$ rpki-client -vvf rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/323030313a6466333a643934303a3a2f34382d3438203d3e20313532373732.roa File: 323030313a6466333a643934303a3a2f34382d3438203d3e20313532373732.roa (raw, json) Hash identifier: gnONcz3sXVxJxBOxBVij9AaOro25JvPxAm2egbKmGvk= Subject key identifier: 0F:68:D4:CD:D6:CC:59:AF:C4:81:34:4E:E6:47:A5:83:B7:33:4F:09 Certificate issuer: /CN=DB9A40F2EADC881D0DA3EEA0057E81002994C3FC Certificate serial: 4AC5AA02419246058FBC1ABFA9E29FA92331EBD7 Authority key identifier: DB:9A:40:F2:EA:DC:88:1D:0D:A3:EE:A0:05:7E:81:00:29:94:C3:FC Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/323030313a6466333a643934303a3a2f34382d3438203d3e20313532373732.roa Signing time: Sun 03 May 2026 02:45:28 +0000 ROA not before: Sun 03 May 2026 02:40:28 +0000 ROA not after: Sun 02 May 2027 02:45:28 +0000 asID: 152772 IP address blocks: 2001:df3:d940::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.crl rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 02:21:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:c5:aa:02:41:92:46:05:8f:bc:1a:bf:a9:e2:9f:a9:23:31:eb:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DB9A40F2EADC881D0DA3EEA0057E81002994C3FC Validity Not Before: May 3 02:40:28 2026 GMT Not After : May 2 02:45:28 2027 GMT Subject: CN=0F68D4CDD6CC59AFC481344EE647A583B7334F09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:bf:86:e8:21:ab:17:7b:ef:81:90:55:c2:8c: e4:3e:53:77:44:1b:a5:51:d7:f7:7d:5e:10:ed:8d: 41:8d:5d:71:22:3e:78:ce:ae:a8:c0:78:f7:fc:0b: b5:9f:72:10:a6:b0:3a:03:67:93:5c:f2:f1:c3:8d: a0:11:f6:35:98:c4:6c:6e:59:57:df:e2:a6:d2:7c: 38:10:d8:10:30:8d:59:6b:48:02:50:7a:b2:9e:92: 2c:2f:8f:2d:7c:71:e1:ba:b4:98:4e:76:cd:52:32: 7a:88:dd:97:8d:23:14:0a:a4:e5:b5:f4:21:8e:a7: 5c:58:f4:77:cc:cd:d1:66:9d:72:cb:a9:22:c5:22: 81:4e:7f:49:a1:2b:ae:91:b2:d1:84:85:d5:80:29: b6:53:4f:a6:2b:8a:0a:c5:6e:91:59:49:a9:d6:c9: 5c:b5:b4:84:9f:eb:30:e4:19:fd:db:7c:a0:d6:fe: e8:40:6c:40:63:39:d5:e3:3c:c3:3a:75:5b:9d:7c: fc:23:a1:4c:66:cf:27:7b:95:11:b3:da:a7:86:49: 23:68:23:2d:8e:a2:97:75:5a:e1:7f:65:b2:0f:83: 46:e6:fe:de:ab:59:fc:dd:18:37:fc:7a:fe:5f:33: 37:45:1e:c2:1e:81:8f:f5:a3:04:5a:03:29:47:d5: b3:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:68:D4:CD:D6:CC:59:AF:C4:81:34:4E:E6:47:A5:83:B7:33:4F:09 X509v3 Authority Key Identifier: keyid:DB:9A:40:F2:EA:DC:88:1D:0D:A3:EE:A0:05:7E:81:00:29:94:C3:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/323030313a6466333a643934303a3a2f34382d3438203d3e20313532373732.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d940::/48 Signature Algorithm: sha256WithRSAEncryption 1d:de:8b:85:09:47:e2:ec:08:ee:9b:65:99:ec:ef:c4:9d:f5: d1:d3:93:c7:14:2d:50:d4:12:67:69:e2:85:03:11:4e:80:3d: d7:2d:b7:7d:51:a4:3b:d0:55:91:72:58:f4:24:27:1e:f9:f2: 5f:73:f8:1d:66:3f:4a:96:be:50:8e:0f:0e:46:84:20:b9:cf: 53:8e:25:f8:10:f9:12:94:ef:05:54:4d:8e:33:2f:d9:4f:9f: 36:bd:6d:76:c9:9c:3e:84:f9:43:bf:f6:66:23:b5:93:0f:51: e1:b7:7f:65:4e:a2:ae:0e:a8:79:05:bf:4a:05:3f:5e:ea:9d: 5e:1d:77:62:4b:2c:4a:9f:a5:19:09:16:91:e2:ae:35:a3:72: 51:6c:4e:da:e9:62:0b:5d:f6:5d:02:7f:75:6e:02:26:7f:89: e5:f3:01:75:5a:5d:96:88:05:f4:7b:7b:65:62:16:ec:72:81: 82:bb:02:45:2a:56:db:94:bd:12:8b:4f:be:0f:d1:48:f6:48: 28:7e:a0:af:6a:08:94:d2:26:5f:55:d8:cf:da:4c:64:95:d9: eb:d3:14:dd:cc:c2:48:eb:41:f2:d4:d5:a0:d7:0e:bd:17:4d: dd:05:b5:83:0b:6d:de:b8:e9:5b:d4:b8:a4:c0:65:bb:1c:16: 7d:4a:7d:5d -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUSsWqAkGSRgWPvBq/qeKfqSMx69cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREI5QTQwRjJFQURDODgxRDBEQTNFRUEwMDU3RTgxMDAy OTk0QzNGQzAeFw0yNjA1MDMwMjQwMjhaFw0yNzA1MDIwMjQ1MjhaMDMxMTAvBgNV BAMTKDBGNjhENENERDZDQzU5QUZDNDgxMzQ0RUU2NDdBNTgzQjczMzRGMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRv4boIasXe++BkFXCjOQ+U3dE G6VR1/d9XhDtjUGNXXEiPnjOrqjAePf8C7WfchCmsDoDZ5Nc8vHDjaAR9jWYxGxu WVff4qbSfDgQ2BAwjVlrSAJQerKekiwvjy18ceG6tJhOds1SMnqI3ZeNIxQKpOW1 9CGOp1xY9HfMzdFmnXLLqSLFIoFOf0mhK66RstGEhdWAKbZTT6YrigrFbpFZSanW yVy1tISf6zDkGf3bfKDW/uhAbEBjOdXjPMM6dVudfPwjoUxmzyd7lRGz2qeGSSNo Iy2Oopd1WuF/ZbIPg0bm/t6rWfzdGDf8ev5fMzdFHsIegY/1owRaAylH1bPPAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUD2jUzdbMWa/EgTRO5kelg7czTwkwHwYDVR0j BBgwFoAU25pA8urciB0No+6gBX6BACmUw/wwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v N2NmMDFlYzYtOGU4OS00MDJhLTkwYzctNTBjNmYxNGNkMjQyLzEvREI5QTQwRjJF QURDODgxRDBEQTNFRUEwMDU3RTgxMDAyOTk0QzNGQy5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS9EQjlBNDBGMkVBREM4ODFEMERBM0VFQTAwNTdFODEwMDI5OTRD M0ZDLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUFBzALhoGLcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzdjZjAxZWM2LThlODktNDAyYS05 MGM3LTUwYzZmMTRjZDI0Mi8xLzMyMzAzMDMxM2E2NDY2MzMzYTY0MzkzNDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMyMzczNzMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 89lAMA0GCSqGSIb3DQEBCwUAA4IBAQAd3ouFCUfi7Ajum2WZ7O/EnfXR05PHFC1Q 1BJnaeKFAxFOgD3XLbd9UaQ70FWRclj0JCce+fJfc/gdZj9Klr5Qjg8ORoQguc9T jiX4EPkSlO8FVE2OMy/ZT582vW12yZw+hPlDv/ZmI7WTD1Hht39lTqKuDqh5Bb9K BT9e6p1eHXdiSyxKn6UZCRaR4q41o3JRbE7a6WILXfZdAn91bgImf4nl8wF1Wl2W iAX0e3tlYhbscoGCuwJFKlbblL0Si0++D9FI9kgofqCvagiU0iZfVdjP2kxkldnr 0xTdzMJI60Hy1NWg1w69F03dBbWDC23euOlb1LikwGW7HBZ9Sn1d -----END CERTIFICATE-----Generated at Wed May 13 11:49:22 2026 by rpki-client