$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130303a3a2f34302d3430203d3e203233363739.roa File: 323430313a323930303a3130303a3a2f34302d3430203d3e203233363739.roa (raw, json) Hash identifier: Ioc5OKSF25BeedAssdNWjXfq2yXFuxksavkB/wE52sM= Subject key identifier: 61:70:FB:C2:04:D3:EA:6A:DB:91:4B:4E:56:B8:27:0D:CE:31:5F:C8 Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 4AA0DEB0B70D616E344DED8DAF8AE485EB855087 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130303a3a2f34302d3430203d3e203233363739.roa Signing time: Sun 03 May 2026 02:19:00 +0000 ROA not before: Sun 03 May 2026 02:14:00 +0000 ROA not after: Sun 02 May 2027 02:19:00 +0000 asID: 23679 IP address blocks: 2401:2900:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:a0:de:b0:b7:0d:61:6e:34:4d:ed:8d:af:8a:e4:85:eb:85:50:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:14:00 2026 GMT Not After : May 2 02:19:00 2027 GMT Subject: CN=6170FBC204D3EA6ADB914B4E56B8270DCE315FC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:59:fa:97:d7:f4:99:c5:ac:fc:a7:83:ce:67: 9d:b6:76:05:99:1c:af:68:5d:3f:34:e9:fa:c4:75: 4d:fb:23:30:d3:e8:3b:75:dc:85:c3:ac:0d:1c:21: 40:6c:38:ea:8a:ac:e8:05:af:cf:c4:fb:dc:9e:39: 51:ae:62:42:2e:53:38:36:33:c8:e0:03:3b:f2:67: 49:1e:90:03:6b:b0:5e:32:2e:4b:40:9d:44:e9:01: f4:ee:70:a2:b3:e2:aa:0d:ac:77:3c:b0:be:22:3e: fd:82:6b:ac:d0:3a:73:3d:0a:4b:9b:a4:36:b6:f6: 91:5c:c1:74:4d:42:22:84:1e:2e:e9:07:0c:88:d7: 00:f8:6c:62:b8:51:c9:22:d7:8c:a4:b1:c4:d0:eb: f5:c4:8b:6c:f3:27:a9:a3:0a:d3:c7:03:89:ee:4e: 39:06:5f:50:8a:52:4e:fb:02:dc:e9:93:0f:0e:43: e0:1f:b3:8b:0e:4e:0d:9e:a2:af:e7:ac:12:83:bf: 6e:f5:8f:2f:db:d8:3f:d6:ea:2f:48:f9:5c:95:30: 2b:61:f6:d7:95:e7:8c:f1:f4:6d:ef:2f:f9:fd:43: 89:ff:32:70:1c:d7:18:6d:da:7f:f5:7a:eb:c2:6e: e1:3a:c4:e2:b0:0f:70:bf:78:ae:b4:e3:9a:fb:42: d3:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:70:FB:C2:04:D3:EA:6A:DB:91:4B:4E:56:B8:27:0D:CE:31:5F:C8 X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130303a3a2f34302d3430203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:100::/40 Signature Algorithm: sha256WithRSAEncryption 95:ea:ed:41:96:84:32:85:e0:e3:f4:d5:4e:3d:90:fd:9c:88: b1:2d:a7:b8:36:04:10:ae:29:4d:7c:3b:e9:ef:93:8e:cb:ff: 08:0d:11:fa:ec:0b:e9:3f:e1:bd:2e:7a:27:c7:36:e3:47:22: cb:a4:4a:ef:0b:9b:41:61:b6:a5:7e:39:11:2c:c2:39:f5:65: 51:fa:3c:30:ee:5d:ae:ee:ee:96:db:31:33:b3:95:74:72:ae: 9e:21:e1:e7:75:f5:86:79:aa:36:d5:1f:e0:37:7c:e2:4a:0c: 49:f2:cc:73:7a:50:89:cc:1d:c1:ef:52:fd:cf:07:58:8c:b8: cf:aa:d6:12:70:06:ce:56:7c:38:19:25:22:28:2c:46:f2:bf: a3:62:64:a7:96:15:56:94:fb:b4:4e:40:b3:f2:d9:6a:12:52: 95:64:d3:d1:fc:3a:8b:1b:c6:4c:36:d6:ad:19:a2:84:d9:49: 60:18:07:62:56:8c:ca:65:db:50:4b:36:46:a9:12:fb:0e:7a: e0:b6:65:60:a5:48:8c:08:db:d2:80:1f:6d:bf:f7:b3:ce:f8: 6d:b8:19:c9:7d:d9:ad:d3:dd:de:37:5d:e3:5a:f2:fa:5b:5d: 07:a3:02:38:62:73:2a:70:7e:56:29:33:36:14:eb:28:ae:01: fc:0b:8d:b4 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUSqDesLcNYW40Te2Nr4rkheuFUIcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjE0MDBaFw0yNzA1MDIwMjE5MDBaMDMxMTAvBgNV BAMTKDYxNzBGQkMyMDREM0VBNkFEQjkxNEI0RTU2QjgyNzBEQ0UzMTVGQzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHWfqX1/SZxaz8p4POZ522dgWZ HK9oXT806frEdU37IzDT6Dt13IXDrA0cIUBsOOqKrOgFr8/E+9yeOVGuYkIuUzg2 M8jgAzvyZ0kekANrsF4yLktAnUTpAfTucKKz4qoNrHc8sL4iPv2Ca6zQOnM9Ckub pDa29pFcwXRNQiKEHi7pBwyI1wD4bGK4Ucki14ykscTQ6/XEi2zzJ6mjCtPHA4nu TjkGX1CKUk77Atzpkw8OQ+Afs4sOTg2eoq/nrBKDv271jy/b2D/W6i9I+VyVMCth 9teV54zx9G3vL/n9Q4n/MnAc1xht2n/1euvCbuE6xOKwD3C/eK6045r7QtNxAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQUYXD7wgTT6mrbkUtOVrgnDc4xX8gwHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzEzMDMwM2Ez YTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIzMzM2MzczOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACQBKQAB MA0GCSqGSIb3DQEBCwUAA4IBAQCV6u1BloQyheDj9NVOPZD9nIixLae4NgQQrilN fDvp75OOy/8IDRH67AvpP+G9LnonxzbjRyLLpErvC5tBYbalfjkRLMI59WVR+jww 7l2u7u6W2zEzs5V0cq6eIeHndfWGeao21R/gN3ziSgxJ8sxzelCJzB3B71L9zwdY jLjPqtYScAbOVnw4GSUiKCxG8r+jYmSnlhVWlPu0TkCz8tlqElKVZNPR/DqLG8ZM NtatGaKE2UlgGAdiVozKZdtQSzZGqRL7DnrgtmVgpUiMCNvSgB9tv/ezzvhtuBnJ fdmt093eN13jWvL6W10HowI4YnMqcH5WKTM2FOsorgH8C420 -----END CERTIFICATE-----Generated at Wed May 13 13:00:49 2026 by rpki-client