$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030323a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030323a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: AiMRprZJmh9+N8KIexOL9fZ8Zp6dk3j/Tjzq7PAB2pU= Subject key identifier: 18:B0:17:C0:1A:DB:ED:47:95:8E:B1:4B:38:27:A7:4D:22:E8:C9:A8 Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 444D453AB808D2034F89A13FE21AFBE668A01F0D Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030323a3a2f34382d3438203d3e203233363739.roa Signing time: Sun 03 May 2026 02:19:00 +0000 ROA not before: Sun 03 May 2026 02:14:00 +0000 ROA not after: Sun 02 May 2027 02:19:00 +0000 asID: 23679 IP address blocks: 2401:2900:8002::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:4d:45:3a:b8:08:d2:03:4f:89:a1:3f:e2:1a:fb:e6:68:a0:1f:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:14:00 2026 GMT Not After : May 2 02:19:00 2027 GMT Subject: CN=18B017C01ADBED47958EB14B3827A74D22E8C9A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:5a:87:cd:96:97:f7:b8:82:7a:59:06:fc:79: 31:7d:56:3f:f2:4b:81:31:51:30:08:d5:14:e9:cf: 1a:a1:83:80:b8:cc:c2:0d:6a:a7:c2:09:c4:5f:e4: 16:07:93:c6:c6:ba:0b:9e:1d:fd:93:b5:0c:4c:28: c5:2e:2d:24:3d:34:37:a0:80:ea:54:32:11:e3:0e: 65:da:49:fb:98:bf:50:ee:79:96:bc:fc:e3:32:d9: 9b:54:ba:05:a8:a4:59:ca:42:16:da:fa:b9:5a:17: a6:d4:c3:ed:15:d0:0a:7e:2f:97:78:6c:a4:3e:27: a3:51:e2:74:b0:fd:e8:fd:ae:f9:cf:a1:25:e7:9d: c3:5e:a0:11:de:b5:de:14:86:a4:7f:fc:8a:13:d3: e4:b8:cb:49:68:38:c1:dc:09:2b:25:ac:87:9b:d3: 68:3d:7e:d5:b5:27:2a:45:ab:bd:7c:22:55:a6:0d: 84:8e:15:78:d5:b6:66:a5:5e:98:e1:fa:b7:9d:31: 5f:7a:e0:39:93:42:8a:97:b9:58:54:eb:28:70:de: 78:0b:98:38:e2:b8:6f:ff:4b:3f:79:8a:a5:55:53: a1:fb:05:70:ee:74:a5:0c:a2:9d:c8:14:31:42:83: cd:ad:54:23:bf:87:d0:a1:e0:ab:4a:5a:42:60:aa: b4:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:B0:17:C0:1A:DB:ED:47:95:8E:B1:4B:38:27:A7:4D:22:E8:C9:A8 X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030323a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8002::/48 Signature Algorithm: sha256WithRSAEncryption 26:03:c5:0c:ff:d9:b0:13:9d:71:b0:72:27:7c:ff:84:c6:35: 14:9b:05:6b:0c:79:82:30:dc:ed:19:4a:5c:14:18:ea:33:91: c8:f1:fa:0a:26:61:fd:7b:41:0a:42:40:f9:2e:46:82:e0:f4: d0:14:2d:be:16:f4:83:d9:78:a6:0a:c2:5c:0a:7f:2f:5e:39: ea:e8:31:10:1f:68:88:fc:65:08:75:d3:00:c6:83:88:39:28: 52:84:53:21:91:1a:1d:77:f4:44:70:10:73:0e:f3:f9:66:29: d2:ca:20:bd:14:6e:bd:79:a1:e6:bb:c9:2d:b8:2b:00:55:4e: 59:cd:d4:6f:36:72:0c:e7:aa:2f:fb:ed:4f:b4:0d:4b:53:4e: 38:bf:24:3f:e6:f8:64:f4:82:0e:0f:25:da:b2:cc:54:a3:0c: 24:7c:20:2d:a3:71:52:51:44:4e:a3:a7:8e:3a:3f:7e:65:0a: 41:0e:8b:39:72:c5:1b:0b:36:aa:f6:6a:f8:73:cc:10:84:fe: ba:4c:ec:dd:88:cc:fc:28:4e:ef:81:90:f8:25:b9:98:d4:89: f8:2a:ac:e5:7a:33:74:d3:71:ba:92:70:35:9b:a3:1f:69:8b: da:d5:b5:bd:c3:73:55:1a:4c:27:c7:8f:2c:0a:6e:41:b9:12: 4f:eb:c1:1d -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIURE1FOrgI0gNPiaE/4hr75migHw0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjE0MDBaFw0yNzA1MDIwMjE5MDBaMDMxMTAvBgNV BAMTKDE4QjAxN0MwMUFEQkVENDc5NThFQjE0QjM4MjdBNzREMjJFOEM5QTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqWofNlpf3uIJ6WQb8eTF9Vj/y S4ExUTAI1RTpzxqhg4C4zMINaqfCCcRf5BYHk8bGugueHf2TtQxMKMUuLSQ9NDeg gOpUMhHjDmXaSfuYv1DueZa8/OMy2ZtUugWopFnKQhba+rlaF6bUw+0V0Ap+L5d4 bKQ+J6NR4nSw/ej9rvnPoSXnncNeoBHetd4UhqR//IoT0+S4y0loOMHcCSslrIeb 02g9ftW1JypFq718IlWmDYSOFXjVtmalXpjh+redMV964DmTQoqXuVhU6yhw3ngL mDjiuG//Sz95iqVVU6H7BXDudKUMop3IFDFCg82tVCO/h9Ch4KtKWkJgqrQTAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUGLAXwBrb7UeVjrFLOCenTSLoyagwHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzIz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIACMA0GCSqGSIb3DQEBCwUAA4IBAQAmA8UM/9mwE51xsHInfP+ExjUUmwVrDHmC MNztGUpcFBjqM5HI8foKJmH9e0EKQkD5LkaC4PTQFC2+FvSD2XimCsJcCn8vXjnq 6DEQH2iI/GUIddMAxoOIOShShFMhkRodd/REcBBzDvP5ZinSyiC9FG69eaHmu8kt uCsAVU5ZzdRvNnIM56ov++1PtA1LU044vyQ/5vhk9IIODyXassxUowwkfCAto3FS UUROo6eOOj9+ZQpBDos5csUbCzaq9mr4c8wQhP66TOzdiMz8KE7vgZD4JbmY1In4 KqzlejN003G6knA1m6MfaYva1bW9w3NVGkwnx48sCm5BuRJP68Ed -----END CERTIFICATE-----Generated at Wed May 13 15:57:04 2026 by rpki-client