$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333a3a2f34382d3438203d3e203535363835.roa File: 323430343a653130303a333a3a2f34382d3438203d3e203535363835.roa (raw, json) Hash identifier: R4CrB5b+ue/S+9kEK4IXhRL1Ni8lQpZWKhM7ys5cBKI= Subject key identifier: 21:46:0F:65:5F:CB:4F:5A:E4:54:AB:DA:1D:02:35:E4:3D:A3:46:26 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 3AB5966586D5B8336D9244B2A7CB569451E07A14 Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333a3a2f34382d3438203d3e203535363835.roa Signing time: Sun 03 May 2026 02:47:53 +0000 ROA not before: Sun 03 May 2026 02:42:53 +0000 ROA not after: Sun 02 May 2027 02:47:53 +0000 asID: 55685 IP address blocks: 2404:e100:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:05:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:b5:96:65:86:d5:b8:33:6d:92:44:b2:a7:cb:56:94:51:e0:7a:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:42:53 2026 GMT Not After : May 2 02:47:53 2027 GMT Subject: CN=21460F655FCB4F5AE454ABDA1D0235E43DA34626 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:08:f2:20:66:6c:ae:d5:56:c7:27:e6:80:89: ae:49:a9:01:e3:d1:8d:cc:d9:66:b9:cf:41:9e:09: b4:79:b5:ae:52:d4:f2:56:62:54:e6:d4:24:d0:3b: 24:9e:4a:3e:60:1f:2e:33:a8:38:da:4e:85:8f:e2: 1d:05:ba:ee:65:10:e6:1a:b4:3c:02:af:2b:68:87: f4:1a:41:0f:33:bb:31:b0:19:19:bc:d5:50:1a:f6: 60:59:e7:34:86:a0:ba:82:6e:da:26:e0:eb:2f:67: d5:a4:e3:4e:80:90:aa:22:b3:8b:b9:07:5b:47:19: 2c:12:1a:68:70:0e:ed:37:fc:7c:1e:61:e6:bc:2f: 22:44:3e:2b:be:a8:7e:9a:1a:ef:ec:72:7a:72:7f: 42:8e:53:1e:74:7e:81:e7:a7:ce:17:37:a5:e1:27: 71:01:5b:53:de:bd:14:10:cd:39:db:00:12:9c:30: ec:ae:b8:93:44:82:74:93:cc:74:7c:7f:52:e0:92: 97:1b:ce:91:a0:31:98:23:ea:87:c9:62:d7:91:0a: 6a:b1:92:74:6f:ed:27:2a:ba:f3:93:d8:22:7c:18: 40:b1:27:a3:8f:87:96:cb:94:80:21:e0:94:39:22: e2:2a:21:dd:40:41:ee:15:a6:0e:67:86:55:dc:90: a4:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:46:0F:65:5F:CB:4F:5A:E4:54:AB:DA:1D:02:35:E4:3D:A3:46:26 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a333a3a2f34382d3438203d3e203535363835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e100:3::/48 Signature Algorithm: sha256WithRSAEncryption a6:d3:a5:5d:60:6a:a2:03:f9:35:64:be:bc:08:d9:30:5a:29: 82:33:91:4f:35:f2:98:33:6b:7b:2f:2b:6d:71:22:03:1f:35: 45:f5:7b:ac:7e:71:99:f7:f6:9e:03:77:b7:c9:fc:67:3c:49: 25:55:cb:38:8e:d1:7c:13:52:01:1c:3b:06:6b:e2:82:9b:56: c6:50:bf:7c:6b:eb:a8:66:91:b3:c1:cb:4b:01:56:f6:1e:98: 97:24:99:c3:5e:5c:78:45:b6:c0:81:ca:78:ef:2e:28:06:e0: b5:75:fa:d7:30:b8:58:05:15:73:55:c8:65:64:8f:31:47:c0: 99:d1:6e:72:1f:a1:ab:41:68:5d:06:c7:b1:ce:58:1c:c7:63: da:bf:68:ce:de:8c:e7:43:cc:2e:48:54:37:35:9b:c5:56:97: 97:05:d6:54:11:c5:02:fb:ce:00:2c:d0:fe:63:39:69:05:f0: f1:0a:5c:be:56:7c:0f:4d:2d:0a:fc:7f:8d:29:fc:31:79:be: 44:ff:45:ce:a5:65:a2:c2:8e:0c:c8:8d:29:70:9c:11:87:37: 7c:3e:e6:a0:68:38:a5:b6:5e:7c:5e:db:da:36:de:c6:29:a1: ac:0c:16:31:a2:d3:37:b6:3b:28:29:63:4a:6a:a7:19:94:4f: 0f:9e:a1:0f -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUOrWWZYbVuDNtkkSyp8tWlFHgehQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQyNTNaFw0yNzA1MDIwMjQ3NTNaMDMxMTAvBgNV BAMTKDIxNDYwRjY1NUZDQjRGNUFFNDU0QUJEQTFEMDIzNUU0M0RBMzQ2MjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDICPIgZmyu1VbHJ+aAia5JqQHj 0Y3M2Wa5z0GeCbR5ta5S1PJWYlTm1CTQOySeSj5gHy4zqDjaToWP4h0Fuu5lEOYa tDwCrytoh/QaQQ8zuzGwGRm81VAa9mBZ5zSGoLqCbtom4OsvZ9Wk406AkKois4u5 B1tHGSwSGmhwDu03/HweYea8LyJEPiu+qH6aGu/scnpyf0KOUx50foHnp84XN6Xh J3EBW1PevRQQzTnbABKcMOyuuJNEgnSTzHR8f1LgkpcbzpGgMZgj6ofJYteRCmqx knRv7ScquvOT2CJ8GECxJ6OPh5bLlIAh4JQ5IuIqId1AQe4Vpg5nhlXckKT9AgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUIUYPZV/LT1rkVKvaHQI15D2jRiYwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzMzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzNTM1MzYzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAThAAADMA0G CSqGSIb3DQEBCwUAA4IBAQCm06VdYGqiA/k1ZL68CNkwWimCM5FPNfKYM2t7Lytt cSIDHzVF9XusfnGZ9/aeA3e3yfxnPEklVcs4jtF8E1IBHDsGa+KCm1bGUL98a+uo ZpGzwctLAVb2HpiXJJnDXlx4RbbAgcp47y4oBuC1dfrXMLhYBRVzVchlZI8xR8CZ 0W5yH6GrQWhdBsexzlgcx2Pav2jO3oznQ8wuSFQ3NZvFVpeXBdZUEcUC+84ALND+ YzlpBfDxCly+VnwPTS0K/H+NKfwxeb5E/0XOpWWiwo4MyI0pcJwRhzd8PuagaDil tl58XtvaNt7GKaGsDBYxotM3tjsoKWNKaqcZlE8PnqEP -----END CERTIFICATE-----Generated at Wed May 13 03:51:15 2026 by rpki-client