$ rpki-client -vvf rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32313a3a2f34382d3438203d3e20313437313337.roa File: 323430303a343661303a32313a3a2f34382d3438203d3e20313437313337.roa (raw, json) Hash identifier: 0dcMygO+Bc+TXcrUgmdBEdxgQ/GML+71SETcyrBroSo= Subject key identifier: 12:23:D0:BB:1F:01:38:0C:E6:23:5E:75:E8:D6:17:D4:79:44:66:89 Certificate issuer: /CN=C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9 Certificate serial: 06F9BB70DDC0E0E65741B2EEA553AFEA071618E2 Authority key identifier: C0:D7:02:8C:0F:A6:28:34:8A:E2:24:5D:D0:CC:02:D3:C5:DC:B3:F9 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32313a3a2f34382d3438203d3e20313437313337.roa Signing time: Sun 03 May 2026 02:26:37 +0000 ROA not before: Sun 03 May 2026 02:21:37 +0000 ROA not after: Sun 02 May 2027 02:26:37 +0000 asID: 147137 IP address blocks: 2400:46a0:21::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.crl rsync://rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 23:26:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:f9:bb:70:dd:c0:e0:e6:57:41:b2:ee:a5:53:af:ea:07:16:18:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9 Validity Not Before: May 3 02:21:37 2026 GMT Not After : May 2 02:26:37 2027 GMT Subject: CN=1223D0BB1F01380CE6235E75E8D617D479446689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:92:c5:64:49:f0:e0:8c:61:57:23:b1:87:3e: 69:f4:b8:53:17:8e:d5:4b:09:1a:99:9e:32:12:1e: dc:0d:aa:b8:8e:9f:9a:38:3e:cc:c9:1e:14:d0:55: 4a:b9:5b:61:56:9e:3b:6a:d7:7a:c8:c4:be:98:fb: 7d:c5:93:03:eb:a4:62:ad:0f:02:c2:1d:f9:15:a1: 05:e7:f6:fe:9c:e8:a1:5d:f4:c4:f8:66:66:e6:c3: b2:67:e4:c0:86:24:3f:24:4f:e5:97:8c:fa:03:a3: 27:26:62:42:0d:a9:d8:73:62:18:61:b6:48:ef:d2: fa:63:94:61:80:51:e8:0a:20:18:b7:ed:2d:e5:1a: dd:76:60:b9:de:8c:a6:45:8f:6a:eb:1d:18:ab:71: 55:e2:f7:c7:15:8a:31:da:7e:ac:fb:4e:38:aa:e1: 07:35:a5:7c:6d:76:a2:d2:9e:e6:cc:6a:eb:ba:8a: 8c:16:e7:c1:6a:13:ca:3b:5a:e5:be:fb:5b:73:80: 95:7a:ee:26:08:d7:57:ed:0b:42:4c:0c:f9:b5:43: 28:9c:45:2e:59:6d:09:9d:cc:6d:34:2f:47:b0:fc: 11:06:08:5d:65:46:ee:b6:3a:d4:35:97:2b:5f:58: 3c:a7:d6:63:32:11:35:e4:c3:1a:65:60:ae:83:c1: 22:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:23:D0:BB:1F:01:38:0C:E6:23:5E:75:E8:D6:17:D4:79:44:66:89 X509v3 Authority Key Identifier: keyid:C0:D7:02:8C:0F:A6:28:34:8A:E2:24:5D:D0:CC:02:D3:C5:DC:B3:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/C0D7028C0FA628348AE2245DD0CC02D3C5DCB3F9.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32313a3a2f34382d3438203d3e20313437313337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:46a0:21::/48 Signature Algorithm: sha256WithRSAEncryption 97:35:af:87:bb:82:b6:f3:89:66:cd:26:7d:20:47:05:dc:dc: 29:67:9e:f4:d3:28:cf:96:94:f6:93:30:bd:97:1c:33:be:ef: 0f:09:2a:b7:54:46:d7:95:a9:24:ac:fd:8f:ec:2c:a7:74:c3: 63:34:d1:b8:81:70:28:fa:ea:cd:06:60:62:fb:9d:5e:cd:28: 95:42:0d:bf:39:65:a1:98:94:bd:be:ab:2e:7b:d9:3f:03:7b: 08:a5:c7:78:60:89:a7:10:12:89:94:18:8d:53:0e:11:16:df: c0:5b:1c:6f:46:98:9a:a9:b9:e2:bf:64:6b:9d:9d:1b:c6:06: 22:1c:d3:43:1f:b0:4c:71:a1:94:66:71:81:80:47:1a:87:ce: 38:39:b0:cf:ed:04:95:e7:65:4a:6e:71:97:89:7d:d5:c3:2f: 31:dd:fc:1d:08:d7:21:e6:e8:09:64:e1:2d:a4:38:7e:f0:b5: ea:37:24:53:bd:4b:02:52:b4:35:6e:cf:4d:01:80:55:13:47: 22:cd:bf:b4:67:b7:0e:1b:f5:55:89:81:93:07:e4:70:7a:2f: 0c:0f:05:a2:42:2f:a8:15:ec:8a:d0:e8:3e:1d:42:96:4f:45: 49:da:9f:c0:12:cb:85:2b:50:ad:de:48:43:f6:d1:9c:8e:40: 59:1d:1d:27 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUBvm7cN3A4OZXQbLupVOv6gcWGOIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzBENzAyOEMwRkE2MjgzNDhBRTIyNDVERDBDQzAyRDND NURDQjNGOTAeFw0yNjA1MDMwMjIxMzdaFw0yNzA1MDIwMjI2MzdaMDMxMTAvBgNV BAMTKDEyMjNEMEJCMUYwMTM4MENFNjIzNUU3NUU4RDYxN0Q0Nzk0NDY2ODkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1ksVkSfDgjGFXI7GHPmn0uFMX jtVLCRqZnjISHtwNqriOn5o4PszJHhTQVUq5W2FWnjtq13rIxL6Y+33FkwPrpGKt DwLCHfkVoQXn9v6c6KFd9MT4Zmbmw7Jn5MCGJD8kT+WXjPoDoycmYkINqdhzYhhh tkjv0vpjlGGAUegKIBi37S3lGt12YLnejKZFj2rrHRircVXi98cVijHafqz7Tjiq 4Qc1pXxtdqLSnubMauu6iowW58FqE8o7WuW++1tzgJV67iYI11ftC0JMDPm1Qyic RS5ZbQmdzG00L0ew/BEGCF1lRu62OtQ1lytfWDyn1mMyETXkwxplYK6DwSLlAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUEiPQux8BOAzmI1516NYX1HlEZokwHwYDVR0j BBgwFoAUwNcCjA+mKDSK4iRd0MwC08Xcs/kwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v M2E2NjVjMzItNmRhZi00NzJiLWJjZTYtMzE3ZDVkNmM3ODllLzAvQzBENzAyOEMw RkE2MjgzNDhBRTIyNDVERDBDQzAyRDNDNURDQjNGOS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DMEQ3MDI4QzBGQTYyODM0OEFFMjI0NUREMENDMDJEM0M1RENC M0Y5LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzNhNjY1YzMyLTZkYWYtNDcyYi1i Y2U2LTMxN2Q1ZDZjNzg5ZS8wLzMyMzQzMDMwM2EzNDM2NjEzMDNhMzIzMTNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzNzMxMzMzNy5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQARqAA ITANBgkqhkiG9w0BAQsFAAOCAQEAlzWvh7uCtvOJZs0mfSBHBdzcKWee9NMoz5aU 9pMwvZccM77vDwkqt1RG15WpJKz9j+wsp3TDYzTRuIFwKPrqzQZgYvudXs0olUIN vzlloZiUvb6rLnvZPwN7CKXHeGCJpxASiZQYjVMOERbfwFscb0aYmqm54r9ka52d G8YGIhzTQx+wTHGhlGZxgYBHGofOODmwz+0EledlSm5xl4l91cMvMd38HQjXIebo CWThLaQ4fvC16jckU71LAlK0NW7PTQGAVRNHIs2/tGe3Dhv1VYmBkwfkcHovDA8F okIvqBXsitDoPh1Clk9FSdqfwBLLhStQrd5IQ/bRnI5AWR0dJw== -----END CERTIFICATE-----Generated at Wed May 13 11:18:38 2026 by rpki-client