$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130323a3a2f34372d3437203d3e203233363739.roa File: 323430313a323930303a3130323a3a2f34372d3437203d3e203233363739.roa (raw, json) Hash identifier: e5N2IyfN0iSzOX9gcC1+E+a1yhCNgpiQCfaQsuwlETA= Subject key identifier: 85:0F:11:A4:05:FE:5D:6F:32:F6:6E:CA:B9:2C:4D:AD:69:E7:6C:4E Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 2D5D6D01C885E8A6ED413DB0523C3CB8E0A21315 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130323a3a2f34372d3437203d3e203233363739.roa Signing time: Sun 03 May 2026 02:18:46 +0000 ROA not before: Sun 03 May 2026 02:13:46 +0000 ROA not after: Sun 02 May 2027 02:18:46 +0000 asID: 23679 IP address blocks: 2401:2900:102::/47 maxlen: 47 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:5d:6d:01:c8:85:e8:a6:ed:41:3d:b0:52:3c:3c:b8:e0:a2:13:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:13:46 2026 GMT Not After : May 2 02:18:46 2027 GMT Subject: CN=850F11A405FE5D6F32F66ECAB92C4DAD69E76C4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:8c:58:56:0c:62:1c:f6:7b:0f:15:85:9a:2e: 13:c6:d7:05:ce:c9:64:a2:a9:01:ae:85:25:08:ec: 3c:e6:b8:eb:2c:58:3c:9b:79:47:7b:e7:34:69:41: 17:54:61:cf:12:19:ce:42:cd:71:d3:48:be:61:f7: 84:b1:17:71:0c:3e:dc:cb:7c:dd:6d:6f:d4:b0:cd: f8:ec:63:81:9b:16:be:98:76:b7:dd:ef:47:12:d7: 52:ce:b6:86:1b:af:e0:30:79:ad:e4:06:ed:eb:10: 7a:2e:01:ad:3d:75:1a:29:7f:c3:10:4d:84:6d:9b: a8:86:09:90:24:d1:a2:ec:34:be:32:2b:fe:bc:85: 68:ec:df:d3:c0:c2:ca:26:45:64:12:52:29:32:36: dd:47:36:30:ad:c6:df:dc:a4:37:91:a0:14:43:0b: 27:3e:39:cb:33:61:d3:01:a6:d1:42:da:ef:6b:fd: 97:3b:28:82:67:a3:0c:bf:14:2b:c8:d6:95:44:02: 1a:88:1f:9e:92:78:3a:5a:27:cc:97:fb:1f:b9:87: 6e:31:e5:5a:1f:81:db:8a:0c:ad:71:b1:48:21:b8: 2e:67:9f:79:9f:69:40:22:ed:db:a0:33:7e:59:ab: b4:01:f3:65:e2:d2:03:9e:77:b7:0a:3f:f6:3d:6f: 8e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:0F:11:A4:05:FE:5D:6F:32:F6:6E:CA:B9:2C:4D:AD:69:E7:6C:4E X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a3130323a3a2f34372d3437203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:102::/47 Signature Algorithm: sha256WithRSAEncryption 3f:7f:73:26:b2:33:61:45:ce:63:01:dc:6c:61:f3:0c:db:88: 8e:e7:b4:3e:5f:d0:59:76:93:7b:cb:28:f2:a4:65:78:6c:b1: ec:fa:49:d9:5c:bf:62:d7:50:02:a7:73:d6:f0:fe:6b:3d:e7: 2d:16:78:a1:90:46:ae:ee:ac:20:2f:1a:da:b1:05:c8:d8:cf: 55:f6:22:e2:c5:e2:44:49:40:de:b5:96:6a:a4:4c:90:36:97: 39:f5:fb:6f:01:ba:c4:77:eb:62:eb:58:1e:d4:60:37:a7:a3: 57:6b:35:34:dd:c8:d1:f3:a4:87:24:8f:09:d1:f0:ec:78:37: e4:79:16:59:87:4b:9c:2e:7e:a7:92:99:e5:cf:2e:32:88:8f: 00:d9:7b:99:7f:3e:07:f5:6b:b5:b7:37:a4:70:c0:3c:43:d8: 44:f0:c6:77:aa:bf:a1:3a:06:d4:ae:7a:27:af:fb:3c:9a:78: 84:12:98:d1:b5:33:17:70:cf:db:4f:60:f3:08:54:62:a8:eb: d7:16:11:61:4d:51:b2:bc:91:d4:f0:55:de:f8:ca:c7:65:c9: e2:14:9a:36:37:31:d4:46:3a:6f:64:95:76:fa:36:26:59:77: 96:9c:71:d5:ba:fc:d8:cd:d3:27:d6:3c:7c:42:da:19:4a:5e: c3:00:20:89 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIULV1tAciF6KbtQT2wUjw8uOCiExUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjEzNDZaFw0yNzA1MDIwMjE4NDZaMDMxMTAvBgNV BAMTKDg1MEYxMUE0MDVGRTVENkYzMkY2NkVDQUI5MkM0REFENjlFNzZDNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgjFhWDGIc9nsPFYWaLhPG1wXO yWSiqQGuhSUI7DzmuOssWDybeUd75zRpQRdUYc8SGc5CzXHTSL5h94SxF3EMPtzL fN1tb9SwzfjsY4GbFr6Ydrfd70cS11LOtoYbr+Awea3kBu3rEHouAa09dRopf8MQ TYRtm6iGCZAk0aLsNL4yK/68hWjs39PAwsomRWQSUikyNt1HNjCtxt/cpDeRoBRD Cyc+OcszYdMBptFC2u9r/Zc7KIJnowy/FCvI1pVEAhqIH56SeDpaJ8yX+x+5h24x 5VofgduKDK1xsUghuC5nn3mfaUAi7dugM35Zq7QB82Xi0gOed7cKP/Y9b467AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUhQ8RpAX+XW8y9m7KuSxNrWnnbE4wHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzEzMDMyM2Ez YTJmMzQzNzJkMzQzNzIwM2QzZTIwMzIzMzM2MzczOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHASQBKQAB AjANBgkqhkiG9w0BAQsFAAOCAQEAP39zJrIzYUXOYwHcbGHzDNuIjue0Pl/QWXaT e8so8qRleGyx7PpJ2Vy/YtdQAqdz1vD+az3nLRZ4oZBGru6sIC8a2rEFyNjPVfYi 4sXiRElA3rWWaqRMkDaXOfX7bwG6xHfrYutYHtRgN6ejV2s1NN3I0fOkhySPCdHw 7Hg35HkWWYdLnC5+p5KZ5c8uMoiPANl7mX8+B/Vrtbc3pHDAPEPYRPDGd6q/oToG 1K56J6/7PJp4hBKY0bUzF3DP209g8whUYqjr1xYRYU1RsryR1PBV3vjKx2XJ4hSa Njcx1EY6b2SVdvo2Jll3lpxx1br82M3TJ9Y8fELaGUpewwAgiQ== -----END CERTIFICATE-----Generated at Wed May 13 12:28:40 2026 by rpki-client