$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030313a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030313a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: aiSI711l1CMr2aaLPu8Vwf05paZ8ekN2AhAWasf+cFU= Subject key identifier: 2F:F7:DC:B7:9D:CA:35:01:BC:F8:08:31:68:75:1B:A6:57:47:12:71 Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 3B9DD5B9B660EDC8E1B90995612703AC74375CC8 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030313a3a2f34382d3438203d3e203233363739.roa Signing time: Sun 03 May 2026 02:19:01 +0000 ROA not before: Sun 03 May 2026 02:14:01 +0000 ROA not after: Sun 02 May 2027 02:19:01 +0000 asID: 23679 IP address blocks: 2401:2900:8001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:9d:d5:b9:b6:60:ed:c8:e1:b9:09:95:61:27:03:ac:74:37:5c:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:14:01 2026 GMT Not After : May 2 02:19:01 2027 GMT Subject: CN=2FF7DCB79DCA3501BCF8083168751BA657471271 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:5a:6c:55:44:c2:4f:19:59:12:ad:9c:9d:37: aa:ef:f3:cc:0e:b1:ed:52:ca:f8:36:bf:6e:7b:94: f3:87:e8:a8:79:b1:9c:a1:30:f3:cd:fc:0c:1e:69: 0c:f1:23:58:c9:ac:b4:96:7d:41:55:56:2f:bf:0a: a8:eb:76:3e:00:44:54:bc:30:96:73:f9:b7:98:46: 5a:9f:fc:a0:37:71:9d:bd:f2:fd:41:12:85:36:8d: ea:fb:91:6e:79:a2:f1:ef:cb:8c:09:a8:16:84:25: 38:8b:06:63:85:18:e3:64:18:ec:4c:c9:40:14:42: 1a:35:63:a8:60:2a:81:a2:47:0c:f5:42:24:03:b1: 9c:69:ff:85:02:4d:92:97:e9:c3:e9:48:ae:aa:ad: e9:90:06:8e:87:4f:29:f3:18:5d:4e:0b:fa:ee:9d: 27:89:ca:2b:d9:2f:71:e7:16:cc:ec:d4:a6:a2:38: 71:0e:39:64:af:ea:ab:85:eb:ee:7f:55:a6:b2:03: 1a:f0:fc:91:48:d4:6f:b9:2b:75:a5:1e:af:96:46: 55:8b:17:42:09:4b:d5:e0:da:b2:8b:a2:cf:33:66: 41:e7:3f:de:91:de:7e:f8:61:3c:9d:fc:3b:39:f0: 38:55:83:1b:da:87:a2:88:86:a9:2b:da:36:e5:00: f5:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:F7:DC:B7:9D:CA:35:01:BC:F8:08:31:68:75:1B:A6:57:47:12:71 X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030313a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8001::/48 Signature Algorithm: sha256WithRSAEncryption 90:a9:0e:d7:fc:18:2e:da:e8:9f:86:04:64:83:52:ae:3a:4a: 16:fe:8f:e8:4b:3c:a7:ce:cc:da:09:b3:09:e1:dd:80:f7:f4: 83:a5:19:f0:78:db:fe:73:79:4d:04:41:bb:31:29:da:ae:bc: 14:9b:21:eb:77:d0:ca:67:6c:95:c8:0c:c7:d8:63:20:6e:80: 61:ac:d1:4a:b2:e3:08:c0:6e:52:e5:6b:42:ab:25:44:51:f5: d6:2e:8f:f3:1a:af:1c:4a:43:a7:a2:75:12:32:c4:98:66:75: 23:31:98:e1:d0:a8:a8:d3:a0:69:16:15:10:65:6f:b9:52:7c: 0b:6a:d8:e4:f9:e0:92:d0:92:da:df:77:62:d3:14:7d:e6:5f: 46:30:28:13:cf:b2:59:40:a5:4c:9a:2f:5d:5f:a6:b8:0e:35: d9:e3:49:67:63:de:fb:f0:f7:6e:2a:34:09:b0:9b:a0:7c:d1: df:6e:ea:24:7d:cd:0d:29:73:8b:1d:dc:c7:37:4f:e7:ee:69: 8c:8a:4a:61:c9:17:8d:8b:33:24:46:00:94:fd:45:9f:73:c9: 4c:18:65:13:bd:9f:88:b0:2b:5c:d2:f0:ec:1b:4a:c9:f6:19: 9d:79:9d:0e:b3:6f:97:42:7e:51:e9:c4:3f:9b:dd:e2:69:80: 65:da:76:b2 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUO53VubZg7cjhuQmVYScDrHQ3XMgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjE0MDFaFw0yNzA1MDIwMjE5MDFaMDMxMTAvBgNV BAMTKDJGRjdEQ0I3OURDQTM1MDFCQ0Y4MDgzMTY4NzUxQkE2NTc0NzEyNzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkWmxVRMJPGVkSrZydN6rv88wO se1Syvg2v257lPOH6Kh5sZyhMPPN/AweaQzxI1jJrLSWfUFVVi+/Cqjrdj4ARFS8 MJZz+beYRlqf/KA3cZ298v1BEoU2jer7kW55ovHvy4wJqBaEJTiLBmOFGONkGOxM yUAUQho1Y6hgKoGiRwz1QiQDsZxp/4UCTZKX6cPpSK6qremQBo6HTynzGF1OC/ru nSeJyivZL3HnFszs1KaiOHEOOWSv6quF6+5/VaayAxrw/JFI1G+5K3WlHq+WRlWL F0IJS9Xg2rKLos8zZkHnP96R3n74YTyd/Ds58DhVgxvah6KIhqkr2jblAPWxAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUL/fct53KNQG8+AgxaHUbpldHEnEwHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzEz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIABMA0GCSqGSIb3DQEBCwUAA4IBAQCQqQ7X/Bgu2uifhgRkg1KuOkoW/o/oSzyn zszaCbMJ4d2A9/SDpRnweNv+c3lNBEG7MSnarrwUmyHrd9DKZ2yVyAzH2GMgboBh rNFKsuMIwG5S5WtCqyVEUfXWLo/zGq8cSkOnonUSMsSYZnUjMZjh0Kio06BpFhUQ ZW+5UnwLatjk+eCS0JLa33di0xR95l9GMCgTz7JZQKVMmi9dX6a4DjXZ40lnY977 8PduKjQJsJugfNHfbuokfc0NKXOLHdzHN0/n7mmMikphyReNizMkRgCU/UWfc8lM GGUTvZ+IsCtc0vDsG0rJ9hmdeZ0Os2+XQn5R6cQ/m93iaYBl2nay -----END CERTIFICATE-----Generated at Wed May 13 14:10:59 2026 by rpki-client