$ rpki-client -vvf rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa File: 323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa (raw, json) Hash identifier: W6PaD9jD2W7QLE6L053n0v5wsFLq3jDzK+h9oZCa+Ww= Subject key identifier: 58:FD:91:62:A7:03:EE:DD:C8:FD:0E:29:6B:4B:AB:B1:1F:1F:3D:FA Certificate issuer: /CN=498FC3DB03528A64214589740CA13E84E4775306 Certificate serial: 2B9C7FF41545A66092AA43778112B934E92883B4 Authority key identifier: 49:8F:C3:DB:03:52:8A:64:21:45:89:74:0C:A1:3E:84:E4:77:53:06 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/498FC3DB03528A64214589740CA13E84E4775306.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa Signing time: Sun 03 May 2026 02:14:05 +0000 ROA not before: Sun 03 May 2026 02:09:05 +0000 ROA not after: Sun 02 May 2027 02:14:05 +0000 asID: 142339 IP address blocks: 2407:a5c0:14::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/498FC3DB03528A64214589740CA13E84E4775306.crl rsync://rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/498FC3DB03528A64214589740CA13E84E4775306.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/498FC3DB03528A64214589740CA13E84E4775306.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:07:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:9c:7f:f4:15:45:a6:60:92:aa:43:77:81:12:b9:34:e9:28:83:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=498FC3DB03528A64214589740CA13E84E4775306 Validity Not Before: May 3 02:09:05 2026 GMT Not After : May 2 02:14:05 2027 GMT Subject: CN=58FD9162A703EEDDC8FD0E296B4BABB11F1F3DFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:44:47:62:65:54:10:75:35:b7:ae:79:b5:e8: c2:66:68:dd:35:f4:fb:08:5d:b8:f4:13:f1:c1:c4: 7b:3d:e5:b3:44:bf:05:c4:0a:f3:6a:a6:70:40:d7: 42:c8:33:fa:06:55:c0:d9:8f:67:1e:25:3f:88:ae: 29:83:d0:0c:0c:14:da:75:ec:b6:0a:ba:fa:7d:a7: 5b:6b:4e:e2:5b:1a:bc:19:ee:a0:90:68:a8:af:92: 44:8b:a8:e7:8a:15:59:67:7a:b6:99:78:17:2b:b3: 76:bd:43:a3:af:c4:50:5c:a3:08:d4:63:4e:2b:bc: 7e:51:c3:20:46:2b:06:0c:dc:3f:c8:34:55:3a:c4: f7:c0:d7:28:89:34:27:ae:be:28:b6:96:9c:7d:66: 69:d4:b7:4c:46:39:11:97:1a:33:c1:d1:b3:16:0d: 07:fe:be:af:1c:39:15:0e:60:06:a4:a0:19:b9:a6: 05:4e:22:0a:43:d0:f5:f4:c6:99:93:f9:7a:fa:73: 52:48:75:71:44:bc:15:4b:7c:e0:a1:af:42:7b:cc: 03:87:e3:10:e4:ea:8a:cb:c1:55:5a:16:85:62:53: a3:4c:8b:5e:5e:7e:c4:b3:3d:81:00:c6:4f:ad:24: 41:a5:23:95:34:b5:0b:46:a1:fd:5f:f4:65:da:ed: 64:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:FD:91:62:A7:03:EE:DD:C8:FD:0E:29:6B:4B:AB:B1:1F:1F:3D:FA X509v3 Authority Key Identifier: keyid:49:8F:C3:DB:03:52:8A:64:21:45:89:74:0C:A1:3E:84:E4:77:53:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/498FC3DB03528A64214589740CA13E84E4775306.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/498FC3DB03528A64214589740CA13E84E4775306.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/1192021e-3904-4115-af5e-3edb713baa14/0/323430373a613563303a31343a3a2f34382d3438203d3e20313432333339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:a5c0:14::/48 Signature Algorithm: sha256WithRSAEncryption 47:87:bc:f5:c9:fd:92:3e:1d:85:00:51:12:dc:cc:69:31:81: 3f:45:7e:38:6c:25:8e:91:4a:e7:f4:e8:03:af:5c:a6:95:a6: 98:d1:a8:22:24:0d:10:90:93:6e:54:72:d0:71:c8:16:d6:5c: 78:53:74:a9:ab:4b:29:5c:4a:26:42:59:7b:78:68:d6:86:8e: ed:00:6d:cf:8d:60:dd:cc:56:ec:65:d3:c3:03:4a:1b:2f:d7: dc:22:89:99:7b:82:56:5b:65:67:1f:97:08:67:3e:ec:51:1c: be:5e:29:72:db:99:34:99:56:50:f2:f7:7d:89:ee:9b:53:a6: 67:d9:76:4b:00:1c:86:b1:d4:7a:ec:6e:bf:02:7b:c7:ad:d6: bd:25:2e:80:de:d0:1e:2d:28:14:02:72:8b:76:62:19:de:81: 3c:f5:9e:97:9c:65:c7:7e:5f:5f:00:fd:a6:c0:2d:83:23:d3: 2f:23:74:db:eb:9d:0e:bf:53:fe:ae:93:1a:f9:0c:0e:fe:bd: 67:25:48:c9:5c:bc:0b:7c:71:54:58:80:56:66:b9:6d:19:02: a5:59:e2:f0:43:bd:a1:0a:e7:5a:67:67:46:d2:7c:83:89:30: ec:59:77:1f:64:96:db:1a:f6:e0:59:c7:1f:70:ba:82:ae:67: 2c:7e:70:75 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUK5x/9BVFpmCSqkN3gRK5NOkog7QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDk4RkMzREIwMzUyOEE2NDIxNDU4OTc0MENBMTNFODRF NDc3NTMwNjAeFw0yNjA1MDMwMjA5MDVaFw0yNzA1MDIwMjE0MDVaMDMxMTAvBgNV BAMTKDU4RkQ5MTYyQTcwM0VFRERDOEZEMEUyOTZCNEJBQkIxMUYxRjNERkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0REdiZVQQdTW3rnm16MJmaN01 9PsIXbj0E/HBxHs95bNEvwXECvNqpnBA10LIM/oGVcDZj2ceJT+IrimD0AwMFNp1 7LYKuvp9p1trTuJbGrwZ7qCQaKivkkSLqOeKFVlneraZeBcrs3a9Q6OvxFBcowjU Y04rvH5RwyBGKwYM3D/INFU6xPfA1yiJNCeuvii2lpx9ZmnUt0xGORGXGjPB0bMW DQf+vq8cORUOYAakoBm5pgVOIgpD0PX0xpmT+Xr6c1JIdXFEvBVLfOChr0J7zAOH 4xDk6orLwVVaFoViU6NMi15efsSzPYEAxk+tJEGlI5U0tQtGof1f9GXa7WRpAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUWP2RYqcD7t3I/Q4pa0ursR8fPfowHwYDVR0j BBgwFoAUSY/D2wNSimQhRYl0DKE+hOR3UwYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MTE5MjAyMWUtMzkwNC00MTE1LWFmNWUtM2VkYjcxM2JhYTE0LzAvNDk4RkMzREIw MzUyOEE2NDIxNDU4OTc0MENBMTNFODRFNDc3NTMwNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80OThGQzNEQjAzNTI4QTY0MjE0NTg5NzQwQ0ExM0U4NEU0Nzc1 MzA2LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzExOTIwMjFlLTM5MDQtNDExNS1h ZjVlLTNlZGI3MTNiYWExNC8wLzMyMzQzMDM3M2E2MTM1NjMzMDNhMzEzNDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMjMzMzMzOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQHpcAA FDANBgkqhkiG9w0BAQsFAAOCAQEAR4e89cn9kj4dhQBREtzMaTGBP0V+OGwljpFK 5/ToA69cppWmmNGoIiQNEJCTblRy0HHIFtZceFN0qatLKVxKJkJZe3ho1oaO7QBt z41g3cxW7GXTwwNKGy/X3CKJmXuCVltlZx+XCGc+7FEcvl4pctuZNJlWUPL3fYnu m1OmZ9l2SwAchrHUeuxuvwJ7x63WvSUugN7QHi0oFAJyi3ZiGd6BPPWel5xlx35f XwD9psAtgyPTLyN02+udDr9T/q6TGvkMDv69ZyVIyVy8C3xxVFiAVma5bRkCpVni 8EO9oQrnWmdnRtJ8g4kw7Fl3H2SW2xr24FnHH3C6gq5nLH5wdQ== -----END CERTIFICATE-----Generated at Wed May 13 16:11:58 2026 by rpki-client