$ rpki-client -vvf rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a31303a3a2f34382d3438203d3e20313336303838.roa File: 323430303a643934303a31303a3a2f34382d3438203d3e20313336303838.roa (raw, json) Hash identifier: kC/BQJWqF3hfjk7jxki1g+71uLyOIxW8KkPPgVLxjeg= Subject key identifier: 34:4C:14:E5:25:FD:10:FA:8C:CC:8F:A3:7F:42:54:9A:B4:45:5D:D0 Certificate issuer: /CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Certificate serial: 7523410D7778DC2665E5B5FD72A256E4F0B12B08 Authority key identifier: CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a31303a3a2f34382d3438203d3e20313336303838.roa Signing time: Sun 03 May 2026 02:43:05 +0000 ROA not before: Sun 03 May 2026 02:38:05 +0000 ROA not after: Sun 02 May 2027 02:43:05 +0000 asID: 136088 IP address blocks: 2400:d940:10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:15:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:23:41:0d:77:78:dc:26:65:e5:b5:fd:72:a2:56:e4:f0:b1:2b:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Validity Not Before: May 3 02:38:05 2026 GMT Not After : May 2 02:43:05 2027 GMT Subject: CN=344C14E525FD10FA8CCC8FA37F42549AB4455DD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:02:6c:32:44:73:c1:56:c1:76:fd:db:c5:af: 56:73:9a:19:24:ef:9f:52:90:53:7d:20:41:da:2e: a2:3b:18:5b:7c:ae:7b:d5:44:d0:10:f2:c4:c8:c7: 38:46:97:3a:40:9b:70:56:14:69:91:75:af:53:f0: 15:1e:a7:d4:f8:83:ea:f8:4f:50:15:5e:19:45:1b: f1:af:9c:10:5d:4b:bd:2c:54:53:fb:80:64:f2:34: e1:51:38:47:99:3b:a0:85:89:08:3e:66:fa:1b:dc: d0:0c:b9:6a:fa:b9:6b:b5:96:76:35:d7:5a:83:b3: f7:f8:69:12:d1:bb:31:9a:95:a4:c8:8f:0e:87:dd: 50:08:fd:12:d6:1a:4d:a4:82:99:9d:24:0f:b6:95: c8:78:5f:40:48:67:42:54:12:f3:cc:70:fb:78:ca: 60:09:30:83:b7:4b:2b:03:d1:bf:8a:bf:94:53:2b: 7d:e1:6e:b4:c7:87:82:4b:01:ec:c4:97:d5:62:76: 25:58:f7:e4:7b:9f:d5:80:84:6c:31:67:34:17:a6: d7:9f:65:f1:a5:d6:f9:8e:c1:6a:9c:13:2a:c5:ac: 4e:80:15:ea:2c:03:ed:1d:66:26:27:27:b1:e6:32: c2:b2:d2:22:1d:f0:61:50:a7:f9:87:33:8b:61:eb: f5:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:4C:14:E5:25:FD:10:FA:8C:CC:8F:A3:7F:42:54:9A:B4:45:5D:D0 X509v3 Authority Key Identifier: keyid:CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a31303a3a2f34382d3438203d3e20313336303838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:d940:10::/48 Signature Algorithm: sha256WithRSAEncryption 22:2b:7e:6c:fc:df:61:82:2b:dd:a7:7b:20:6a:0f:24:cf:8a: 4a:c6:8a:e0:1b:15:f9:17:02:df:31:ca:7e:90:22:22:07:bd: 11:5b:39:c3:52:18:c1:b6:e1:81:39:fb:40:36:86:6f:c5:04: 1a:5f:bd:5f:fc:d9:dc:ce:e6:79:8c:b2:38:44:9c:b3:b2:8d: c1:8f:62:7c:12:22:fa:af:92:c4:af:2b:16:87:d1:8d:0b:47: b4:9a:d3:d1:5b:74:b5:0b:7a:b9:2b:5c:b7:36:fe:28:fb:d0: 5e:67:fd:83:09:48:e0:f4:cb:36:94:02:a9:ec:d2:29:d8:c8: cd:59:9e:d5:a4:81:b9:39:a8:b1:47:79:6d:95:99:a7:ec:33: 39:0c:a3:13:a5:48:ec:16:c2:96:22:be:a9:05:20:ce:0e:bf: d0:68:46:bf:27:16:5c:24:f1:7e:4e:2e:fb:f9:4d:d0:a6:77: 86:b0:41:84:9d:ae:b8:75:42:b7:92:d2:8f:ba:74:dc:38:b2: da:61:5b:93:49:f6:c8:8e:26:72:cc:6b:04:05:d4:e8:e5:71: 79:eb:96:66:55:2b:c3:5b:76:a8:56:e4:fb:83:e2:ce:0e:f9: d6:24:22:c1:72:a1:f5:75:9b:a4:12:59:70:ae:cf:85:6f:3f: 2d:40:b8:4a -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUdSNBDXd43CZl5bX9cqJW5PCxKwgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGRDNBMTdCMkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2 OTNCN0NDODAeFw0yNjA1MDMwMjM4MDVaFw0yNzA1MDIwMjQzMDVaMDMxMTAvBgNV BAMTKDM0NEMxNEU1MjVGRDEwRkE4Q0NDOEZBMzdGNDI1NDlBQjQ0NTVERDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUAmwyRHPBVsF2/dvFr1Zzmhkk 759SkFN9IEHaLqI7GFt8rnvVRNAQ8sTIxzhGlzpAm3BWFGmRda9T8BUep9T4g+r4 T1AVXhlFG/GvnBBdS70sVFP7gGTyNOFROEeZO6CFiQg+Zvob3NAMuWr6uWu1lnY1 11qDs/f4aRLRuzGalaTIjw6H3VAI/RLWGk2kgpmdJA+2lch4X0BIZ0JUEvPMcPt4 ymAJMIO3SysD0b+Kv5RTK33hbrTHh4JLAezEl9VidiVY9+R7n9WAhGwxZzQXptef ZfGl1vmOwWqcEyrFrE6AFeosA+0dZiYnJ7HmMsKy0iId8GFQp/mHM4th6/VHAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUNEwU5SX9EPqMzI+jf0JUmrRFXdAwHwYDVR0j BBgwFoAUyv06F7KtxvkAHlegG7Kem2k7fMgwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NzNmNGVjMWMtOTUzNS00Y2JmLTljN2EtZmQzMmM4MzBlZGJhLzAvQ0FGRDNBMTdC MkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2OTNCN0NDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DQUZEM0ExN0IyQURDNkY5MDAxRTU3QTAxQkIyOUU5QjY5M0I3 Q0M4LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05 YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhMzEzMDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzNjMwMzgzOC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA2UAA EDANBgkqhkiG9w0BAQsFAAOCAQEAIit+bPzfYYIr3ad7IGoPJM+KSsaK4BsV+RcC 3zHKfpAiIge9EVs5w1IYwbbhgTn7QDaGb8UEGl+9X/zZ3M7meYyyOEScs7KNwY9i fBIi+q+SxK8rFofRjQtHtJrT0Vt0tQt6uStctzb+KPvQXmf9gwlI4PTLNpQCqezS KdjIzVme1aSBuTmosUd5bZWZp+wzOQyjE6VI7BbCliK+qQUgzg6/0GhGvycWXCTx fk4u+/lN0KZ3hrBBhJ2uuHVCt5LSj7p03Diy2mFbk0n2yI4mcsxrBAXU6OVxeeuW ZlUrw1t2qFbk+4Pizg751iQiwXKh9XWbpBJZcK7PhW8/LUC4Sg== -----END CERTIFICATE-----Generated at Wed May 13 10:26:27 2026 by rpki-client