$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030343a3a2f34382d3438203d3e20313333383430.roa File: 323430343a653130303a343030343a3a2f34382d3438203d3e20313333383430.roa (raw, json) Hash identifier: 8q0q3+SCWY+Bu0G+ofJDsLu7LiqjhYqzKCA9NCa0Wng= Subject key identifier: E4:42:4B:F6:CC:5D:4F:E9:39:A4:87:CC:C7:D3:0F:86:27:75:3B:00 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 4A791BA10A3BFD129E28BDBC3CBE13F797684999 Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030343a3a2f34382d3438203d3e20313333383430.roa Signing time: Sun 03 May 2026 02:48:00 +0000 ROA not before: Sun 03 May 2026 02:43:00 +0000 ROA not after: Sun 02 May 2027 02:48:00 +0000 asID: 133840 IP address blocks: 2404:e100:4004::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:05:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:79:1b:a1:0a:3b:fd:12:9e:28:bd:bc:3c:be:13:f7:97:68:49:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:43:00 2026 GMT Not After : May 2 02:48:00 2027 GMT Subject: CN=E4424BF6CC5D4FE939A487CCC7D30F8627753B00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e6:e3:f2:ca:a0:3a:33:e0:e4:ae:5e:a0:85: e2:8b:84:16:74:15:5b:fc:06:f4:78:bf:e8:2f:15: 9b:18:d7:1a:28:d7:12:1a:65:a1:71:27:cb:80:08: 5d:e9:f9:9d:92:31:7c:08:ba:f5:37:37:61:66:96: d2:7c:35:8b:2b:73:4b:18:47:f0:c8:82:cb:e7:83: a2:b9:f5:a1:c8:89:6c:fc:c2:af:72:cd:29:7a:67: 5d:93:4c:ac:cb:0a:60:a4:e3:b7:74:39:76:2a:37: c4:99:d2:ba:e8:6a:2d:1e:34:a8:67:bf:0f:6a:ac: f0:d3:a8:8d:e9:40:39:8f:bc:68:52:ba:10:04:7f: 6b:e6:5d:b9:78:bc:0b:ad:f5:3b:6a:af:b4:12:4b: 6f:31:66:cf:e2:38:5a:d9:54:dc:4f:6d:44:4d:59: 81:1e:e2:21:01:c1:3e:7c:3f:60:13:f9:24:b5:c2: 4f:48:2e:59:7f:4b:3f:61:ea:b1:d3:59:70:ad:ef: 14:a8:b6:38:c2:5a:2e:37:f6:3e:07:14:4b:61:cc: 2c:95:d3:02:d7:d4:c7:ed:65:f4:54:cc:c5:c6:63: 6c:2c:a2:4b:0d:0a:a6:f0:34:6c:66:6a:9a:d5:80: b2:f2:70:f3:ba:9f:e2:f3:42:91:05:5a:dd:2b:99: 11:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:42:4B:F6:CC:5D:4F:E9:39:A4:87:CC:C7:D3:0F:86:27:75:3B:00 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030343a3a2f34382d3438203d3e20313333383430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e100:4004::/48 Signature Algorithm: sha256WithRSAEncryption 1d:de:40:ee:f1:f7:26:80:bb:5e:d1:82:16:07:bc:b2:66:7f: fc:b8:93:db:36:7b:04:33:ff:6d:24:a8:b8:3e:72:c7:09:4a: 2a:e1:0d:9d:58:97:8f:aa:8e:26:1d:be:f1:82:0c:dd:0c:b3: d9:2b:d0:c0:8b:42:33:b5:ce:d0:b7:62:99:07:03:b2:de:ee: ad:73:86:1e:2a:3b:0c:6f:fb:8a:f8:b2:ea:e4:c3:45:a8:7f: 96:ae:f2:5e:f6:1b:1d:86:b0:79:a7:08:1d:2c:3b:e5:9f:03: eb:8a:f8:b5:57:bc:38:92:e9:86:0f:29:ac:72:3c:ad:c4:43: 2a:9a:df:85:da:cc:bd:5a:36:f3:b9:95:34:bd:b3:0c:2b:42: 54:2e:8d:29:0f:48:f2:e2:e1:d2:3d:8c:45:76:4c:e9:d1:4f: 91:47:ab:8c:97:1b:a6:33:71:6c:43:32:be:0b:1c:fd:25:67: 33:6d:2f:ed:04:49:6e:2b:cd:e1:0b:95:72:33:d8:5a:4c:e3: 66:8a:bf:27:41:a1:20:51:2c:d9:45:81:25:8d:76:85:51:2f: 32:ec:50:95:d8:45:84:88:f1:29:11:62:22:6f:9f:96:b3:53: 29:cd:5b:99:9a:5c:85:3b:91:47:0e:fa:8a:d8:53:44:fb:11: 77:11:af:62 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUSnkboQo7/RKeKL28PL4T95doSZkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQzMDBaFw0yNzA1MDIwMjQ4MDBaMDMxMTAvBgNV BAMTKEU0NDI0QkY2Q0M1RDRGRTkzOUE0ODdDQ0M3RDMwRjg2Mjc3NTNCMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC95uPyyqA6M+Dkrl6gheKLhBZ0 FVv8BvR4v+gvFZsY1xoo1xIaZaFxJ8uACF3p+Z2SMXwIuvU3N2FmltJ8NYsrc0sY R/DIgsvng6K59aHIiWz8wq9yzSl6Z12TTKzLCmCk47d0OXYqN8SZ0rroai0eNKhn vw9qrPDTqI3pQDmPvGhSuhAEf2vmXbl4vAut9Ttqr7QSS28xZs/iOFrZVNxPbURN WYEe4iEBwT58P2AT+SS1wk9ILll/Sz9h6rHTWXCt7xSotjjCWi439j4HFEthzCyV 0wLX1MftZfRUzMXGY2wsoksNCqbwNGxmaprVgLLycPO6n+LzQpEFWt0rmREvAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU5EJL9sxdT+k5pIfMx9MPhid1OwAwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzQzMDMwMzQz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzMzODM0MzAucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BOEAQAQwDQYJKoZIhvcNAQELBQADggEBAB3eQO7x9yaAu17RghYHvLJmf/y4k9s2 ewQz/20kqLg+cscJSirhDZ1Yl4+qjiYdvvGCDN0Ms9kr0MCLQjO1ztC3YpkHA7Le 7q1zhh4qOwxv+4r4surkw0Wof5au8l72Gx2GsHmnCB0sO+WfA+uK+LVXvDiS6YYP KaxyPK3EQyqa34XazL1aNvO5lTS9swwrQlQujSkPSPLi4dI9jEV2TOnRT5FHq4yX G6YzcWxDMr4LHP0lZzNtL+0ESW4rzeELlXIz2FpM42aKvydBoSBRLNlFgSWNdoVR LzLsUJXYRYSI8SkRYiJvn5azUynNW5maXIU7kUcO+orYU0T7EXcRr2I= -----END CERTIFICATE-----Generated at Wed May 13 07:45:06 2026 by rpki-client