$ rpki-client -vvf repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/323430313a626534303a3a2f33322d3438203d3e20313336383431.roa File: 323430313a626534303a3a2f33322d3438203d3e20313336383431.roa (raw, json) Hash identifier: 8QSbauO9NNotVx0xsCiC0xHQEL8XE+fwtGOjSQB5tIM= Subject key identifier: EE:09:70:E1:B0:F4:AE:C1:FB:61:C1:F2:EC:4E:FC:19:25:54:43:DD Certificate issuer: /CN=645C9D445B2796662EE98A03E50C124F3E962CAB Certificate serial: 7EDA16223C8393E69E17C6329D3DB7166D42BB2D Authority key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/323430313a626534303a3a2f33322d3438203d3e20313336383431.roa Signing time: Fri 30 Jan 2026 09:17:02 +0000 ROA not before: Fri 30 Jan 2026 09:12:02 +0000 ROA not after: Fri 29 Jan 2027 09:17:02 +0000 asID: 136841 IP address blocks: 2401:be40::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:da:16:22:3c:83:93:e6:9e:17:c6:32:9d:3d:b7:16:6d:42:bb:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Validity Not Before: Jan 30 09:12:02 2026 GMT Not After : Jan 29 09:17:02 2027 GMT Subject: CN=EE0970E1B0F4AEC1FB61C1F2EC4EFC19255443DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:95:df:4a:a0:ad:a6:6c:47:21:92:9f:76:7c: 7b:03:7a:81:36:1c:4b:27:eb:0c:66:87:9a:75:0c: 13:84:7e:55:6c:58:1e:f8:15:6a:73:9e:a6:74:e8: ac:6e:d4:ca:6f:8e:ec:2c:e8:9b:93:75:92:b6:4f: 2c:5c:c2:f0:54:f7:a7:99:9f:06:9a:7e:48:d3:1f: a7:d5:72:56:30:0d:cb:27:e3:eb:3c:d8:7c:54:ea: f0:6d:e1:66:da:16:44:5b:e9:5d:0a:00:d9:5f:39: 14:4a:3c:35:d8:69:78:6e:02:36:e5:12:6d:b9:6b: 5b:61:5c:2d:f6:17:2c:60:8e:59:56:1c:27:75:48: f6:11:46:98:17:4f:9c:20:44:6d:5c:ef:23:ed:e5: 1f:2b:a2:36:b5:86:51:b6:2a:bc:df:f7:77:ee:7d: 24:e9:ea:45:3b:bd:0d:d6:96:6e:a7:0d:bd:76:bf: 63:25:62:d0:86:5a:5a:94:ab:cd:e2:a1:d7:da:5b: 8d:4b:85:94:4f:d4:6f:69:fc:35:47:af:66:74:d8: fd:e3:8f:e4:e7:cf:2a:92:c8:62:66:af:74:e3:a1: 27:a2:3b:bf:ff:c0:4a:63:41:69:d8:74:6f:dc:0d: fe:5f:2c:13:14:b6:8c:a5:9a:5e:73:bf:33:42:1f: ad:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:09:70:E1:B0:F4:AE:C1:FB:61:C1:F2:EC:4E:FC:19:25:54:43:DD X509v3 Authority Key Identifier: keyid:64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/323430313a626534303a3a2f33322d3438203d3e20313336383431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:be40::/32 Signature Algorithm: sha256WithRSAEncryption 42:5b:ce:55:18:b9:bd:6b:db:1f:3c:5f:80:83:c1:ed:e6:55: e0:61:11:bb:39:9d:3b:d5:9f:40:a1:aa:44:0f:32:0f:4c:29: b7:77:be:21:b9:ef:9c:fd:7a:95:bc:e3:51:90:f7:9f:c2:6e: cc:3c:ea:e2:79:8b:0a:aa:1b:e4:90:77:e4:a2:25:40:bb:d6: cc:df:d1:18:51:90:61:da:31:f6:dc:73:86:de:49:0b:89:0f: 04:ad:db:aa:a5:cf:45:65:1f:cf:bc:6b:46:8f:af:14:9c:51: 95:0f:2d:e2:17:14:d6:5c:5a:77:fd:65:e6:e9:e1:2a:02:b3: cc:dd:1a:06:d9:f2:6d:db:3a:65:bd:a5:78:3a:63:2d:60:1b: ba:0d:1a:59:93:bd:72:ac:c7:ee:51:11:47:84:ef:b7:53:fe: 5a:d8:a1:01:12:18:06:58:b2:62:15:dc:a7:76:f9:e0:36:e7: 67:db:bd:8b:b8:29:63:c9:b6:a8:25:f0:f8:67:84:b6:cb:1e: 5e:92:62:f1:df:b2:c5:fa:22:26:53:95:02:77:27:ce:4c:2b: 09:2a:ec:ef:47:91:d6:8d:7d:a6:54:0f:0c:72:87:c5:34:40: b0:dc:ee:32:61:15:d6:df:2c:f9:9c:76:e2:62:28:7f:61:14: a0:05:b5:ac -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUftoWIjyDk+aeF8YynT23Fm1Cuy0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYz RTk2MkNBQjAeFw0yNjAxMzAwOTEyMDJaFw0yNzAxMjkwOTE3MDJaMDMxMTAvBgNV BAMTKEVFMDk3MEUxQjBGNEFFQzFGQjYxQzFGMkVDNEVGQzE5MjU1NDQzREQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDald9KoK2mbEchkp92fHsDeoE2 HEsn6wxmh5p1DBOEflVsWB74FWpznqZ06Kxu1Mpvjuws6JuTdZK2TyxcwvBU96eZ nwaafkjTH6fVclYwDcsn4+s82HxU6vBt4WbaFkRb6V0KANlfORRKPDXYaXhuAjbl Em25a1thXC32FyxgjllWHCd1SPYRRpgXT5wgRG1c7yPt5R8roja1hlG2Krzf93fu fSTp6kU7vQ3Wlm6nDb12v2MlYtCGWlqUq83iodfaW41LhZRP1G9p/DVHr2Z02P3j j+TnzyqSyGJmr3TjoSeiO7//wEpjQWnYdG/cDf5fLBMUtoylml5zvzNCH61/AgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU7glw4bD0rsH7YcHy7E78GSVUQ90wHwYDVR0j BBgwFoAUZFydRFsnlmYu6YoD5QwSTz6WLKswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMC82NDVDOUQ0NDVC Mjc5NjY2MkVFOThBMDNFNTBDMTI0RjNFOTYyQ0FCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjQ1QzlENDQ1QjI3OTY2NjJFRTk4QTAzRTUwQzEyNEYzRTk2 MkNBQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3MzA0YjgzLTMwYWEtNGJiZi05 ZmQ3LTJmY2VhZGJmMDAzMC8wLzMyMzQzMDMxM2E2MjY1MzQzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzNjM4MzQzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQBvkAwDQYJKoZI hvcNAQELBQADggEBAEJbzlUYub1r2x88X4CDwe3mVeBhEbs5nTvVn0ChqkQPMg9M Kbd3viG575z9epW841GQ95/Cbsw86uJ5iwqqG+SQd+SiJUC71szf0RhRkGHaMfbc c4beSQuJDwSt26qlz0VlH8+8a0aPrxScUZUPLeIXFNZcWnf9Zebp4SoCs8zdGgbZ 8m3bOmW9pXg6Yy1gG7oNGlmTvXKsx+5REUeE77dT/lrYoQESGAZYsmIV3Kd2+eA2 52fbvYu4KWPJtqgl8PhnhLbLHl6SYvHfssX6IiZTlQJ3J85MKwkq7O9HkdaNfaZU Dwxyh8U0QLDc7jJhFdbfLPmcduJiKH9hFKAFtaw= -----END CERTIFICATE-----Generated at Mon Mar 2 21:21:24 2026 by rpki-client