$ rpki-client -vvf rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a626563613a3a2f34382d3438203d3e20313336303838.roa File: 323430303a643934303a626563613a3a2f34382d3438203d3e20313336303838.roa (raw, json) Hash identifier: pXHANQSmeMdKKdoCjZbWQt7xD53ERPYITVt1C9zayGI= Subject key identifier: 0C:D7:98:72:B1:2E:B3:A8:FF:34:30:88:CE:E7:F2:DF:5E:01:E4:D7 Certificate issuer: /CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Certificate serial: 34779F2E1FD15752CA4ACFA00A38467F2A25A48D Authority key identifier: CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a626563613a3a2f34382d3438203d3e20313336303838.roa Signing time: Sun 03 May 2026 02:43:01 +0000 ROA not before: Sun 03 May 2026 02:38:01 +0000 ROA not after: Sun 02 May 2027 02:43:01 +0000 asID: 136088 IP address blocks: 2400:d940:beca::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:15:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:77:9f:2e:1f:d1:57:52:ca:4a:cf:a0:0a:38:46:7f:2a:25:a4:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8 Validity Not Before: May 3 02:38:01 2026 GMT Not After : May 2 02:43:01 2027 GMT Subject: CN=0CD79872B12EB3A8FF343088CEE7F2DF5E01E4D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fe:8c:7a:5f:c5:19:47:51:5b:39:a9:e4:11: 13:62:53:ed:4f:73:1b:8c:93:bd:3d:db:df:5b:46: 6c:6a:a3:fb:72:03:a4:87:da:b0:55:5c:f7:ad:c7: 70:d5:fc:6a:90:bf:25:ff:51:ea:5d:ca:e1:e5:eb: a1:40:81:57:9d:36:3d:f2:af:b8:92:e6:b3:8f:b2: 92:98:e4:03:70:2b:fc:53:39:26:a7:d4:22:3b:2c: 72:53:b4:0e:d2:85:0a:97:eb:96:44:d0:0f:03:4a: 95:2f:76:ce:4a:8b:ac:7a:fc:c6:19:e9:6a:7b:2d: ca:72:d0:f1:ea:73:74:c4:2d:ec:c0:9e:c5:bf:92: 9b:05:dd:11:b5:2c:65:c0:f2:e4:1b:88:5a:83:35: 6c:70:6b:99:64:55:b2:9d:20:83:e1:f8:c7:fa:60: 45:cf:0f:34:0c:14:a7:cd:e3:f2:b6:10:37:3d:49: 89:3a:80:d8:65:32:65:64:1b:fe:e4:2e:30:d0:23: 02:8f:e9:4d:fa:47:ad:d0:f1:95:f4:51:2e:18:11: 53:5e:b6:13:fb:ee:c0:5a:ca:b2:13:1b:6b:15:3d: 8e:50:94:f2:13:36:ae:d1:ff:2d:05:f3:09:74:2c: 70:31:a8:41:fd:95:3b:fa:11:46:58:38:b4:46:87: 85:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:D7:98:72:B1:2E:B3:A8:FF:34:30:88:CE:E7:F2:DF:5E:01:E4:D7 X509v3 Authority Key Identifier: keyid:CA:FD:3A:17:B2:AD:C6:F9:00:1E:57:A0:1B:B2:9E:9B:69:3B:7C:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/CAFD3A17B2ADC6F9001E57A01BB29E9B693B7CC8.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a626563613a3a2f34382d3438203d3e20313336303838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:d940:beca::/48 Signature Algorithm: sha256WithRSAEncryption 24:38:12:cd:8f:0f:cd:88:f8:9d:c4:5d:0d:93:21:b1:34:4d: 83:e2:02:56:51:25:be:84:47:a0:c7:74:d2:7f:c6:72:89:b2: 71:fc:72:26:ba:ae:6b:e9:39:63:73:3f:ca:6d:90:be:e9:c6: aa:57:b0:f5:84:be:7f:10:2f:2f:00:23:1f:01:c0:c6:2f:32: 59:b8:74:2c:8b:bf:93:c3:cf:3f:35:3f:32:03:59:36:0c:5a: 23:8e:80:33:92:9a:91:0b:d9:ed:0a:39:ae:a5:26:cf:0c:fb: 2e:3d:b2:79:e9:d1:75:aa:90:01:51:af:d1:b1:4d:f0:b5:51: 51:5b:71:c6:41:ef:5b:30:d7:d4:67:a2:1a:f2:12:e8:6e:2a: 1f:f2:a5:f2:fc:e8:57:64:e5:6e:5d:a4:39:21:31:76:74:d2: 93:29:28:e3:76:8e:fc:6a:58:5a:ad:0c:ea:61:73:50:6d:99: 91:33:3d:ff:95:0a:02:aa:80:42:90:f7:26:b8:de:da:56:35: da:41:c8:c2:3c:25:b6:03:52:d2:46:f9:49:cb:c6:3e:c5:01: eb:49:8c:88:de:85:1e:67:c5:38:04:95:49:6c:ad:4d:4c:83: 37:c9:b5:6f:07:15:e4:b3:13:af:76:5b:dc:95:63:e1:77:ca: ea:02:90:46 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUNHefLh/RV1LKSs+gCjhGfyolpI0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0FGRDNBMTdCMkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2 OTNCN0NDODAeFw0yNjA1MDMwMjM4MDFaFw0yNzA1MDIwMjQzMDFaMDMxMTAvBgNV BAMTKDBDRDc5ODcyQjEyRUIzQThGRjM0MzA4OENFRTdGMkRGNUUwMUU0RDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB/ox6X8UZR1FbOankERNiU+1P cxuMk709299bRmxqo/tyA6SH2rBVXPetx3DV/GqQvyX/UepdyuHl66FAgVedNj3y r7iS5rOPspKY5ANwK/xTOSan1CI7LHJTtA7ShQqX65ZE0A8DSpUvds5Ki6x6/MYZ 6Wp7Lcpy0PHqc3TELezAnsW/kpsF3RG1LGXA8uQbiFqDNWxwa5lkVbKdIIPh+Mf6 YEXPDzQMFKfN4/K2EDc9SYk6gNhlMmVkG/7kLjDQIwKP6U36R63Q8ZX0US4YEVNe thP77sBayrITG2sVPY5QlPITNq7R/y0F8wl0LHAxqEH9lTv6EUZYOLRGh4URAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUDNeYcrEus6j/NDCIzufy314B5NcwHwYDVR0j BBgwFoAUyv06F7KtxvkAHlegG7Kem2k7fMgwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NzNmNGVjMWMtOTUzNS00Y2JmLTljN2EtZmQzMmM4MzBlZGJhLzAvQ0FGRDNBMTdC MkFEQzZGOTAwMUU1N0EwMUJCMjlFOUI2OTNCN0NDOC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9DQUZEM0ExN0IyQURDNkY5MDAxRTU3QTAxQkIyOUU5QjY5M0I3 Q0M4LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05 YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhNjI2NTYzNjEz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM4Mzgucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk ANlAvsowDQYJKoZIhvcNAQELBQADggEBACQ4Es2PD82I+J3EXQ2TIbE0TYPiAlZR Jb6ER6DHdNJ/xnKJsnH8cia6rmvpOWNzP8ptkL7pxqpXsPWEvn8QLy8AIx8BwMYv Mlm4dCyLv5PDzz81PzIDWTYMWiOOgDOSmpEL2e0KOa6lJs8M+y49snnp0XWqkAFR r9GxTfC1UVFbccZB71sw19RnohryEuhuKh/ypfL86Fdk5W5dpDkhMXZ00pMpKON2 jvxqWFqtDOphc1BtmZEzPf+VCgKqgEKQ9ya43tpWNdpByMI8JbYDUtJG+UnLxj7F AetJjIjehR5nxTgElUlsrU1MgzfJtW8HFeSzE692W9yVY+F3yuoCkEY= -----END CERTIFICATE-----Generated at Wed May 13 12:28:29 2026 by rpki-client