$ rpki-client -vvf repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233373a3a2f34382d3438203d3e203233363731.roa File: 323430333a623230303a3233373a3a2f34382d3438203d3e203233363731.roa (raw, json) Hash identifier: uhTChdJJIeN0Llmz0wxzUaLdYnTqQMbsoEHtxpEyUGI= Subject key identifier: B2:98:61:A1:01:B0:09:22:A9:3E:1D:89:F1:D1:43:1A:63:78:C8:FF Certificate issuer: /CN=47661DC42A2BCC5BCEEE73AC8ABA71B12188866F Certificate serial: 21953ECCA2AEF9E6BC11CE57568B02D5CE58710A Authority key identifier: 47:66:1D:C4:2A:2B:CC:5B:CE:EE:73:AC:8A:BA:71:B1:21:88:86:6F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233373a3a2f34382d3438203d3e203233363731.roa Signing time: Tue 24 Mar 2026 09:02:02 +0000 ROA not before: Tue 24 Mar 2026 08:57:02 +0000 ROA not after: Tue 23 Mar 2027 09:02:02 +0000 asID: 23671 IP address blocks: 2403:b200:237::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.crl rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 19:13:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:95:3e:cc:a2:ae:f9:e6:bc:11:ce:57:56:8b:02:d5:ce:58:71:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=47661DC42A2BCC5BCEEE73AC8ABA71B12188866F Validity Not Before: Mar 24 08:57:02 2026 GMT Not After : Mar 23 09:02:02 2027 GMT Subject: CN=B29861A101B00922A93E1D89F1D1431A6378C8FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:40:40:2d:01:09:1b:a3:bf:14:ef:27:21:cb: 6e:6a:0d:4b:ac:a5:56:57:9e:97:aa:90:67:9b:8e: d7:ca:26:43:2b:20:76:0d:12:2c:34:ce:e2:19:c8: 27:86:d9:e5:25:00:a9:03:ba:7a:35:32:67:fe:73: 05:97:51:05:ee:59:1c:b6:19:c1:9c:64:67:13:b8: 4a:fe:f5:03:38:4e:d6:2f:9c:6b:b2:fe:c0:52:96: b1:04:a2:21:1e:b6:a2:64:09:89:50:c1:8b:98:6a: 8c:3a:f3:5c:bc:fe:94:05:86:56:7b:39:72:7f:75: 42:b6:2e:48:35:d9:78:63:63:ff:39:6e:ba:50:9d: 28:11:2f:52:59:11:b4:1b:0e:ba:ea:27:dc:fd:d9: ea:07:e6:48:16:ba:a2:8b:06:03:ce:48:76:f0:cf: a3:b2:09:a8:d4:6a:dc:75:e0:e2:34:8d:36:c9:ed: b0:2a:4f:ac:6d:6a:c7:2f:55:b0:6b:cd:ed:b2:ef: 47:13:2e:f3:26:d0:74:89:7f:cf:62:f2:52:46:72: d4:d5:56:a5:1c:28:93:c2:60:07:b2:80:03:60:a6: 6c:ac:ee:21:4c:43:f4:48:5f:27:ee:fd:61:5d:ea: fe:7a:ed:6c:63:c3:80:df:4d:a6:9f:ff:62:ba:4b: f8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:98:61:A1:01:B0:09:22:A9:3E:1D:89:F1:D1:43:1A:63:78:C8:FF X509v3 Authority Key Identifier: keyid:47:66:1D:C4:2A:2B:CC:5B:CE:EE:73:AC:8A:BA:71:B1:21:88:86:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/47661DC42A2BCC5BCEEE73AC8ABA71B12188866F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ed9ba953-8489-450e-bbdf-764571fbace7/0/323430333a623230303a3233373a3a2f34382d3438203d3e203233363731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b200:237::/48 Signature Algorithm: sha256WithRSAEncryption 22:33:eb:87:40:54:0f:d1:9c:6a:04:05:dd:4c:51:ef:36:af: 3a:22:d6:5f:e5:d2:05:a4:8d:d3:bc:01:f6:bb:fb:8d:87:f3: 72:d0:80:fa:3b:6a:f9:dd:f0:6e:6a:92:44:7d:58:f7:9f:14: f7:5b:65:1d:82:a9:56:01:dd:a6:1a:11:74:14:3d:3f:b3:2f: 9e:9b:62:76:4e:93:7d:9f:bf:a2:e2:f1:0b:cc:2d:19:24:15: 51:d3:e3:0d:1d:22:cc:a6:7f:dc:9b:e3:2a:9c:c3:c5:c1:17: 4e:47:cf:70:c5:c7:ef:67:7b:53:81:08:3c:7b:1d:26:ca:c9: f9:95:c0:22:c4:a9:e3:cd:6d:31:f8:a4:5e:9b:2d:11:9d:aa: 66:06:fc:42:27:39:b1:8f:91:c5:92:c8:cc:0d:c2:26:f8:b6: f4:e7:d1:c6:38:4c:8c:f8:0a:d5:ca:41:f9:37:62:fc:c3:dc: 67:5a:aa:ad:22:6f:d6:c2:9a:be:8a:9b:89:c8:69:e9:69:7a: 25:7d:95:37:cb:24:aa:f1:5f:c8:54:88:c1:5d:44:36:5c:f0: 09:74:27:43:b0:cf:21:f1:dc:fc:14:d3:47:0b:5e:cc:4f:e1: ac:b1:7b:d7:5e:b0:d4:40:c6:9e:e1:b3:95:7a:91:59:9a:09: 39:b0:4d:4e -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUIZU+zKKu+ea8Ec5XVosC1c5YcQowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDc2NjFEQzQyQTJCQ0M1QkNFRUU3M0FDOEFCQTcxQjEy MTg4ODY2RjAeFw0yNjAzMjQwODU3MDJaFw0yNzAzMjMwOTAyMDJaMDMxMTAvBgNV BAMTKEIyOTg2MUExMDFCMDA5MjJBOTNFMUQ4OUYxRDE0MzFBNjM3OEM4RkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpQEAtAQkbo78U7ychy25qDUus pVZXnpeqkGebjtfKJkMrIHYNEiw0zuIZyCeG2eUlAKkDuno1Mmf+cwWXUQXuWRy2 GcGcZGcTuEr+9QM4TtYvnGuy/sBSlrEEoiEetqJkCYlQwYuYaow681y8/pQFhlZ7 OXJ/dUK2Lkg12XhjY/85brpQnSgRL1JZEbQbDrrqJ9z92eoH5kgWuqKLBgPOSHbw z6OyCajUatx14OI0jTbJ7bAqT6xtascvVbBrze2y70cTLvMm0HSJf89i8lJGctTV VqUcKJPCYAeygANgpmys7iFMQ/RIXyfu/WFd6v567Wxjw4DfTaaf/2K6S/gzAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUsphhoQGwCSKpPh2J8dFDGmN4yP8wHwYDVR0j BBgwFoAUR2YdxCorzFvO7nOsirpxsSGIhm8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l ZDliYTk1My04NDg5LTQ1MGUtYmJkZi03NjQ1NzFmYmFjZTcvMC80NzY2MURDNDJB MkJDQzVCQ0VFRTczQUM4QUJBNzFCMTIxODg4NjZGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDc2NjFEQzQyQTJCQ0M1QkNFRUU3M0FDOEFCQTcxQjEyMTg4 ODY2Ri5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VkOWJhOTUzLTg0ODktNDUwZS1i YmRmLTc2NDU3MWZiYWNlNy8wLzMyMzQzMDMzM2E2MjMyMzAzMDNhMzIzMzM3M2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMzM2MzczMS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQDsgAC NzANBgkqhkiG9w0BAQsFAAOCAQEAIjPrh0BUD9GcagQF3UxR7zavOiLWX+XSBaSN 07wB9rv7jYfzctCA+jtq+d3wbmqSRH1Y958U91tlHYKpVgHdphoRdBQ9P7Mvnpti dk6TfZ+/ouLxC8wtGSQVUdPjDR0izKZ/3JvjKpzDxcEXTkfPcMXH72d7U4EIPHsd JsrJ+ZXAIsSp481tMfikXpstEZ2qZgb8Qic5sY+RxZLIzA3CJvi29OfRxjhMjPgK 1cpB+Tdi/MPcZ1qqrSJv1sKavoqbichp6Wl6JX2VN8skqvFfyFSIwV1ENlzwCXQn Q7DPIfHc/BTTRwtezE/hrLF7116w1EDGnuGzlXqRWZoJObBNTg== -----END CERTIFICATE-----Generated at Thu Mar 26 23:48:15 2026 by rpki-client