$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030363a3a2f34382d3438203d3e20313333383430.roa File: 323430343a653130303a333030363a3a2f34382d3438203d3e20313333383430.roa (raw, json) Hash identifier: zZVo01FthP3hibAPdEn6/sGHNEwpisfqDnYx/D1PKfw= Subject key identifier: A7:D6:53:28:41:C9:69:0A:28:D0:91:DD:56:98:26:58:AF:C5:B4:E4 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 584C2D0D8E9A96C838D7117A27FCB103F303A4D6 Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030363a3a2f34382d3438203d3e20313333383430.roa Signing time: Sun 03 May 2026 02:47:55 +0000 ROA not before: Sun 03 May 2026 02:42:55 +0000 ROA not after: Sun 02 May 2027 02:47:55 +0000 asID: 133840 IP address blocks: 2404:e100:3006::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:05:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:4c:2d:0d:8e:9a:96:c8:38:d7:11:7a:27:fc:b1:03:f3:03:a4:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:42:55 2026 GMT Not After : May 2 02:47:55 2027 GMT Subject: CN=A7D6532841C9690A28D091DD56982658AFC5B4E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:bf:4b:2b:f7:23:9d:7c:34:bd:ca:90:b0:75: 8d:ca:3d:cc:9d:06:17:5c:05:bc:9f:5b:34:2a:93: 89:e2:e7:26:2a:36:ea:6a:bf:7b:58:93:bf:78:18: 4c:40:91:53:bc:de:90:d0:6a:aa:95:80:9e:5f:14: 0d:32:96:09:c5:48:0d:96:03:04:77:2e:4d:22:ca: a4:46:a1:ba:f3:4c:cc:94:8a:7c:a6:98:a9:c9:9e: 40:5e:e5:10:46:53:f6:18:14:6f:50:b0:28:bf:30: c9:45:8c:f4:4c:ce:bf:12:f3:02:46:b1:7e:97:49: 41:36:f2:b9:43:74:d3:aa:96:88:f1:ff:17:9d:f7: 1c:c8:bd:bf:99:2a:9e:c4:3a:45:ab:63:b2:75:fe: 36:f7:a5:21:5d:7f:b4:d5:1f:f0:5a:b3:9c:61:25: f0:bf:91:34:98:b7:54:63:28:5a:70:bb:7a:7a:72: 6a:de:ff:ff:31:66:2c:61:ee:1d:93:b7:e5:a5:59: 30:01:21:58:29:e4:55:77:8f:12:c7:29:15:ed:51: bd:a4:f9:79:cd:7a:44:aa:90:42:32:72:0f:de:89: 88:01:b8:99:3e:03:69:b9:39:1a:2a:17:1b:1b:7d: ad:6e:ea:0b:cf:97:92:d7:73:64:88:c8:5f:46:51: 14:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D6:53:28:41:C9:69:0A:28:D0:91:DD:56:98:26:58:AF:C5:B4:E4 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030363a3a2f34382d3438203d3e20313333383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e100:3006::/48 Signature Algorithm: sha256WithRSAEncryption 9f:05:37:d6:b4:14:ea:5e:db:f3:66:99:e3:2f:c1:d5:d4:0f: 79:de:95:58:a1:c2:d7:74:fc:67:13:e5:f3:b5:be:c1:e8:92: 74:d0:c9:a7:da:ce:9b:26:41:b1:ec:c7:f3:26:16:b1:a6:f2: 1c:b7:13:64:af:f9:6d:11:8e:7e:13:da:bb:fd:d4:85:fc:f8: 60:a7:7a:97:da:c0:d0:4f:52:be:17:0e:52:e4:45:fb:53:26: f5:80:be:46:63:0b:b6:12:69:0b:10:28:4f:9b:53:52:db:e7: 2d:b5:82:bc:6d:c3:1e:fb:12:51:16:58:a1:00:66:ed:b1:4b: e4:4c:17:24:2a:e5:04:06:81:25:c9:93:1e:06:93:8e:4a:e9: f9:22:4d:6a:b9:48:89:6b:52:40:17:ff:28:31:ff:21:d5:a4: fb:15:4d:bb:a8:b1:e7:b0:a3:00:4d:df:f9:c1:98:52:ee:8e: 74:40:47:7b:47:88:8c:bb:3b:c0:65:84:19:5c:1f:44:b0:c1: d2:9c:f3:e5:9a:84:95:1d:58:dd:3f:83:1c:19:45:cd:90:86: d1:02:db:2c:47:32:a2:dd:95:87:d0:bd:8f:2c:85:ec:b4:36: aa:ba:81:81:77:f3:d2:b4:be:b1:f0:1f:a1:65:85:bb:ea:04: 7b:ac:0d:20 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUWEwtDY6alsg41xF6J/yxA/MDpNYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQyNTVaFw0yNzA1MDIwMjQ3NTVaMDMxMTAvBgNV BAMTKEE3RDY1MzI4NDFDOTY5MEEyOEQwOTFERDU2OTgyNjU4QUZDNUI0RTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFv0sr9yOdfDS9ypCwdY3KPcyd BhdcBbyfWzQqk4ni5yYqNupqv3tYk794GExAkVO83pDQaqqVgJ5fFA0ylgnFSA2W AwR3Lk0iyqRGobrzTMyUinymmKnJnkBe5RBGU/YYFG9QsCi/MMlFjPRMzr8S8wJG sX6XSUE28rlDdNOqlojx/xed9xzIvb+ZKp7EOkWrY7J1/jb3pSFdf7TVH/Bas5xh JfC/kTSYt1RjKFpwu3p6cmre//8xZixh7h2Tt+WlWTABIVgp5FV3jxLHKRXtUb2k +XnNekSqkEIycg/eiYgBuJk+A2m5ORoqFxsbfa1u6gvPl5LXc2SIyF9GURTZAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUp9ZTKEHJaQoo0JHdVpgmWK/FtOQwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzMzMDMwMzYz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzMzODM0MzAucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BOEAMAYwDQYJKoZIhvcNAQELBQADggEBAJ8FN9a0FOpe2/NmmeMvwdXUD3nelVih wtd0/GcT5fO1vsHoknTQyafazpsmQbHsx/MmFrGm8hy3E2Sv+W0Rjn4T2rv91IX8 +GCnepfawNBPUr4XDlLkRftTJvWAvkZjC7YSaQsQKE+bU1Lb5y21grxtwx77ElEW WKEAZu2xS+RMFyQq5QQGgSXJkx4Gk45K6fkiTWq5SIlrUkAX/ygx/yHVpPsVTbuo seewowBN3/nBmFLujnRAR3tHiIy7O8BlhBlcH0SwwdKc8+WahJUdWN0/gxwZRc2Q htEC2yxHMqLdlYfQvY8shey0Nqq6gYF389K0vrHwH6FlhbvqBHusDSA= -----END CERTIFICATE-----Generated at Wed May 13 06:58:38 2026 by rpki-client