$ rpki-client -vvf rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a363a3a2f34382d3438203d3e203535363835.roa File: 323430343a653130303a363a3a2f34382d3438203d3e203535363835.roa (raw, json) Hash identifier: Vc7FshVMDiGpbF9+Kiv6QLr/14tMNel0qOZ/fxIsVp4= Subject key identifier: BA:3F:FE:35:3C:12:42:C6:25:9B:4D:0F:FD:40:94:D9:8F:C4:70:11 Certificate issuer: /CN=408DEB7465856EE053B64340FA814B862FA5ED30 Certificate serial: 2AC9F804B0CE175F4FC044C3ED65172BC953467E Authority key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a363a3a2f34382d3438203d3e203535363835.roa Signing time: Sun 03 May 2026 02:47:54 +0000 ROA not before: Sun 03 May 2026 02:42:54 +0000 ROA not after: Sun 02 May 2027 02:47:54 +0000 asID: 55685 IP address blocks: 2404:e100:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:c9:f8:04:b0:ce:17:5f:4f:c0:44:c3:ed:65:17:2b:c9:53:46:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Validity Not Before: May 3 02:42:54 2026 GMT Not After : May 2 02:47:54 2027 GMT Subject: CN=BA3FFE353C1242C6259B4D0FFD4094D98FC47011 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e0:43:1b:a8:c6:f1:bb:15:40:a1:2d:e6:ae: 42:5f:6e:1a:4d:da:23:c2:84:a3:2e:8e:a9:6b:75: 9c:d6:12:0f:17:71:f9:a9:b9:89:a5:d7:9d:22:db: 08:16:f4:f5:fe:af:10:2e:c8:61:d0:89:d1:24:ec: 50:c5:66:66:9b:d6:1b:49:e7:e4:4e:42:bb:ec:43: 46:90:7e:98:0f:da:20:07:be:6f:1d:ae:a3:24:fe: fe:16:44:c0:d2:8e:43:f9:b0:0c:f6:7c:87:f2:53: c7:ee:3b:a4:e1:c4:46:64:f5:de:50:33:2f:37:4e: 67:33:db:59:12:2c:49:05:0b:55:60:58:99:6b:d1: bb:a6:fc:c7:92:cb:ca:8f:d6:97:15:5e:09:22:e6: 09:97:66:e2:e6:94:c0:ef:00:73:d3:93:f6:f1:00: 5f:04:7a:f6:fc:97:53:b4:9e:ac:14:30:4c:98:68: 02:92:1f:21:16:66:83:f6:e9:34:38:7c:4c:73:f2: 3e:bb:3d:53:e5:da:3c:84:eb:78:01:9a:94:9d:8c: fc:02:2a:39:24:b7:41:aa:4f:09:dc:97:09:8e:bd: ed:32:83:58:fe:44:2f:68:58:09:dd:ba:18:16:42: c4:b3:9b:f8:37:e0:34:5f:8f:9c:c2:8a:9c:de:8a: 17:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:3F:FE:35:3C:12:42:C6:25:9B:4D:0F:FD:40:94:D9:8F:C4:70:11 X509v3 Authority Key Identifier: keyid:40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a363a3a2f34382d3438203d3e203535363835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:e100:6::/48 Signature Algorithm: sha256WithRSAEncryption 3a:2c:45:d4:60:40:52:e4:47:cf:c1:06:b0:16:1b:ab:ef:e0: 83:22:09:bd:22:52:3a:b6:71:04:e9:e6:0e:11:25:7f:b6:02: 85:6c:ab:00:22:6a:2e:a9:a9:c3:03:6c:37:02:4b:92:d0:b2: 3f:2c:09:66:12:d4:1e:5c:47:67:fb:06:10:b9:c8:3f:95:9c: c6:01:c6:23:b7:bb:aa:0c:86:9e:6d:14:9d:5d:87:07:8f:da: 9b:55:65:6c:8c:cc:c2:ff:1d:a1:40:a8:a3:fc:ca:a7:76:18: ec:10:f9:2c:9d:9f:9e:3f:74:d0:48:d3:e3:3b:6f:61:e0:51: 46:71:e0:0b:dc:96:13:10:23:27:1b:e3:f3:a5:10:49:c5:a4: c8:7c:d2:1b:63:ef:a6:72:44:9c:5c:0a:0f:d1:27:a7:1e:67: b7:cd:f8:05:92:c9:39:de:bb:01:0a:03:7c:c0:02:63:a8:25: a2:97:cf:f7:35:48:f6:2c:6e:02:2c:ae:46:9e:e4:17:aa:32: 25:71:d5:41:76:8d:0f:07:6f:57:1f:45:a2:f8:aa:69:78:ee: 11:c8:35:1e:b5:6d:84:1e:c2:e4:d0:3b:d9:b2:e1:69:db:12: b1:d4:a0:2a:b1:ea:08:c8:24:61:98:30:41:77:02:5b:3a:78: 38:4b:f0:62 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUKsn4BLDOF19PwETD7WUXK8lTRn4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYy RkE1RUQzMDAeFw0yNjA1MDMwMjQyNTRaFw0yNzA1MDIwMjQ3NTRaMDMxMTAvBgNV BAMTKEJBM0ZGRTM1M0MxMjQyQzYyNTlCNEQwRkZENDA5NEQ5OEZDNDcwMTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC24EMbqMbxuxVAoS3mrkJfbhpN 2iPChKMujqlrdZzWEg8XcfmpuYml150i2wgW9PX+rxAuyGHQidEk7FDFZmab1htJ 5+ROQrvsQ0aQfpgP2iAHvm8drqMk/v4WRMDSjkP5sAz2fIfyU8fuO6ThxEZk9d5Q My83Tmcz21kSLEkFC1VgWJlr0bum/MeSy8qP1pcVXgki5gmXZuLmlMDvAHPTk/bx AF8Eevb8l1O0nqwUMEyYaAKSHyEWZoP26TQ4fExz8j67PVPl2jyE63gBmpSdjPwC Kjkkt0GqTwnclwmOve0yg1j+RC9oWAnduhgWQsSzm/g34DRfj5zCipzeihczAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUuj/+NTwSQsYlm00P/UCU2Y/EcBEwHwYDVR0j BBgwFoAUQI3rdGWFbuBTtkNA+oFLhi+l7TAwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ODVkOGRhYjQtOGJiNi00ZWQwLThkYWItNWE0MDYxNjdiOTlkLzAvNDA4REVCNzQ2 NTg1NkVFMDUzQjY0MzQwRkE4MTRCODYyRkE1RUQzMC5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS80MDhERUI3NDY1ODU2RUUwNTNCNjQzNDBGQTgxNEI4NjJGQTVF RDMwLmNlcjCBpQYIKwYBBQUHAQsEgZgwgZUwgZIGCCsGAQUFBzALhoGFcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04 ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzYzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzNTM1MzYzODM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAThAAAGMA0G CSqGSIb3DQEBCwUAA4IBAQA6LEXUYEBS5EfPwQawFhur7+CDIgm9IlI6tnEE6eYO ESV/tgKFbKsAImouqanDA2w3AkuS0LI/LAlmEtQeXEdn+wYQucg/lZzGAcYjt7uq DIaebRSdXYcHj9qbVWVsjMzC/x2hQKij/MqndhjsEPksnZ+eP3TQSNPjO29h4FFG ceAL3JYTECMnG+PzpRBJxaTIfNIbY++mckScXAoP0SenHme3zfgFksk53rsBCgN8 wAJjqCWil8/3NUj2LG4CLK5GnuQXqjIlcdVBdo0PB29XH0Wi+KppeO4RyDUetW2E HsLk0DvZsuFp2xKx1KAqseoIyCRhmDBBdwJbOng4S/Bi -----END CERTIFICATE-----Generated at Wed May 13 02:49:20 2026 by rpki-client