$ rpki-client -vvf rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/323430313a643934303a653066663a3a2f34382d3438203d3e203234353330.roa File: 323430313a643934303a653066663a3a2f34382d3438203d3e203234353330.roa (raw, json) Hash identifier: 3AOdmgKzkbZxwPp2bCxMQYnSsnvXDmSvwUIaP+cc8u8= Subject key identifier: 67:A2:2C:26:7B:D6:F4:16:28:B3:F7:25:22:F1:18:6D:30:17:01:FB Certificate issuer: /CN=108BD2ED0D3114613C2725256398C38B9DBAD520 Certificate serial: 294125B96FC2D6F7AE09E66F9282F456E60D3FBD Authority key identifier: 10:8B:D2:ED:0D:31:14:61:3C:27:25:25:63:98:C3:8B:9D:BA:D5:20 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/108BD2ED0D3114613C2725256398C38B9DBAD520.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/323430313a643934303a653066663a3a2f34382d3438203d3e203234353330.roa Signing time: Sun 03 May 2026 02:10:43 +0000 ROA not before: Sun 03 May 2026 02:05:43 +0000 ROA not after: Sun 02 May 2027 02:10:43 +0000 asID: 24530 IP address blocks: 2401:d940:e0ff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/108BD2ED0D3114613C2725256398C38B9DBAD520.crl rsync://rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/108BD2ED0D3114613C2725256398C38B9DBAD520.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/108BD2ED0D3114613C2725256398C38B9DBAD520.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 08:08:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:41:25:b9:6f:c2:d6:f7:ae:09:e6:6f:92:82:f4:56:e6:0d:3f:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=108BD2ED0D3114613C2725256398C38B9DBAD520 Validity Not Before: May 3 02:05:43 2026 GMT Not After : May 2 02:10:43 2027 GMT Subject: CN=67A22C267BD6F41628B3F72522F1186D301701FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f5:59:d5:c7:27:40:58:21:c1:97:30:51:76: 38:73:5a:55:1f:fb:db:39:eb:9a:1c:99:76:27:80: d7:a8:52:9e:76:72:6b:58:83:c4:9d:c2:ce:83:c5: 3b:0c:95:80:18:ec:0c:2b:5f:fd:be:4b:d3:c9:d0: 6b:28:62:a8:af:72:1d:5e:3f:80:04:58:02:12:15: 31:1a:5c:e1:52:9e:4f:52:8b:9b:2f:5a:f8:f2:f4: 82:c7:7f:55:99:74:19:78:21:17:e7:e9:86:8f:c8: 5f:aa:6f:02:43:c2:7c:33:9a:7c:06:cd:4e:ab:d8: 78:92:a6:4d:3c:d7:3f:bd:d9:66:68:59:d2:14:4e: c3:16:e9:3f:0b:25:05:28:57:20:87:76:14:c4:52: cc:a7:9e:49:aa:e8:7d:a1:41:08:e9:b9:37:a9:00: 87:d9:1f:89:a4:a0:d6:26:41:47:22:e6:be:9e:ee: 7d:6d:97:8d:8a:47:48:49:ee:5f:0a:83:a7:8c:1d: 23:60:21:87:a5:90:48:bf:4f:25:e7:f5:67:11:08: 94:9b:4d:37:32:5c:c5:9c:a9:a7:87:9d:e6:47:3d: 01:b8:a5:38:f5:b2:1b:34:71:2c:fe:a4:c8:fe:d1: f1:53:c6:89:f3:fa:f0:c6:96:89:ce:89:d8:51:c2: 8b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:A2:2C:26:7B:D6:F4:16:28:B3:F7:25:22:F1:18:6D:30:17:01:FB X509v3 Authority Key Identifier: keyid:10:8B:D2:ED:0D:31:14:61:3C:27:25:25:63:98:C3:8B:9D:BA:D5:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/108BD2ED0D3114613C2725256398C38B9DBAD520.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/108BD2ED0D3114613C2725256398C38B9DBAD520.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/042344be-f9fb-4634-92d6-894dd538cadf/0/323430313a643934303a653066663a3a2f34382d3438203d3e203234353330.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:d940:e0ff::/48 Signature Algorithm: sha256WithRSAEncryption a1:52:e6:34:e6:28:ed:48:48:0b:04:1f:e2:40:9e:5d:12:fa: 56:04:e9:10:d6:d8:40:af:d6:c2:7a:c5:b2:1b:ac:c3:bd:71: bd:c1:0a:a2:32:bd:2e:8c:e5:52:e2:a9:0a:1b:0d:01:70:ff: 50:6a:10:0f:b2:4c:67:b3:af:c7:94:e4:00:3c:32:99:a9:71: bb:b1:98:34:14:70:a4:d6:22:96:86:48:25:0f:2d:a6:2c:42: 3e:e7:23:89:a9:6c:d7:70:a1:96:cb:9a:76:d3:4f:3f:6f:aa: ce:c8:60:3e:4a:a4:55:74:51:c3:27:b1:e1:be:1d:ec:e5:99: 12:81:a5:e0:26:c9:99:0d:f9:9e:49:f6:96:b8:5e:48:2d:ca: 98:82:62:44:82:e7:b7:db:e6:1e:1c:34:2e:9a:e1:91:b4:27: 9f:f9:b3:63:64:28:45:f6:dd:27:8a:0f:fd:fd:89:42:f1:69: e3:6a:2f:29:23:65:e1:2b:00:28:8a:21:b3:c3:cb:6e:08:7f: e6:c0:4a:f0:f1:44:e7:53:6b:4f:d3:fb:09:0c:98:8d:3d:c6: 4e:62:fe:a5:c8:17:0a:05:d9:c1:69:da:72:06:1a:16:c4:b6: 3d:ce:7f:62:6c:a8:fc:31:6b:b0:00:e7:11:4a:0d:be:5f:54: 03:14:6f:5d -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUKUEluW/C1veuCeZvkoL0VuYNP70wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTA4QkQyRUQwRDMxMTQ2MTNDMjcyNTI1NjM5OEMzOEI5 REJBRDUyMDAeFw0yNjA1MDMwMjA1NDNaFw0yNzA1MDIwMjEwNDNaMDMxMTAvBgNV BAMTKDY3QTIyQzI2N0JENkY0MTYyOEIzRjcyNTIyRjExODZEMzAxNzAxRkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk9VnVxydAWCHBlzBRdjhzWlUf +9s565ocmXYngNeoUp52cmtYg8Sdws6DxTsMlYAY7AwrX/2+S9PJ0GsoYqivch1e P4AEWAISFTEaXOFSnk9Si5svWvjy9ILHf1WZdBl4IRfn6YaPyF+qbwJDwnwzmnwG zU6r2HiSpk081z+92WZoWdIUTsMW6T8LJQUoVyCHdhTEUsynnkmq6H2hQQjpuTep AIfZH4mkoNYmQUci5r6e7n1tl42KR0hJ7l8Kg6eMHSNgIYelkEi/TyXn9WcRCJSb TTcyXMWcqaeHneZHPQG4pTj1shs0cSz+pMj+0fFTxonz+vDGlonOidhRwosJAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUZ6IsJnvW9BYos/clIvEYbTAXAfswHwYDVR0j BBgwFoAUEIvS7Q0xFGE8JyUlY5jDi5261SAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MDQyMzQ0YmUtZjlmYi00NjM0LTkyZDYtODk0ZGQ1MzhjYWRmLzAvMTA4QkQyRUQw RDMxMTQ2MTNDMjcyNTI1NjM5OEMzOEI5REJBRDUyMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8xMDhCRDJFRDBEMzExNDYxM0MyNzI1MjU2Mzk4QzM4QjlEQkFE NTIwLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzA0MjM0NGJlLWY5ZmItNDYzNC05 MmQ2LTg5NGRkNTM4Y2FkZi8wLzMyMzQzMDMxM2E2NDM5MzQzMDNhNjUzMDY2NjYz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM0MzUzMzMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAHZ QOD/MA0GCSqGSIb3DQEBCwUAA4IBAQChUuY05ijtSEgLBB/iQJ5dEvpWBOkQ1thA r9bCesWyG6zDvXG9wQqiMr0ujOVS4qkKGw0BcP9QahAPskxns6/HlOQAPDKZqXG7 sZg0FHCk1iKWhkglDy2mLEI+5yOJqWzXcKGWy5p2008/b6rOyGA+SqRVdFHDJ7Hh vh3s5ZkSgaXgJsmZDfmeSfaWuF5ILcqYgmJEgue32+YeHDQumuGRtCef+bNjZChF 9t0nig/9/YlC8Wnjai8pI2XhKwAoiiGzw8tuCH/mwErw8UTnU2tP0/sJDJiNPcZO Yv6lyBcKBdnBadpyBhoWxLY9zn9ibKj8MWuwAOcRSg2+X1QDFG9d -----END CERTIFICATE-----Generated at Wed May 13 15:44:42 2026 by rpki-client