$ rpki-client -vvf repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233303a3a2f34382d3438203d3e203233363731.roa File: 323430333a623230303a3233303a3a2f34382d3438203d3e203233363731.roa (raw, json) Hash identifier: gLZWFV3zWiPGu9t5HNVK6mFsOvnneRjxQ2q9HVqFHL4= Subject key identifier: A4:57:A0:BF:44:3E:FC:2D:84:45:8E:44:74:72:0F:D3:F5:3E:07:35 Certificate issuer: /CN=47661DC42A2BCC5BCEEE73AC8ABA71B12188866F Certificate serial: 3BAD19B4C5617143A7658E49E2B840AB945F21CF Authority key identifier: 47:66:1D:C4:2A:2B:CC:5B:CE:EE:73:AC:8A:BA:71:B1:21:88:86:6F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233303a3a2f34382d3438203d3e203233363731.roa Signing time: Tue 24 Mar 2026 04:03:18 +0000 ROA not before: Tue 24 Mar 2026 03:58:18 +0000 ROA not after: Tue 23 Mar 2027 04:03:18 +0000 asID: 23671 IP address blocks: 2403:b200:230::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.crl rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Mar 2026 19:09:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:ad:19:b4:c5:61:71:43:a7:65:8e:49:e2:b8:40:ab:94:5f:21:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47661DC42A2BCC5BCEEE73AC8ABA71B12188866F Validity Not Before: Mar 24 03:58:18 2026 GMT Not After : Mar 23 04:03:18 2027 GMT Subject: CN=A457A0BF443EFC2D84458E4474720FD3F53E0735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:b0:bf:86:ff:f2:ed:5d:00:07:3a:df:44:e7: f6:d9:10:fb:08:59:7d:8e:7c:f3:1c:88:6c:99:68: 89:f0:1a:1b:0b:83:fc:e6:20:a7:49:bd:4c:25:3a: 34:f8:1f:ff:b1:85:2e:85:24:e7:96:f1:66:c0:77: 43:fa:c5:ef:ab:ba:93:3a:17:24:7a:2d:6c:64:7b: fb:12:a3:a8:a1:75:dd:0a:a3:91:d8:02:ee:ac:86: 01:5a:63:e2:a7:aa:d9:97:b3:a5:03:17:01:97:d9: 0b:cb:94:60:28:80:78:23:96:5e:77:23:df:8f:81: c1:84:d3:80:79:9a:ad:a4:9d:33:d7:f5:15:47:ed: 12:23:99:96:bd:90:74:06:74:79:70:61:1b:15:ce: 25:84:dc:41:f2:69:f3:f4:bd:4c:2f:69:c3:a8:03: 34:3c:ad:4f:8e:1e:c8:33:89:c2:a6:1c:90:fd:20: af:81:fc:99:8d:bc:89:18:dd:fb:a7:8c:31:b3:da: e4:82:aa:10:44:d6:ab:75:c3:1f:9c:f4:97:9d:99: 45:59:ec:64:ad:85:f1:2b:22:b7:1c:66:2d:7a:99: 28:6a:10:8c:e7:88:d9:0b:9c:f9:9f:1f:fd:ae:76: 5f:9a:ed:1e:61:3b:f2:18:97:6d:1e:2b:71:03:2d: b0:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:57:A0:BF:44:3E:FC:2D:84:45:8E:44:74:72:0F:D3:F5:3E:07:35 X509v3 Authority Key Identifier: keyid:47:66:1D:C4:2A:2B:CC:5B:CE:EE:73:AC:8A:BA:71:B1:21:88:86:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233303a3a2f34382d3438203d3e203233363731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b200:230::/48 Signature Algorithm: sha256WithRSAEncryption 8a:4a:fb:2f:44:b4:71:a5:d5:2b:5b:fd:3f:92:ac:93:83:87: 09:36:68:1f:b5:57:e4:54:14:31:86:1e:87:36:5a:28:63:de: 80:29:db:da:af:d7:fc:97:ab:11:f4:0b:29:c3:20:06:1b:e4: d5:0f:7c:4f:3e:eb:3a:ce:61:09:e4:b7:f0:b1:51:c1:34:53: 9f:28:9d:fc:28:1d:1b:95:86:8e:dd:ad:c0:01:48:89:00:e6: 07:43:83:ea:16:3c:c5:42:8f:75:0a:10:4c:f1:ce:53:64:25: d8:3d:b3:7b:9c:95:45:b0:f9:60:2f:98:c9:59:65:35:52:7c: 2b:64:e3:d3:8b:79:28:70:eb:f4:c6:a0:48:a3:64:7e:44:48: 4c:f5:34:fe:55:61:05:bc:47:bb:fd:54:8e:74:c3:23:f2:e5: d0:92:b8:e6:82:20:f6:b4:5f:2f:92:3f:c4:49:e8:02:fb:78: 2f:82:bf:b7:1a:22:85:2e:47:79:fe:ed:e2:44:95:95:44:8f: 46:4c:c8:71:52:b0:16:e8:a2:04:16:d0:e4:5b:83:13:f3:ef: 8e:54:5a:be:c3:30:88:4c:14:8b:52:d5:cb:8e:6c:d6:48:2f: 43:ca:4c:4b:a7:a6:45:0e:00:64:0e:37:12:18:7e:c0:a2:00: 9c:54:cf:d7 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUO60ZtMVhcUOnZY5J4rhAq5RfIc8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDc2NjFEQzQyQTJCQ0M1QkNFRUU3M0FDOEFCQTcxQjEy MTg4ODY2RjAeFw0yNjAzMjQwMzU4MThaFw0yNzAzMjMwNDAzMThaMDMxMTAvBgNV BAMTKEE0NTdBMEJGNDQzRUZDMkQ4NDQ1OEU0NDc0NzIwRkQzRjUzRTA3MzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBsL+G//LtXQAHOt9E5/bZEPsI WX2OfPMciGyZaInwGhsLg/zmIKdJvUwlOjT4H/+xhS6FJOeW8WbAd0P6xe+rupM6 FyR6LWxke/sSo6ihdd0Ko5HYAu6shgFaY+KnqtmXs6UDFwGX2QvLlGAogHgjll53 I9+PgcGE04B5mq2knTPX9RVH7RIjmZa9kHQGdHlwYRsVziWE3EHyafP0vUwvacOo AzQ8rU+OHsgzicKmHJD9IK+B/JmNvIkY3funjDGz2uSCqhBE1qt1wx+c9JedmUVZ 7GSthfErIrccZi16mShqEIzniNkLnPmfH/2udl+a7R5hO/IYl20eK3EDLbAHAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUpFegv0Q+/C2ERY5EdHIP0/U+BzUwHwYDVR0j BBgwFoAUR2YdxCorzFvO7nOsirpxsSGIhm8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZDliYTk1My04NDg5LTQ1MGUtYmJkZi03NjQ1NzFmYmFjZTcvMC80NzY2MURDNDJB MkJDQzVCQ0VFRTczQUM4QUJBNzFCMTIxODg4NjZGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDc2NjFEQzQyQTJCQ0M1QkNFRUU3M0FDOEFCQTcxQjEyMTg4 ODY2Ri5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VkOWJhOTUzLTg0ODktNDUwZS1i YmRmLTc2NDU3MWZiYWNlNy8wLzMyMzQzMDMzM2E2MjMyMzAzMDNhMzIzMzMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMzM2MzczMS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQDsgAC MDANBgkqhkiG9w0BAQsFAAOCAQEAikr7L0S0caXVK1v9P5Ksk4OHCTZoH7VX5FQU MYYehzZaKGPegCnb2q/X/JerEfQLKcMgBhvk1Q98Tz7rOs5hCeS38LFRwTRTnyid /CgdG5WGjt2twAFIiQDmB0OD6hY8xUKPdQoQTPHOU2Ql2D2ze5yVRbD5YC+YyVll NVJ8K2Tj04t5KHDr9MagSKNkfkRITPU0/lVhBbxHu/1UjnTDI/Ll0JK45oIg9rRf L5I/xEnoAvt4L4K/txoihS5Hef7t4kSVlUSPRkzIcVKwFuiiBBbQ5FuDE/PvjlRa vsMwiEwUi1LVy45s1kgvQ8pMS6emRQ4AZA43Ehh+wKIAnFTP1w== -----END CERTIFICATE-----Generated at Thu Mar 26 19:17:16 2026 by rpki-client