$ rpki-client -vvf repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/323430333a656134303a3a2f33322d3332203d3e20313338303837.roa File: 323430333a656134303a3a2f33322d3332203d3e20313338303837.roa (raw, json) Hash identifier: xBq4u83ia6TOjUP4DGj4goi5YscW5lbRAoeEejloPEM= Subject key identifier: 91:F5:97:3D:A7:87:C6:59:09:75:D1:99:2A:5E:35:94:87:C6:46:F0 Certificate issuer: /CN=B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB Certificate serial: 2EC89B39FEF086A0A7C3DF22CCF767681BB4AB50 Authority key identifier: B3:A9:68:6B:1E:95:DC:B6:87:72:AD:A5:5B:B1:38:AE:4D:0E:14:DB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/323430333a656134303a3a2f33322d3332203d3e20313338303837.roa Signing time: Fri 17 Oct 2025 10:00:01 +0000 ROA not before: Fri 17 Oct 2025 09:55:01 +0000 ROA not after: Fri 16 Oct 2026 10:00:01 +0000 asID: 138087 IP address blocks: 2403:ea40::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.crl rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 20:43:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:c8:9b:39:fe:f0:86:a0:a7:c3:df:22:cc:f7:67:68:1b:b4:ab:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB Validity Not Before: Oct 17 09:55:01 2025 GMT Not After : Oct 16 10:00:01 2026 GMT Subject: CN=91F5973DA787C6590975D1992A5E359487C646F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3e:3c:f6:f2:50:03:19:2a:63:e9:7a:e8:3e: 4f:47:dc:69:ae:40:93:48:69:52:a4:a0:ec:2b:64: d2:d6:78:cb:c6:d8:23:6d:84:51:bc:98:03:42:fd: 88:a8:2a:7b:8c:66:d4:87:49:b6:da:7e:06:da:f0: f2:52:a0:5c:8b:d8:c2:76:e5:bb:30:50:bb:c3:96: 61:65:34:0e:5c:ff:1c:33:7e:5d:90:d3:99:74:9f: b6:b8:cc:5b:75:9d:0e:36:d2:68:78:5e:ac:a6:9f: 99:cc:58:2f:5a:0c:6b:44:a5:4c:17:7f:3c:f4:f0: f6:74:6e:a3:f3:3b:c6:1d:00:00:da:90:90:1e:e7: 5c:c3:23:ef:bf:d7:21:ea:e4:0e:1c:21:f5:2c:c8: 14:d4:e2:f1:d8:9d:89:0e:45:fa:5e:ea:f7:6a:fb: 4f:1b:e8:22:db:d7:c9:c7:fc:e7:93:52:55:6b:e8: 8d:2c:f4:67:42:a4:bc:38:84:51:a3:b6:68:7a:10: 67:c2:c6:f2:43:89:9b:5b:68:58:44:14:bd:de:b6: a8:b7:82:ea:11:2c:f8:8d:5d:65:96:d8:e8:bd:59: 3c:3e:6e:4a:34:ff:47:a5:da:7a:ea:b7:38:1c:43: 8c:8f:e1:4a:1d:de:d5:46:7f:e9:32:8c:74:bd:10: 3c:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F5:97:3D:A7:87:C6:59:09:75:D1:99:2A:5E:35:94:87:C6:46:F0 X509v3 Authority Key Identifier: keyid:B3:A9:68:6B:1E:95:DC:B6:87:72:AD:A5:5B:B1:38:AE:4D:0E:14:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/323430333a656134303a3a2f33322d3332203d3e20313338303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:ea40::/32 Signature Algorithm: sha256WithRSAEncryption a2:ee:b7:e7:00:20:d3:54:28:97:51:b9:4b:18:2c:0f:70:51: fb:27:24:d7:6a:6d:49:ba:fd:5c:5c:e3:21:ac:6d:fa:b7:02: be:95:12:dd:34:32:3b:b3:f4:10:82:e7:36:4d:83:41:69:30: a1:2b:2b:bd:ea:f8:66:a5:be:61:74:c2:4e:85:98:45:4c:89: ba:f1:76:91:53:ab:6d:c5:a5:ee:03:14:74:45:cd:6e:a2:37: 29:c9:f4:29:2a:15:ef:4f:08:ad:b6:6b:1e:ea:4d:a1:d0:00: e1:60:bd:9c:42:f1:af:0d:82:d4:95:c8:bd:c8:ae:92:04:5c: 46:3f:6d:c6:9d:36:f0:f9:65:1e:a1:42:9e:86:8c:1c:22:e0: 1e:47:df:5d:90:a5:ff:a8:99:bf:02:7b:d3:9e:7c:dd:19:28: d2:7c:e4:50:74:1b:31:c2:d3:c9:98:5e:39:d7:60:0a:61:2d: 5f:6c:32:e6:25:6f:6d:61:b1:fb:46:f8:33:dd:92:f5:8c:74: 14:b5:b0:b0:bc:a2:86:4b:12:3d:22:78:cc:5a:f9:cc:f6:a9: ba:52:6a:10:f7:47:f9:7b:03:db:9f:90:8b:66:5d:13:ef:0f: 70:69:e8:71:37:54:18:82:70:01:a1:f1:d1:39:b1:0c:53:bb: 24:0c:23:91 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIULsibOf7whqCnw98izPdnaBu0q1AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjNBOTY4NkIxRTk1RENCNjg3NzJBREE1NUJCMTM4QUU0 RDBFMTREQjAeFw0yNTEwMTcwOTU1MDFaFw0yNjEwMTYxMDAwMDFaMDMxMTAvBgNV BAMTKDkxRjU5NzNEQTc4N0M2NTkwOTc1RDE5OTJBNUUzNTk0ODdDNjQ2RjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxPjz28lADGSpj6XroPk9H3Gmu QJNIaVKkoOwrZNLWeMvG2CNthFG8mANC/YioKnuMZtSHSbbafgba8PJSoFyL2MJ2 5bswULvDlmFlNA5c/xwzfl2Q05l0n7a4zFt1nQ420mh4Xqymn5nMWC9aDGtEpUwX fzz08PZ0bqPzO8YdAADakJAe51zDI++/1yHq5A4cIfUsyBTU4vHYnYkORfpe6vdq +08b6CLb18nH/OeTUlVr6I0s9GdCpLw4hFGjtmh6EGfCxvJDiZtbaFhEFL3etqi3 guoRLPiNXWWW2Oi9WTw+bko0/0el2nrqtzgcQ4yP4Uod3tVGf+kyjHS9EDxZAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUkfWXPaeHxlkJddGZKl41lIfGRvAwHwYDVR0j BBgwFoAUs6loax6V3LaHcq2lW7E4rk0OFNswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l NThkNmRjYS02ZDdiLTQ4MTEtODYyYi0wZGM1ZDU3ZmEyZDkvMC9CM0E5Njg2QjFF OTVEQ0I2ODc3MkFEQTU1QkIxMzhBRTREMEUxNERCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjNBOTY4NkIxRTk1RENCNjg3NzJBREE1NUJCMTM4QUU0RDBF MTREQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1OGQ2ZGNhLTZkN2ItNDgxMS04 NjJiLTBkYzVkNTdmYTJkOS8wLzMyMzQzMDMzM2E2NTYxMzQzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzMzODMwMzgzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQD6kAwDQYJKoZI hvcNAQELBQADggEBAKLut+cAINNUKJdRuUsYLA9wUfsnJNdqbUm6/Vxc4yGsbfq3 Ar6VEt00Mjuz9BCC5zZNg0FpMKErK73q+GalvmF0wk6FmEVMibrxdpFTq23Fpe4D FHRFzW6iNynJ9CkqFe9PCK22ax7qTaHQAOFgvZxC8a8NgtSVyL3IrpIEXEY/bcad NvD5ZR6hQp6GjBwi4B5H312Qpf+omb8Ce9OefN0ZKNJ85FB0GzHC08mYXjnXYAph LV9sMuYlb21hsftG+DPdkvWMdBS1sLC8ooZLEj0ieMxa+cz2qbpSahD3R/l7A9uf kItmXRPvD3Bp6HE3VBiCcAGh8dE5sQxTuyQMI5E= -----END CERTIFICATE-----Generated at Mon Oct 20 21:08:26 2025 by rpki-client