFENzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvfzXP4APhT0cET6cgvGvyhdNb yySrenAZjluk/TXEuDmGqLoad3TGbEVryxMWeA2tV3ldo0MQmQKUeonc/Q2forni pUvABcmNsY7J43QEQ4amtgoPD1giXUlMeyBQlU/h5rm2yvKDWZPKPLz0qMabnKPr 2P5j8EOSwC/wAzJYyhAOMureTVwJkl+fvOj0LAOsjqQLyr8OeO3hrbUaZl3bN5sG erf9Wprw4J3CpTTy+7t6MF1aYqa0szkbFLIeTKuLOYX+Jdv0+kKya6WgFA+HOee7 pjKDVVL+p0GhHGVTwvZ26kZl8A//HU1SSefncPyZF1sO3E24dUfFzwvWhdufAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUhvYxuVZNX2DE9uTyKA+kEc/IHXMwHwYDVR0j BBgwFoAULex9sqXJYs+lPVeN6n3IQ4OmM9QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l M2JiZjFkYS1lMzE3LTQ4ZWYtYWQ2ZC1mZThhOGJmMDg0MDAvMC8yREVDN0RCMkE1 Qzk2MkNGQTUzRDU3OERFQTdEQzg0MzgzQTYzM0Q0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMkRFQzdEQjJBNUM5NjJDRkE1M0Q1NzhERUE3REM4NDM4M0E2 MzNENC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2UzYmJmMWRhLWUzMTctNDhlZi1h ZDZkLWZlOGE4YmYwODQwMC8wLzMyMzQzMDM0M2E2MTM0NjMzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzODM4MzIzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQEpMAwDQYJKoZI hvcNAQELBQADggEBAK0CexO+9EAWjIQdCUR/YModGqJIcOxES2HJqRo+1r7tzPk4 wmawA8xrOvUoWLm4fez6UllWsBZsDuNnzxEjRV+KmN9aZr6d2nJx1vPEDbEmmzOb 9oxOQi9gatz9yFga+wJVnG/L8FNMRFmZu9EJkkCqUMiI0V6pUVuFHm4duEwidZk4 ERQXMJp2lKVcmVDBOmvc8Cn9IruxIVy1FqgMhhJuyHq28JjBjiVj07243k/xcGDw uMbEZ5i85sKxCu0O1JKA0fsa0tU/GX9WCGUWDrLKyzTcWtQnXp62cP8wbobdNiEK lFHMt8UhXpHzG4MgxrcDK9VhUE17YJx1+0dS124= -----END CERTIFICATE-----Generated at Thu Mar 26 19:41:57 2026 by rpki-client