$ rpki-client -vvf rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a37303a3a2f34382d3438203d3e20313336303838.roa File: 323430303a643934303a37303a3a2f34382d3438203d3e20313336303838.roa (raw, json) Hash identifier: NhSbtQsCSZOcv410mYA+T/YK4xT0UEtgj3gs2YcEa4w= Subject key identifier: B0:D3:AF:8C:34:C9:2D:E1:68:47:8E:9F:23:55:CD:49:40:FD:9D:60 Certificate issuer: /CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Certificate serial: 0DC3ACE7FD67809365506BA456B6441995ED333E Authority key identifier: CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a37303a3a2f34382d3438203d3e20313336303838.roa Signing time: Sun 03 May 2026 02:43:09 +0000 ROA not before: Sun 03 May 2026 02:38:09 +0000 ROA not after: Sun 02 May 2027 02:43:09 +0000 asID: 136088 IP address blocks: 2400:d940:70::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:15:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:c3:ac:e7:fd:67:80:93:65:50:6b:a4:56:b6:44:19:95:ed:33:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Validity Not Before: May 3 02:38:09 2026 GMT Not After : May 2 02:43:09 2027 GMT Subject: CN=B0D3AF8C34C92DE168478E9F2355CD4940FD9D60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:56:47:b3:f8:48:a1:08:d3:f0:d9:55:8a:6a: 27:93:cb:60:92:c7:f1:c3:f5:7e:82:36:83:ce:36: 0d:11:28:94:3d:5e:f2:7d:05:30:0e:aa:8f:e1:75: a6:15:17:01:29:10:0c:5f:d3:7d:b9:63:72:ff:95: 17:d8:49:8d:41:4e:65:ff:d5:0b:67:ab:11:51:72: 98:77:2c:a5:89:5b:e6:05:63:7a:fd:e6:7e:8b:41: 4d:94:c5:51:d6:9d:39:93:ba:13:1a:f2:7d:e5:81: 0a:e0:6b:87:f2:8e:f6:b5:02:9f:38:7c:ed:de:e0: 53:51:1f:3e:8a:18:62:0b:40:c9:d2:9e:e1:9e:cf: d0:c2:5f:b8:27:34:f2:e1:44:e7:7a:5b:2c:fe:33: 5b:23:45:03:de:47:07:7e:65:38:66:b7:8d:b4:e8: 1f:3f:30:83:2d:3d:11:fd:41:c3:75:5d:02:b5:97: 00:44:81:84:e6:37:5b:0d:ca:2b:b0:35:11:1c:0c: 33:40:49:65:ca:94:c0:3a:b6:26:7d:9d:b5:4a:ca: 36:47:62:4c:50:9f:c8:4c:21:ca:8f:52:3d:6b:eb: 46:4c:6b:98:01:b1:e1:b3:14:81:d8:74:52:44:3b: 2a:22:f2:d1:39:75:25:45:01:71:a6:bd:46:94:88: 77:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:D3:AF:8C:34:C9:2D:E1:68:47:8E:9F:23:55:CD:49:40:FD:9D:60 X509v3 Authority Key Identifier: keyid:CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a37303a3a2f34382d3438203d3e20313336303838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:d940:70::/48 Signature Algorithm: sha256WithRSAEncryption a1:e8:7f:96:e7:02:1b:88:3d:55:a3:cf:1e:9b:8f:72:17:49: a0:92:3d:33:ca:b3:31:db:30:c5:6b:cf:0a:62:9b:83:eb:9e: 1f:48:45:d8:bb:04:e8:0f:2e:a4:21:37:33:08:29:69:02:fc: d0:07:97:87:35:a6:8c:36:62:3c:4b:46:63:99:ba:4d:9b:c1: e9:b0:84:7e:f6:19:bc:c6:0d:8d:89:98:10:8f:f1:b5:46:a1: b3:54:89:12:3d:9d:e5:45:a1:2c:6c:51:2d:1e:ce:b2:78:15: 6d:c5:58:98:82:f3:75:64:ac:c8:87:21:3f:6f:69:40:e6:76: 7d:7f:68:86:41:6b:bb:8f:28:63:74:a5:83:81:c1:a7:9c:67: 73:02:7a:ef:27:d7:a0:6b:b6:88:c2:2b:27:53:e1:d0:6d:78: 5c:1d:fd:9e:0d:e6:92:5c:f9:0f:a3:ad:73:f5:1a:95:df:b8: 98:b5:aa:b8:74:d8:54:97:85:7a:86:51:bd:80:b4:00:61:ff: 7f:01:46:71:5f:df:c1:7b:7b:0d:38:d0:86:8d:f0:63:b9:3d: d0:b2:04:24:59:1d:3e:64:47:25:93:8c:c4:c9:5c:eb:9c:e2: bd:e6:8a:a7:e1:e8:09:75:7d:5e:a3:43:d9:d8:e0:09:30:42: c4:1e:36:26 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUDcOs5/1ngJNlUGukVrZEGZXtMz4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGRDNBMTdCMkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2 OTNCN0NDODAeFw0yNjA1MDMwMjM4MDlaFw0yNzA1MDIwMjQzMDlaMDMxMTAvBgNV BAMTKEIwRDNBRjhDMzRDOTJERTE2ODQ3OEU5RjIzNTVDRDQ5NDBGRDlENjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlVkez+EihCNPw2VWKaieTy2CS x/HD9X6CNoPONg0RKJQ9XvJ9BTAOqo/hdaYVFwEpEAxf0325Y3L/lRfYSY1BTmX/ 1QtnqxFRcph3LKWJW+YFY3r95n6LQU2UxVHWnTmTuhMa8n3lgQrga4fyjva1Ap84 fO3e4FNRHz6KGGILQMnSnuGez9DCX7gnNPLhROd6Wyz+M1sjRQPeRwd+ZThmt420 6B8/MIMtPRH9QcN1XQK1lwBEgYTmN1sNyiuwNREcDDNASWXKlMA6tiZ9nbVKyjZH YkxQn8hMIcqPUj1r60ZMa5gBseGzFIHYdFJEOyoi8tE5dSVFAXGmvUaUiHfxAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUsNOvjDTJLeFoR46fI1XNSUD9nWAwHwYDVR0j BBgwFoAUyv06F7KtxvkAHlegG7Kem2k7fMgwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NzNmNGVjMWMtOTUzNS00Y2JmLTljN2EtZmQzMmM4MzBlZGJhLzAvQ0FGRDNBMTdC MkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2OTNCN0NDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DQUZEM0ExN0IyQURDNkY5MDAxRTU3QTAxQkIyOUU5QjY5M0I3 Q0M4LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05 YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhMzczMDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzNjMwMzgzOC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA2UAA cDANBgkqhkiG9w0BAQsFAAOCAQEAoeh/lucCG4g9VaPPHpuPchdJoJI9M8qzMdsw xWvPCmKbg+ueH0hF2LsE6A8upCE3MwgpaQL80AeXhzWmjDZiPEtGY5m6TZvB6bCE fvYZvMYNjYmYEI/xtUahs1SJEj2d5UWhLGxRLR7OsngVbcVYmILzdWSsyIchP29p QOZ2fX9ohkFru48oY3Slg4HBp5xncwJ67yfXoGu2iMIrJ1Ph0G14XB39ng3mklz5 D6Otc/Uald+4mLWquHTYVJeFeoZRvYC0AGH/fwFGcV/fwXt7DTjQho3wY7k90LIE JFkdPmRHJZOMxMlc65ziveaKp+HoCXV9XqND2djgCTBCxB42Jg== -----END CERTIFICATE-----Generated at Wed May 13 09:51:27 2026 by rpki-client