$ rpki-client -vvf rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030373a3a2f34382d3438203d3e203233363739.roa File: 323430313a323930303a383030373a3a2f34382d3438203d3e203233363739.roa (raw, json) Hash identifier: 4jKa5PJqI1HhqijHwaRyW0ne9rUaUrSXD6JYFSL6RQQ= Subject key identifier: 35:34:C5:67:B0:35:2F:6E:30:5B:D6:C7:FF:DC:D3:38:B9:03:6F:1C Certificate issuer: /CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Certificate serial: 289575BB5991B03E7840A6A99C9CC1E42FE30A19 Authority key identifier: D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030373a3a2f34382d3438203d3e203233363739.roa Signing time: Sun 03 May 2026 02:18:46 +0000 ROA not before: Sun 03 May 2026 02:13:46 +0000 ROA not after: Sun 02 May 2027 02:18:46 +0000 asID: 23679 IP address blocks: 2401:2900:8007::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:11:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:95:75:bb:59:91:b0:3e:78:40:a6:a9:9c:9c:c1:e4:2f:e3:0a:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D09EA95FF10C0166C2954C997A8A4989BD890A87 Validity Not Before: May 3 02:13:46 2026 GMT Not After : May 2 02:18:46 2027 GMT Subject: CN=3534C567B0352F6E305BD6C7FFDCD338B9036F1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:4a:5e:68:6f:1b:95:b7:ec:cb:94:c8:98:8e: fe:d7:3b:c0:0d:70:a6:dc:59:13:b9:ad:9c:f5:3d: 91:93:9d:da:c7:66:9c:f6:ba:65:67:ec:1c:68:0b: 3d:e8:2c:83:75:4d:09:44:53:32:f0:2b:81:3d:47: 21:0d:91:87:02:34:89:1a:46:e2:6f:19:5f:e2:32: c3:3d:be:a3:e9:78:c1:10:35:e6:8d:bf:53:ce:77: c9:90:d6:77:21:40:88:cc:52:5b:09:98:f3:53:2e: cd:f9:11:97:9a:00:f3:d1:7c:45:52:fb:81:67:75: 62:9d:cb:7a:09:3d:88:f9:ba:1b:e2:73:0d:34:57: 0d:83:e1:e0:bd:31:96:9e:e7:fe:e9:cc:74:4e:9b: 9d:2b:45:f9:ea:78:b6:30:f7:a0:f9:15:5c:ea:bb: fb:9d:50:f9:aa:fe:79:7c:3c:93:21:30:c7:0e:58: 33:01:66:3c:f4:97:30:7d:fb:7a:b1:2f:cc:16:2d: 2f:2e:bc:6d:10:7f:20:a9:cf:4f:65:da:27:6a:55: be:62:00:b1:a5:e8:c0:4f:99:d7:ed:a4:9d:e7:71: 16:a1:6d:64:7b:72:81:4d:59:df:3a:6d:88:44:32: b8:66:25:2d:69:9c:7d:b4:d1:d6:c2:9e:a4:be:ed: 83:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:34:C5:67:B0:35:2F:6E:30:5B:D6:C7:FF:DC:D3:38:B9:03:6F:1C X509v3 Authority Key Identifier: keyid:D0:9E:A9:5F:F1:0C:01:66:C2:95:4C:99:7A:8A:49:89:BD:89:0A:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/D09EA95FF10C0166C2954C997A8A4989BD890A87.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/D09EA95FF10C0166C2954C997A8A4989BD890A87.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/323430313a323930303a383030373a3a2f34382d3438203d3e203233363739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:2900:8007::/48 Signature Algorithm: sha256WithRSAEncryption 55:f9:fe:db:cd:dc:bb:b9:28:3f:97:4c:ea:9a:12:45:15:2f: fa:72:8d:0b:31:39:78:79:72:75:bd:6d:eb:91:66:d7:cf:d4: f8:0d:09:8c:c4:8a:a2:95:9b:e5:34:e6:44:97:ab:7a:34:09: 7a:92:a0:aa:ad:6f:af:7b:9c:19:de:02:99:98:66:49:f9:a7: 65:61:68:24:ea:be:21:3d:55:8b:ac:c5:ae:97:e1:2d:36:ed: 47:7e:82:2b:c3:49:ef:2c:f9:63:8e:f5:43:dc:35:c5:05:40: 4b:ea:ab:a2:f5:19:9a:7f:83:f8:dc:b3:c3:c2:a7:7a:f8:9e: 46:d3:c1:3f:2f:8c:d0:07:43:f8:2e:2e:de:c0:34:27:89:5d: 1a:bf:4d:44:6b:63:0e:8a:3a:b3:fd:23:77:3c:a8:a9:be:96: c9:8b:06:e4:48:a7:9f:d7:0b:56:b4:ea:7b:5d:e3:b3:52:7a: d7:e2:08:f6:07:bb:49:8b:b2:02:0e:aa:8c:6f:a2:3c:00:69: 3b:f5:eb:1d:8f:45:7c:b6:12:21:a8:93:5f:57:0e:ca:e8:03: 6e:5a:b6:04:cd:86:43:e2:23:66:5a:2e:ac:be:4a:e0:93:05: 0e:17:53:1a:39:9f:6e:2c:d5:a8:d8:4e:28:12:cc:9f:70:8a: 0b:bb:5c:a6 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUKJV1u1mRsD54QKapnJzB5C/jChkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDA5RUE5NUZGMTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlC RDg5MEE4NzAeFw0yNjA1MDMwMjEzNDZaFw0yNzA1MDIwMjE4NDZaMDMxMTAvBgNV BAMTKDM1MzRDNTY3QjAzNTJGNkUzMDVCRDZDN0ZGRENEMzM4QjkwMzZGMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYSl5obxuVt+zLlMiYjv7XO8AN cKbcWRO5rZz1PZGTndrHZpz2umVn7BxoCz3oLIN1TQlEUzLwK4E9RyENkYcCNIka RuJvGV/iMsM9vqPpeMEQNeaNv1POd8mQ1nchQIjMUlsJmPNTLs35EZeaAPPRfEVS +4FndWKdy3oJPYj5uhvicw00Vw2D4eC9MZae5/7pzHROm50rRfnqeLYw96D5FVzq u/udUPmq/nl8PJMhMMcOWDMBZjz0lzB9+3qxL8wWLS8uvG0QfyCpz09l2idqVb5i ALGl6MBPmdftpJ3ncRahbWR7coFNWd86bYhEMrhmJS1pnH200dbCnqS+7YNfAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUNTTFZ7A1L24wW9bH/9zTOLkDbxwwHwYDVR0j BBgwFoAU0J6pX/EMAWbClUyZeopJib2JCocwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v MjAxNDMyY2MtM2JjOS00ODU4LWI1MDYtMjE4YWFiMGIwODljLzAvRDA5RUE5NUZG MTBDMDE2NkMyOTU0Qzk5N0E4QTQ5ODlCRDg5MEE4Ny5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EMDlFQTk1RkYxMEMwMTY2QzI5NTRDOTk3QThBNDk4OUJEODkw QTg3LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i NTA2LTIxOGFhYjBiMDg5Yy8wLzMyMzQzMDMxM2EzMjM5MzAzMDNhMzgzMDMwMzcz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMzMzYzNzM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEp AIAHMA0GCSqGSIb3DQEBCwUAA4IBAQBV+f7bzdy7uSg/l0zqmhJFFS/6co0LMTl4 eXJ1vW3rkWbXz9T4DQmMxIqilZvlNOZEl6t6NAl6kqCqrW+ve5wZ3gKZmGZJ+adl YWgk6r4hPVWLrMWul+EtNu1HfoIrw0nvLPljjvVD3DXFBUBL6qui9Rmaf4P43LPD wqd6+J5G08E/L4zQB0P4Li7ewDQniV0av01Ea2MOijqz/SN3PKipvpbJiwbkSKef 1wtWtOp7XeOzUnrX4gj2B7tJi7ICDqqMb6I8AGk79esdj0V8thIhqJNfVw7K6ANu WrYEzYZD4iNmWi6svkrgkwUOF1MaOZ9uLNWo2E4oEsyfcIoLu1ym -----END CERTIFICATE-----Generated at Wed May 13 13:57:44 2026 by rpki-client