$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030303a3a2f33342d3334203d3e203233363739.roa File: 323430313a323930303a383030303a3a2f33342d3334203d3e203233363739.roa (raw, json) Hash identifier: cbEd7LiB4sZ69zlLNvn4pBxDDW6TfSb/wBzA6yWVwXE= Subject key identifier: D1:4D:BF:2D:6D:84:0F:65:06:59:A6:E3:7B:53:7B:B0:FB:97:29:4B Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 189542FA6FF84180BE935903438263B6A8B04058 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030303a3a2f33342d3334203d3e203233363739.roa Signing time: Sun 03 May 2026 02:18:55 +0000 ROA not before: Sun 03 May 2026 02:13:55 +0000 ROA not after: Sun 02 May 2027 02:18:55 +0000 asID: 23679 IP address blocks: 2401:2900:8000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:95:42:fa:6f:f8:41:80:be:93:59:03:43:82:63:b6:a8:b0:40:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:13:55 2026 GMT Not After : May 2 02:18:55 2027 GMT Subject: CN=D14DBF2D6D840F650659A6E37B537BB0FB97294B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:12:28:ea:eb:29:31:21:66:57:2d:bf:fa:20: fb:09:4d:21:fa:de:0a:03:b6:1a:f6:4f:99:1d:42: 9a:2d:92:89:a6:0a:44:ff:0d:c6:78:1a:e9:57:e0: 91:fd:5f:73:68:d4:9b:50:0d:7e:fc:cd:fa:c8:c3: 5e:33:aa:35:98:f4:7b:d8:dd:56:29:e2:96:54:8b: b2:5f:08:ff:6a:79:ac:96:9a:f2:79:3a:9d:81:6b: b7:6c:15:aa:f2:5b:c8:d4:97:66:e9:b8:e9:af:c9: aa:d3:b0:d2:34:a3:30:ee:50:07:cf:a4:1b:fb:ad: f1:b6:96:da:25:73:30:35:5f:9a:2f:3c:94:04:72: 3c:e5:a5:99:8e:d1:ce:07:6c:90:a5:43:6d:c3:7f: 4b:4f:23:48:5f:eb:31:db:d6:46:83:e7:2f:22:78: 4b:8b:b4:f9:75:e1:a7:25:51:95:a7:48:38:c6:98: f8:db:9f:4b:b4:1b:90:f9:bf:c9:fa:2f:97:1f:f6: a6:1e:e0:7f:9b:6b:8b:73:20:a6:cb:3e:92:fb:4a: 0d:b4:97:0d:f4:62:bc:2c:3b:89:1e:fa:72:89:11: 09:02:b3:5d:d7:e2:5c:b8:66:5c:db:c3:d3:09:75: b7:b3:23:fc:08:6a:86:44:88:43:19:69:59:be:52: 98:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:4D:BF:2D:6D:84:0F:65:06:59:A6:E3:7B:53:7B:B0:FB:97:29:4B X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030303a3a2f33342d3334203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8000::/34 Signature Algorithm: sha256WithRSAEncryption 55:55:2f:0f:6a:14:e1:e2:24:37:44:43:b5:cc:48:15:f8:a2: 37:db:5c:14:99:63:41:c4:51:96:97:77:76:f8:bf:27:15:5a: c5:6b:2e:6a:bb:78:a8:99:42:65:99:e1:69:1f:8b:f9:09:59: 5e:12:52:e4:ed:a4:e7:f8:49:48:31:07:bd:51:ec:ac:b0:21: 9d:74:db:09:38:28:e2:35:e4:e1:2f:d2:7c:28:6f:ca:ed:5a: a5:b8:88:90:3d:10:1d:1e:c6:db:b9:17:79:fc:89:94:4b:0b: 0b:da:85:04:54:1c:73:5b:c2:91:a4:1e:c6:e5:b2:63:21:36: 74:34:be:2b:09:34:7d:15:58:10:c7:62:35:d1:11:13:97:ab: 0e:98:99:ef:c2:7f:f3:57:29:d7:dc:8d:93:36:7e:8c:67:8e: e7:a1:ad:b0:cc:fe:d4:73:92:8f:56:f7:8f:8b:ee:fb:22:e1: da:95:35:07:55:ac:04:df:2c:fb:98:25:ab:c1:4e:b5:dc:74: 54:97:ee:73:af:3a:0b:49:ff:ae:da:27:7e:4c:de:00:e2:d3: 11:1e:f8:20:bd:f3:f7:31:ad:88:18:aa:42:ea:9c:63:0b:10: b3:e7:6b:49:66:00:50:1a:aa:5b:3f:c6:ce:6a:87:4f:9c:98: 98:b0:96:50 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUGJVC+m/4QYC+k1kDQ4JjtqiwQFgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjEzNTVaFw0yNzA1MDIwMjE4NTVaMDMxMTAvBgNV BAMTKEQxNERCRjJENkQ4NDBGNjUwNjU5QTZFMzdCNTM3QkIwRkI5NzI5NEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYEijq6ykxIWZXLb/6IPsJTSH6 3goDthr2T5kdQpotkommCkT/DcZ4GulX4JH9X3No1JtQDX78zfrIw14zqjWY9HvY 3VYp4pZUi7JfCP9qeayWmvJ5Op2Ba7dsFaryW8jUl2bpuOmvyarTsNI0ozDuUAfP pBv7rfG2ltolczA1X5ovPJQEcjzlpZmO0c4HbJClQ23Df0tPI0hf6zHb1kaD5y8i eEuLtPl14aclUZWnSDjGmPjbn0u0G5D5v8n6L5cf9qYe4H+ba4tzIKbLPpL7Sg20 lw30YrwsO4ke+nKJEQkCs13X4ly4Zlzbw9MJdbezI/wIaoZEiEMZaVm+Uph/AgMB AAGjggI8MIICODAdBgNVHQ4EFgQU0U2/LW2ED2UGWabje1N7sPuXKUswHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzAz YTNhMmYzMzM0MmQzMzM0MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGJAEp AIAwDQYJKoZIhvcNAQELBQADggEBAFVVLw9qFOHiJDdEQ7XMSBX4ojfbXBSZY0HE UZaXd3b4vycVWsVrLmq7eKiZQmWZ4Wkfi/kJWV4SUuTtpOf4SUgxB71R7KywIZ10 2wk4KOI15OEv0nwob8rtWqW4iJA9EB0extu5F3n8iZRLCwvahQRUHHNbwpGkHsbl smMhNnQ0visJNH0VWBDHYjXREROXqw6Yme/Cf/NXKdfcjZM2foxnjuehrbDM/tRz ko9W94+L7vsi4dqVNQdVrATfLPuYJavBTrXcdFSX7nOvOgtJ/67aJ35M3gDi0xEe +CC98/cxrYgYqkLqnGMLELPna0lmAFAaqls/xs5qh0+cmJiwllA= -----END CERTIFICATE-----Generated at Wed May 13 12:43:20 2026 by rpki-client