$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030383a3a2f34382d3438203d3e20313333383430.roa File: 323430343a653130303a333030383a3a2f34382d3438203d3e20313333383430.roa (raw, json) Hash identifier: cYq1pPJ1kXz1P0V4uXTVcOLjxxMdDVaxI2QS5Rg283M= Subject key identifier: 05:38:DF:C8:B9:68:1D:52:55:63:CF:18:B6:73:FA:B7:21:8F:0B:E3 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 0A87F1492F678CA02AE8CA2EFEE3FE29328F26BD Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030383a3a2f34382d3438203d3e20313333383430.roa Signing time: Sun 03 May 2026 02:48:05 +0000 ROA not before: Sun 03 May 2026 02:43:05 +0000 ROA not after: Sun 02 May 2027 02:48:05 +0000 asID: 133840 IP address blocks: 2404:e100:3008::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:05:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:87:f1:49:2f:67:8c:a0:2a:e8:ca:2e:fe:e3:fe:29:32:8f:26:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:43:05 2026 GMT Not After : May 2 02:48:05 2027 GMT Subject: CN=0538DFC8B9681D525563CF18B673FAB7218F0BE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:4f:15:18:b3:4a:c1:a5:da:10:89:26:b3:37: 31:dc:85:d1:e6:54:44:bc:9f:81:02:fc:59:7f:e2: 2e:ff:63:13:51:5c:4a:b3:c6:01:77:bf:79:7a:a0: 16:ed:a6:cc:ac:c8:3a:4e:9b:e0:ea:c1:e1:ba:a7: da:98:ab:e3:87:d0:c1:4c:12:0a:09:fb:9f:7a:6e: ad:7d:78:34:0a:d0:28:9e:86:0c:ed:b6:ac:17:3f: bb:59:32:4a:99:2d:7b:63:77:73:40:21:d9:60:ff: 73:79:73:69:70:c6:5c:d0:ad:45:0d:52:8d:85:7d: 9d:31:07:77:71:67:b3:27:a6:4a:53:bf:88:98:2d: cd:0d:08:1e:fa:ef:2c:06:1d:01:79:74:97:97:64: 8e:5e:24:12:0a:85:ad:55:70:f3:eb:68:06:3f:ec: 39:2e:68:a5:2b:47:cd:da:c1:2b:28:4f:b0:76:99: dd:ae:b7:10:ef:b7:d1:48:9a:3b:b1:1c:6c:c5:8b: 54:ca:ef:bf:cf:45:91:b1:f2:0d:10:27:bd:2a:fc: 15:bc:e5:a3:1a:c8:ca:bf:4a:2d:8d:60:78:a7:d2: 5e:ca:22:13:7c:f6:b9:86:23:f6:9f:94:c0:10:b1: 2b:3a:5e:7c:65:bc:31:13:87:9b:a9:24:96:23:2d: b3:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:38:DF:C8:B9:68:1D:52:55:63:CF:18:B6:73:FA:B7:21:8F:0B:E3 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333030383a3a2f34382d3438203d3e20313333383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e100:3008::/48 Signature Algorithm: sha256WithRSAEncryption 5e:01:cf:7d:0a:0e:d9:5a:ca:b8:9b:05:06:7a:b9:24:3f:f9: df:9b:91:d0:62:9b:74:34:80:c1:b7:87:38:5d:3c:c4:89:de: 01:14:47:9e:25:98:a2:a8:42:7f:15:f2:93:80:21:ab:ed:52: 1a:1c:94:7d:89:f8:c8:33:10:d0:41:bd:e9:7b:9f:04:98:a2: 6a:df:0c:47:2e:c1:51:97:53:49:3e:38:fb:6f:c8:d2:d4:53: 1e:bd:7d:6f:dc:92:25:30:5d:79:dc:c8:03:58:ae:62:6f:6b: 01:51:2d:da:81:d9:0b:22:50:d6:9f:18:f8:66:8b:a8:51:be: e1:8d:2c:53:23:71:93:b7:8f:49:40:6a:4b:e6:1f:8d:0d:29: f0:20:1a:c6:85:f0:f4:21:86:a0:45:49:26:1e:12:30:25:5c: 0d:fe:5e:d7:10:01:9e:a3:34:2d:d8:8c:54:be:db:2e:44:cf: 67:c5:4d:38:56:e3:f1:99:24:7f:ac:b6:56:9c:51:41:08:fb: 47:ad:e9:de:a8:ad:fb:9c:32:02:ea:7c:f8:1e:01:37:69:a6: 3b:4b:1c:7c:5f:42:09:5e:bb:b8:5a:bc:6e:00:93:28:5b:39: cc:ed:a1:ca:5e:d1:68:28:f5:91:4c:e7:d1:c2:f9:f0:f8:56: f9:dc:5f:01 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUCofxSS9njKAq6Mou/uP+KTKPJr0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQzMDVaFw0yNzA1MDIwMjQ4MDVaMDMxMTAvBgNV BAMTKDA1MzhERkM4Qjk2ODFENTI1NTYzQ0YxOEI2NzNGQUI3MjE4RjBCRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQTxUYs0rBpdoQiSazNzHchdHm VES8n4EC/Fl/4i7/YxNRXEqzxgF3v3l6oBbtpsysyDpOm+DqweG6p9qYq+OH0MFM EgoJ+596bq19eDQK0CiehgzttqwXP7tZMkqZLXtjd3NAIdlg/3N5c2lwxlzQrUUN Uo2FfZ0xB3dxZ7MnpkpTv4iYLc0NCB767ywGHQF5dJeXZI5eJBIKha1VcPPraAY/ 7DkuaKUrR83awSsoT7B2md2utxDvt9FImjuxHGzFi1TK77/PRZGx8g0QJ70q/BW8 5aMayMq/Si2NYHin0l7KIhN89rmGI/aflMAQsSs6XnxlvDETh5upJJYjLbPFAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUBTjfyLloHVJVY88YtnP6tyGPC+MwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzMzMDMwMzgz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzMzODM0MzAucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BOEAMAgwDQYJKoZIhvcNAQELBQADggEBAF4Bz30KDtlayribBQZ6uSQ/+d+bkdBi m3Q0gMG3hzhdPMSJ3gEUR54lmKKoQn8V8pOAIavtUhoclH2J+MgzENBBvel7nwSY omrfDEcuwVGXU0k+OPtvyNLUUx69fW/ckiUwXXncyANYrmJvawFRLdqB2QsiUNaf GPhmi6hRvuGNLFMjcZO3j0lAakvmH40NKfAgGsaF8PQhhqBFSSYeEjAlXA3+XtcQ AZ6jNC3YjFS+2y5Ez2fFTThW4/GZJH+stlacUUEI+0et6d6orfucMgLqfPgeATdp pjtLHHxfQgleu7havG4AkyhbOcztocpe0Wgo9ZFM59HC+fD4VvncXwE= -----END CERTIFICATE-----Generated at Wed May 13 08:00:23 2026 by rpki-client