$ rpki-client -vvf rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa File: 323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa (raw, json) Hash identifier: gQ+0Ncm6ouGfqCj99PO+6ljzB+BVgCECd3yhaahocOE= Subject key identifier: 94:BF:0C:19:60:80:89:19:57:FF:0B:E1:CE:1C:6F:99:D2:AB:F9:06 Certificate issuer: /CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Certificate serial: 5A7836B2A0B05BAE6A3A1D0083280E0290E2FF0C Authority key identifier: CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa Signing time: Sun 03 May 2026 02:43:06 +0000 ROA not before: Sun 03 May 2026 02:38:06 +0000 ROA not after: Sun 02 May 2027 02:43:06 +0000 asID: 136088 IP address blocks: 2400:d940:60::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:15:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:78:36:b2:a0:b0:5b:ae:6a:3a:1d:00:83:28:0e:02:90:e2:ff:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Validity Not Before: May 3 02:38:06 2026 GMT Not After : May 2 02:43:06 2027 GMT Subject: CN=94BF0C196080891957FF0BE1CE1C6F99D2ABF906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f6:85:4e:05:fc:92:6b:20:16:be:1e:ce:0a: 5e:e8:41:a7:24:db:82:f9:71:a2:f2:e5:50:7e:a5: 5c:52:96:b8:e0:af:09:a3:07:c4:d2:dd:c2:67:ef: 59:9a:f8:26:f5:86:b7:d0:a6:32:5f:20:53:dd:c9: 7b:68:82:0c:b5:a0:d9:e3:c9:37:0a:bc:ae:e4:7b: 2e:ce:51:fb:52:f3:6f:ba:3a:7f:cc:51:2e:40:59: c5:c4:02:6f:97:60:f8:f7:1a:75:18:15:24:51:d2: c8:dc:0b:0a:2d:bf:d6:aa:73:93:2d:ca:e9:0b:55: 21:9f:0c:f4:ff:34:84:18:84:ee:1d:72:47:75:04: a9:4a:57:81:f0:13:5f:d0:ee:96:1a:2f:52:55:f5: 87:68:37:cc:c7:31:0b:0f:a7:99:90:20:d4:5f:1f: 61:bf:72:2c:f0:e5:a0:35:ee:67:ac:fb:70:3e:eb: db:b1:1e:14:f5:ca:af:09:6c:94:a0:69:f4:58:0f: 21:5f:10:3a:5c:b0:c0:5b:b1:1c:ba:ec:5b:81:55: 47:f8:a5:4f:68:55:fe:31:fe:0b:57:0e:25:76:39: ce:7f:3a:2b:9b:44:45:64:46:0c:78:fc:42:e8:26: cc:f2:9d:67:20:b9:02:ee:9e:14:ab:90:22:52:32: 1a:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:BF:0C:19:60:80:89:19:57:FF:0B:E1:CE:1C:6F:99:D2:AB:F9:06 X509v3 Authority Key Identifier: keyid:CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:d940:60::/48 Signature Algorithm: sha256WithRSAEncryption 40:9f:e3:25:d7:92:4c:27:bb:b8:d5:78:95:4a:61:d2:39:95: 11:f7:cb:42:36:4e:73:cb:e5:f5:99:87:21:a5:db:10:e6:76: 24:e6:b0:2c:61:fd:cd:4b:ca:68:84:c4:9a:d4:f1:58:38:3d: cf:78:76:7c:4e:d8:c7:64:76:fc:9b:56:17:dd:ab:3c:0a:85: c6:d8:a0:80:08:da:4c:a2:02:92:fa:c4:0a:29:85:87:90:d6: 60:0f:c5:b0:51:e8:2e:f4:f8:cb:4a:07:f4:2e:65:2e:62:c5: 81:f7:3c:18:c3:ce:7f:43:9a:5b:e1:a8:0d:e4:85:31:b6:74: 70:79:9a:d8:78:79:2a:a4:43:99:da:c9:ee:e5:82:3e:e8:5b: a7:51:52:e6:63:79:5f:eb:ca:b9:50:60:be:81:b1:5c:d8:35: 9e:80:5e:21:e7:db:f5:76:e5:7f:23:24:70:1b:61:18:c6:75: 8c:ec:b7:2d:ae:d0:3e:ff:b5:21:f2:2d:6f:7d:96:07:78:29: 88:ee:82:3b:7b:ca:bf:8b:59:3e:e8:16:a2:93:43:2d:57:66: 13:57:ff:94:cd:ff:ba:0b:50:4c:86:db:0d:3f:d7:49:ef:d1: 90:1d:db:97:93:44:78:e2:04:2a:95:6b:b2:d7:68:44:c9:98: 16:9d:04:36 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUWng2sqCwW65qOh0AgygOApDi/wwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGRDNBMTdCMkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2 OTNCN0NDODAeFw0yNjA1MDMwMjM4MDZaFw0yNzA1MDIwMjQzMDZaMDMxMTAvBgNV BAMTKDk0QkYwQzE5NjA4MDg5MTk1N0ZGMEJFMUNFMUM2Rjk5RDJBQkY5MDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW9oVOBfySayAWvh7OCl7oQack 24L5caLy5VB+pVxSlrjgrwmjB8TS3cJn71ma+Cb1hrfQpjJfIFPdyXtoggy1oNnj yTcKvK7key7OUftS82+6On/MUS5AWcXEAm+XYPj3GnUYFSRR0sjcCwotv9aqc5Mt yukLVSGfDPT/NIQYhO4dckd1BKlKV4HwE1/Q7pYaL1JV9YdoN8zHMQsPp5mQINRf H2G/cizw5aA17mes+3A+69uxHhT1yq8JbJSgafRYDyFfEDpcsMBbsRy67FuBVUf4 pU9oVf4x/gtXDiV2Oc5/OiubREVkRgx4/ELoJszynWcguQLunhSrkCJSMhq3AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUlL8MGWCAiRlX/wvhzhxvmdKr+QYwHwYDVR0j BBgwFoAUyv06F7KtxvkAHlegG7Kem2k7fMgwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NzNmNGVjMWMtOTUzNS00Y2JmLTljN2EtZmQzMmM4MzBlZGJhLzAvQ0FGRDNBMTdC MkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2OTNCN0NDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DQUZEM0ExN0IyQURDNkY5MDAxRTU3QTAxQkIyOUU5QjY5M0I3 Q0M4LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05 YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhMzYzMDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzNjMwMzgzOC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA2UAA YDANBgkqhkiG9w0BAQsFAAOCAQEAQJ/jJdeSTCe7uNV4lUph0jmVEffLQjZOc8vl 9ZmHIaXbEOZ2JOawLGH9zUvKaITEmtTxWDg9z3h2fE7Yx2R2/JtWF92rPAqFxtig gAjaTKICkvrECimFh5DWYA/FsFHoLvT4y0oH9C5lLmLFgfc8GMPOf0OaW+GoDeSF MbZ0cHma2Hh5KqRDmdrJ7uWCPuhbp1FS5mN5X+vKuVBgvoGxXNg1noBeIefb9Xbl fyMkcBthGMZ1jOy3La7QPv+1IfItb32WB3gpiO6CO3vKv4tZPugWopNDLVdmE1f/ lM3/ugtQTIbbDT/XSe/RkB3bl5NEeOIEKpVrstdoRMmYFp0ENg== -----END CERTIFICATE-----Generated at Wed May 13 10:20:55 2026 by rpki-client