$ rpki-client -vvf rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/323430373a623463303a63633a3a2f34382d3438203d3e20313432333636.roa File: 323430373a623463303a63633a3a2f34382d3438203d3e20313432333636.roa (raw, json) Hash identifier: zSazRb0IpJJ4cBgKA2+8jgm7s2YnWXUiU+1QnaQiN1g= Subject key identifier: 66:CB:95:38:10:DF:A3:94:FB:CD:39:66:D1:7E:DE:FB:C6:D2:45:F7 Certificate issuer: /CN=399FBE55CFD957C1E3849C75FE378403E394BB45 Certificate serial: 72EDFA166927408BC4F2BBEC5330C4353CB320C3 Authority key identifier: 39:9F:BE:55:CF:D9:57:C1:E3:84:9C:75:FE:37:84:03:E3:94:BB:45 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/399FBE55CFD957C1E3849C75FE378403E394BB45.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/323430373a623463303a63633a3a2f34382d3438203d3e20313432333636.roa Signing time: Sun 03 May 2026 02:57:21 +0000 ROA not before: Sun 03 May 2026 02:52:21 +0000 ROA not after: Sun 02 May 2027 02:57:21 +0000 asID: 142366 IP address blocks: 2407:b4c0:cc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/399FBE55CFD957C1E3849C75FE378403E394BB45.crl rsync://rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/399FBE55CFD957C1E3849C75FE378403E394BB45.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/399FBE55CFD957C1E3849C75FE378403E394BB45.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 00:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:ed:fa:16:69:27:40:8b:c4:f2:bb:ec:53:30:c4:35:3c:b3:20:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=399FBE55CFD957C1E3849C75FE378403E394BB45 Validity Not Before: May 3 02:52:21 2026 GMT Not After : May 2 02:57:21 2027 GMT Subject: CN=66CB953810DFA394FBCD3966D17EDEFBC6D245F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:0f:8e:b8:63:60:c8:2c:c6:e2:10:43:aa:a5: 54:4b:8d:c9:bd:a4:95:62:29:ae:d8:cf:b4:91:37: 1c:65:2b:41:cf:02:cb:04:67:b6:57:33:61:c0:33: ce:c8:aa:9a:99:8a:f9:ae:94:51:86:e3:4c:4c:d6: 12:2a:b3:d1:f8:8a:3d:c5:b7:72:16:c5:9a:b4:48: 0a:b1:7e:c5:00:e2:05:57:9d:d8:98:48:f6:af:9f: 37:9f:99:d9:44:78:81:6f:40:5f:23:c3:30:4a:c4: 50:62:6c:0e:f5:9c:81:6c:13:56:e3:d4:54:a9:91: 03:14:51:cc:3d:eb:18:cc:d0:e6:65:b1:f6:61:1e: fc:53:62:39:81:ba:b6:af:f3:af:97:85:ec:a9:45: e4:7f:b9:14:e3:d5:9c:ac:cf:04:34:ce:33:39:97: 3c:79:0d:e1:7e:cc:17:c3:02:58:c8:b7:e0:10:b1: 9a:35:32:3a:7e:36:e0:0e:c6:d1:f0:da:93:42:a0: 12:cd:ea:a6:dc:1c:4b:58:92:18:1e:71:dc:c1:48: 49:36:c2:c9:bc:09:2b:c4:8b:53:0f:6a:6f:a2:cc: 95:45:50:ea:66:25:53:7f:63:fd:7e:15:2c:0e:4e: c3:e2:64:51:88:51:f8:29:5b:b3:a4:90:d7:75:7c: 48:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:CB:95:38:10:DF:A3:94:FB:CD:39:66:D1:7E:DE:FB:C6:D2:45:F7 X509v3 Authority Key Identifier: keyid:39:9F:BE:55:CF:D9:57:C1:E3:84:9C:75:FE:37:84:03:E3:94:BB:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/399FBE55CFD957C1E3849C75FE378403E394BB45.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/399FBE55CFD957C1E3849C75FE378403E394BB45.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/a70dfb5a-845e-4ddf-aca7-a9b31c31dff4/0/323430373a623463303a63633a3a2f34382d3438203d3e20313432333636.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:b4c0:cc::/48 Signature Algorithm: sha256WithRSAEncryption 91:11:49:6e:05:b1:60:6a:bd:1e:51:fb:3d:5d:ce:38:03:29: 2c:61:5d:54:fc:ec:3b:85:68:94:6e:f3:9a:39:98:b8:e4:e2: 4f:b2:86:97:10:50:fb:35:bc:21:80:ba:ee:71:ae:73:c3:fe: 2b:44:b4:0b:87:aa:65:e1:5e:7a:38:c0:b8:ad:fa:ca:6e:77: 01:2f:a3:1d:58:37:8a:47:a5:fc:fc:c0:cc:a9:5b:c9:01:88: eb:be:e1:84:4b:40:01:95:38:58:a3:25:14:46:9e:cc:5a:35: 9d:83:a7:42:26:7d:aa:e1:5f:a3:fc:51:85:69:a6:12:e0:2b: 30:21:4d:a5:86:8e:7c:04:43:c9:49:0e:e3:b9:98:da:10:b4: 80:a1:bc:89:95:99:20:5d:9c:cd:92:3d:a6:67:19:8a:b1:66: 49:50:ba:70:00:30:1b:3c:49:33:ba:6c:01:62:6c:48:13:b9: c8:92:7b:c4:a7:b2:6a:03:37:de:0a:f9:a3:b1:63:c9:e7:e7: 85:58:ff:e2:2a:29:e3:83:f0:7f:8d:17:c4:be:4c:db:94:e3: 93:1c:30:b0:ae:57:c3:22:d3:6a:21:46:6a:40:41:e1:9a:19: e0:ef:37:61:b5:d5:3f:0f:61:02:ff:61:fb:61:66:31:4b:f8: e1:eb:af:34 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUcu36FmknQIvE8rvsUzDENTyzIMMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzk5RkJFNTVDRkQ5NTdDMUUzODQ5Qzc1RkUzNzg0MDNF Mzk0QkI0NTAeFw0yNjA1MDMwMjUyMjFaFw0yNzA1MDIwMjU3MjFaMDMxMTAvBgNV BAMTKDY2Q0I5NTM4MTBERkEzOTRGQkNEMzk2NkQxN0VERUZCQzZEMjQ1RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvD464Y2DILMbiEEOqpVRLjcm9 pJViKa7Yz7SRNxxlK0HPAssEZ7ZXM2HAM87IqpqZivmulFGG40xM1hIqs9H4ij3F t3IWxZq0SAqxfsUA4gVXndiYSPavnzefmdlEeIFvQF8jwzBKxFBibA71nIFsE1bj 1FSpkQMUUcw96xjM0OZlsfZhHvxTYjmBurav86+XheypReR/uRTj1ZyszwQ0zjM5 lzx5DeF+zBfDAljIt+AQsZo1Mjp+NuAOxtHw2pNCoBLN6qbcHEtYkhgecdzBSEk2 wsm8CSvEi1MPam+izJVFUOpmJVN/Y/1+FSwOTsPiZFGIUfgpW7OkkNd1fEifAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUZsuVOBDfo5T7zTlm0X7e+8bSRfcwHwYDVR0j BBgwFoAUOZ++Vc/ZV8HjhJx1/jeEA+OUu0UwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v YTcwZGZiNWEtODQ1ZS00ZGRmLWFjYTctYTliMzFjMzFkZmY0LzAvMzk5RkJFNTVD RkQ5NTdDMUUzODQ5Qzc1RkUzNzg0MDNFMzk0QkI0NS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8zOTlGQkU1NUNGRDk1N0MxRTM4NDlDNzVGRTM3ODQwM0UzOTRC QjQ1LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6 Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBvL2E3MGRmYjVhLTg0NWUtNGRkZi1h Y2E3LWE5YjMxYzMxZGZmNC8wLzMyMzQzMDM3M2E2MjM0NjMzMDNhNjM2MzNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQHtMAA zDANBgkqhkiG9w0BAQsFAAOCAQEAkRFJbgWxYGq9HlH7PV3OOAMpLGFdVPzsO4Vo lG7zmjmYuOTiT7KGlxBQ+zW8IYC67nGuc8P+K0S0C4eqZeFeejjAuK36ym53AS+j HVg3ikel/PzAzKlbyQGI677hhEtAAZU4WKMlFEaezFo1nYOnQiZ9quFfo/xRhWmm EuArMCFNpYaOfARDyUkO47mY2hC0gKG8iZWZIF2czZI9pmcZirFmSVC6cAAwGzxJ M7psAWJsSBO5yJJ7xKeyagM33gr5o7FjyefnhVj/4iop44Pwf40XxL5M25Tjkxww sK5XwyLTaiFGakBB4ZoZ4O83YbXVPw9hAv9h+2FmMUv44euvNA== -----END CERTIFICATE-----Generated at Wed May 13 05:43:51 2026 by rpki-client