$ rpki-client -vvf rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/323030313a6466343a343430303a3a2f34382d3438203d3e20313333383332.roa File: 323030313a6466343a343430303a3a2f34382d3438203d3e20313333383332.roa (raw, json) Hash identifier: b8kZYL8oI1P/7ClfsU26nDRuP+nZXNyKDNgSZ4R1ACk= Subject key identifier: B1:57:10:E3:64:9D:20:4B:55:C9:C9:E9:E7:D0:36:8F:43:25:DF:D3 Certificate issuer: /CN=A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC Certificate serial: 414D80BFB3425A5D8A8B8BD79A54D402C11D2BDA Authority key identifier: A3:90:07:F3:E2:A2:8B:8E:7C:0B:7A:A9:25:9C:72:64:DA:1E:23:BC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/323030313a6466343a343430303a3a2f34382d3438203d3e20313333383332.roa Signing time: Sun 03 May 2026 02:29:31 +0000 ROA not before: Sun 03 May 2026 02:24:31 +0000 ROA not after: Sun 02 May 2027 02:29:31 +0000 asID: 133832 IP address blocks: 2001:df4:4400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.crl rsync://rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 20:55:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:4d:80:bf:b3:42:5a:5d:8a:8b:8b:d7:9a:54:d4:02:c1:1d:2b:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC Validity Not Before: May 3 02:24:31 2026 GMT Not After : May 2 02:29:31 2027 GMT Subject: CN=B15710E3649D204B55C9C9E9E7D0368F4325DFD3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:b8:cc:df:e4:0d:d9:5f:73:92:94:c2:d4:4a: 59:f2:ee:9c:0b:ac:3d:a9:eb:ec:97:f0:0a:d8:cf: c5:63:7c:d5:99:17:88:d5:e9:2e:8b:58:92:fc:97: 96:ae:e2:13:11:d7:bb:7f:2c:46:e3:e1:81:9a:64: 0b:ba:32:7c:46:41:88:28:71:5f:38:f6:2f:80:68: 60:f6:8a:33:5f:cf:af:f7:38:46:f1:77:1e:dd:34: e6:7c:23:a0:00:c7:69:0a:2e:81:1a:98:4d:98:a1: 3c:90:7e:9f:92:24:b7:07:3e:b8:a4:fa:92:33:07: 7a:d3:9d:e9:cf:07:09:5a:f0:35:01:15:6d:89:c0: ec:71:e5:93:f3:ca:2d:cf:10:ec:9a:73:00:4e:4d: 60:9c:bf:9b:fb:f2:d7:78:9c:f6:62:0b:c7:8d:4b: 88:df:a5:ba:5c:41:2c:5e:f3:63:b0:00:30:26:8f: cd:c2:26:ff:68:ad:ab:48:8c:86:2b:4c:50:9d:68: 8b:40:6b:c7:0f:db:9b:29:40:ca:6e:68:ea:6b:99: df:1c:92:5c:5e:d9:b1:1f:d3:7a:4b:7d:37:9b:d1: 18:e4:09:d8:9b:fa:87:6c:0d:47:01:12:02:4e:d4: 07:9d:c4:a2:c5:12:fc:17:db:45:e6:2e:3e:76:77: 5b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:57:10:E3:64:9D:20:4B:55:C9:C9:E9:E7:D0:36:8F:43:25:DF:D3 X509v3 Authority Key Identifier: keyid:A3:90:07:F3:E2:A2:8B:8E:7C:0B:7A:A9:25:9C:72:64:DA:1E:23:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/A39007F3E2A28B8E7C0B7AA9259C7264DA1E23BC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/43e4177d-8093-447c-87b5-c79c8cb4c733/0/323030313a6466343a343430303a3a2f34382d3438203d3e20313333383332.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:4400::/48 Signature Algorithm: sha256WithRSAEncryption 7f:d8:c2:0e:c5:50:09:1a:0f:80:79:11:b6:82:0a:83:4b:cc: eb:a3:28:e9:65:6c:c4:f4:f4:03:4e:e4:a2:d2:f5:e5:69:ab: cf:e4:ba:6b:69:58:5e:b2:c0:12:e2:cd:d3:4c:15:05:a7:42: b3:81:93:f6:90:3f:e1:42:3c:7b:c2:3b:4e:5f:2e:85:21:7c: cc:53:ed:7d:2f:25:f9:9f:95:1e:66:64:0c:3f:02:f2:63:78: 58:e9:95:c0:a5:5c:98:4b:6d:76:67:69:61:77:63:72:1b:2e: 57:cd:38:02:19:0a:d3:a3:e7:43:22:29:46:ca:4e:f7:a1:1b: 27:21:0c:cb:39:92:b1:f7:3d:42:3f:71:41:14:92:a1:a6:ea: 06:16:bf:63:65:fd:70:f4:e3:5a:4d:e6:8c:56:24:c6:98:8d: 1c:10:1e:7d:cf:3a:79:41:5e:d8:ce:aa:9d:e4:cb:9d:c7:de: b1:0e:30:7d:7f:38:df:5a:be:8e:92:d0:e4:fb:13:58:24:d1: 20:bc:d0:19:fb:10:a7:a4:b9:dc:89:5c:6d:ae:49:ac:23:db: aa:ad:78:f2:c6:34:bf:d3:65:c2:5a:02:58:c3:16:d0:8f:74: 7b:9c:36:cf:a0:c0:67:57:2b:c0:63:c3:3c:46:43:a2:14:5b: e6:3b:cf:c3 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUQU2Av7NCWl2Ki4vXmlTUAsEdK9owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTM5MDA3RjNFMkEyOEI4RTdDMEI3QUE5MjU5QzcyNjRE QTFFMjNCQzAeFw0yNjA1MDMwMjI0MzFaFw0yNzA1MDIwMjI5MzFaMDMxMTAvBgNV BAMTKEIxNTcxMEUzNjQ5RDIwNEI1NUM5QzlFOUU3RDAzNjhGNDMyNURGRDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxuMzf5A3ZX3OSlMLUSlny7pwL rD2p6+yX8ArYz8VjfNWZF4jV6S6LWJL8l5au4hMR17t/LEbj4YGaZAu6MnxGQYgo cV849i+AaGD2ijNfz6/3OEbxdx7dNOZ8I6AAx2kKLoEamE2YoTyQfp+SJLcHPrik +pIzB3rTnenPBwla8DUBFW2JwOxx5ZPzyi3PEOyacwBOTWCcv5v78td4nPZiC8eN S4jfpbpcQSxe82OwADAmj83CJv9oratIjIYrTFCdaItAa8cP25spQMpuaOprmd8c klxe2bEf03pLfTeb0RjkCdib+odsDUcBEgJO1AedxKLFEvwX20XmLj52d1tHAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUsVcQ42SdIEtVycnp59A2j0Ml39MwHwYDVR0j BBgwFoAUo5AH8+Kii458C3qpJZxyZNoeI7wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NDNlNDE3N2QtODA5My00NDdjLTg3YjUtYzc5YzhjYjRjNzMzLzAvQTM5MDA3RjNF MkEyOEI4RTdDMEI3QUE5MjU5QzcyNjREQTFFMjNCQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9BMzkwMDdGM0UyQTI4QjhFN0MwQjdBQTkyNTlDNzI2NERBMUUy M0JDLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzQzZTQxNzdkLTgwOTMtNDQ3Yy04 N2I1LWM3OWM4Y2I0YzczMy8wLzMyMzAzMDMxM2E2NDY2MzQzYTM0MzQzMDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMzMzgzMzMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9EQAMA0GCSqGSIb3DQEBCwUAA4IBAQB/2MIOxVAJGg+AeRG2ggqDS8zroyjpZWzE 9PQDTuSi0vXlaavP5LpraVhessAS4s3TTBUFp0KzgZP2kD/hQjx7wjtOXy6FIXzM U+19LyX5n5UeZmQMPwLyY3hY6ZXApVyYS212Z2lhd2NyGy5XzTgCGQrTo+dDIilG yk73oRsnIQzLOZKx9z1CP3FBFJKhpuoGFr9jZf1w9ONaTeaMViTGmI0cEB59zzp5 QV7Yzqqd5Mudx96xDjB9fzjfWr6OktDk+xNYJNEgvNAZ+xCnpLnciVxtrkmsI9uq rXjyxjS/02XCWgJYwxbQj3R7nDbPoMBnVyvAY8M8RkOiFFvmO8/D -----END CERTIFICATE-----Generated at Wed May 13 11:49:20 2026 by rpki-client