$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: 1A3cES0oUj7qDm5HJv0yZqKMRnEDzJl+TC2frUx5tzg= Subject key identifier: 2F:F3:BD:A7:E9:49:D4:15:6D:19:C3:38:8E:52:05:16:30:10:F4:19 Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 3C4B82F881D1523875C88DF4ACAD93DC6CE4C552 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa Signing time: Sun 03 May 2026 02:18:44 +0000 ROA not before: Sun 03 May 2026 02:13:44 +0000 ROA not after: Sun 02 May 2027 02:18:44 +0000 asID: 23679 IP address blocks: 2401:2900:8005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:4b:82:f8:81:d1:52:38:75:c8:8d:f4:ac:ad:93:dc:6c:e4:c5:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:13:44 2026 GMT Not After : May 2 02:18:44 2027 GMT Subject: CN=2FF3BDA7E949D4156D19C3388E5205163010F419 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ab:44:ba:94:d3:e6:63:ff:0c:21:c7:11:96: 32:03:6b:82:8f:56:9c:34:ee:88:1f:6c:fc:a0:52: ab:2b:e2:6d:95:91:1e:0d:f1:29:25:f4:e8:7d:36: c8:c7:82:a9:17:5f:56:f4:5d:bb:a1:e3:a6:2d:94: 27:60:14:d1:da:f1:9e:08:66:bc:df:73:be:ac:e6: c6:c6:a2:19:bd:61:e9:08:4b:5e:57:62:35:07:70: 98:23:64:0c:52:b1:8d:5d:f0:4c:4b:ca:e3:f9:00: b0:0a:77:82:a0:bb:20:33:97:4c:c3:a8:d8:05:78: 8c:65:b9:01:32:47:be:d8:3a:e3:10:af:d3:e1:19: 0a:7e:64:d1:12:27:13:20:1a:a8:77:ca:cc:23:71: e7:55:5f:44:90:30:63:ae:91:43:37:26:41:ea:11: 42:9b:e8:27:62:09:99:6b:0a:64:30:2a:2a:27:72: 6b:13:af:11:73:73:3a:f9:ab:98:f1:ce:83:b3:1e: c5:5e:35:7f:79:2d:f8:f4:6e:e4:ca:fd:c1:58:8c: 34:95:b6:b0:00:47:55:44:22:b1:f8:f5:3c:9f:b2: 41:ad:88:9e:a1:33:97:d7:27:5e:c1:94:b5:6e:97: 4b:51:5d:eb:b6:00:9b:25:c8:76:9c:fd:af:34:45: e0:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:F3:BD:A7:E9:49:D4:15:6D:19:C3:38:8E:52:05:16:30:10:F4:19 X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030353a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8005::/48 Signature Algorithm: sha256WithRSAEncryption 6e:9b:da:e6:e8:7d:69:ca:07:52:87:9d:b1:71:af:d2:fd:41: 55:f1:85:25:ce:cd:2c:ae:08:e9:37:7b:bf:f2:8a:34:f5:21: b1:83:4b:02:e5:3e:a5:1e:38:f0:6d:65:43:22:cc:b7:c4:80: c2:bf:7c:fa:3f:1f:79:db:ba:0d:9c:d7:dd:51:f2:80:78:e0: 6c:52:9e:c4:01:7d:6b:97:b5:5c:b1:86:fd:02:e6:63:de:0e: 6a:ee:55:0d:e4:92:e3:4d:26:60:55:b8:fd:12:33:43:14:3a: 1e:0d:1a:a2:ed:b8:32:74:89:99:2d:23:fd:7e:18:de:56:3f: e0:49:d8:e0:a0:c8:55:c2:04:56:4a:9a:92:f9:14:84:95:f5: 1c:65:43:a8:e4:4c:c5:6f:f2:1c:55:c7:ca:a2:d5:96:d7:75: 7e:fa:b0:6b:42:6a:ee:85:5e:d4:1d:5d:65:fe:58:f1:1b:4e: d0:e7:d8:8c:71:df:b7:22:e1:54:e5:bd:49:56:46:6e:1b:28: 12:3c:e4:fa:04:c9:51:83:6a:76:41:70:59:85:b6:9e:6c:b6: 5f:52:45:3b:cf:6e:22:76:14:5f:c1:b9:ca:a3:19:aa:36:11: 77:89:ad:ff:9d:2f:f9:8f:40:62:4d:b4:e9:6f:17:db:64:b1: 5c:4f:99:c9 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUPEuC+IHRUjh1yI30rK2T3GzkxVIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjEzNDRaFw0yNzA1MDIwMjE4NDRaMDMxMTAvBgNV BAMTKDJGRjNCREE3RTk0OUQ0MTU2RDE5QzMzODhFNTIwNTE2MzAxMEY0MTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXq0S6lNPmY/8MIccRljIDa4KP Vpw07ogfbPygUqsr4m2VkR4N8Skl9Oh9NsjHgqkXX1b0Xbuh46YtlCdgFNHa8Z4I Zrzfc76s5sbGohm9YekIS15XYjUHcJgjZAxSsY1d8ExLyuP5ALAKd4KguyAzl0zD qNgFeIxluQEyR77YOuMQr9PhGQp+ZNESJxMgGqh3yswjcedVX0SQMGOukUM3JkHq EUKb6CdiCZlrCmQwKioncmsTrxFzczr5q5jxzoOzHsVeNX95Lfj0buTK/cFYjDSV trAAR1VEIrH49TyfskGtiJ6hM5fXJ17BlLVul0tRXeu2AJslyHac/a80ReAvAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUL/O9p+lJ1BVtGcM4jlIFFjAQ9BkwHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzUz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIAFMA0GCSqGSIb3DQEBCwUAA4IBAQBum9rm6H1pygdSh52xca/S/UFV8YUlzs0s rgjpN3u/8oo09SGxg0sC5T6lHjjwbWVDIsy3xIDCv3z6Px9527oNnNfdUfKAeOBs Up7EAX1rl7VcsYb9AuZj3g5q7lUN5JLjTSZgVbj9EjNDFDoeDRqi7bgydImZLSP9 fhjeVj/gSdjgoMhVwgRWSpqS+RSElfUcZUOo5EzFb/IcVcfKotWW13V++rBrQmru hV7UHV1l/ljxG07Q59iMcd+3IuFU5b1JVkZuGygSPOT6BMlRg2p2QXBZhbaebLZf UkU7z24idhRfwbnKoxmqNhF3ia3/nS/5j0BiTbTpbxfbZLFcT5nJ -----END CERTIFICATE-----Generated at Wed May 13 13:20:28 2026 by rpki-client