$ rpki-client -vvf repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/323030313a6466333a653034303a3a2f34382d3438203d3e20313532383036.roa File: 323030313a6466333a653034303a3a2f34382d3438203d3e20313532383036.roa (raw, json) Hash identifier: 7Sjy07nIz40VYuiQAAUvMHjSS6WBBJpcxOEZMkh16GE= Subject key identifier: 6B:84:50:14:0A:83:E3:DA:DD:52:D6:31:64:E0:1F:6D:98:8A:50:67 Certificate issuer: /CN=C2E1998AC1681A41F68250BFABD05A982E00EA44 Certificate serial: 38BDC242C997CC6F03425F24F6A88C2C04633422 Authority key identifier: C2:E1:99:8A:C1:68:1A:41:F6:82:50:BF:AB:D0:5A:98:2E:00:EA:44 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C2E1998AC1681A41F68250BFABD05A982E00EA44.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/323030313a6466333a653034303a3a2f34382d3438203d3e20313532383036.roa Signing time: Mon 12 May 2025 20:00:01 +0000 ROA not before: Mon 12 May 2025 19:55:01 +0000 ROA not after: Mon 11 May 2026 20:00:01 +0000 asID: 152806 IP address blocks: 2001:df3:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/C2E1998AC1681A41F68250BFABD05A982E00EA44.crl rsync://repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/C2E1998AC1681A41F68250BFABD05A982E00EA44.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C2E1998AC1681A41F68250BFABD05A982E00EA44.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 01:08:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:bd:c2:42:c9:97:cc:6f:03:42:5f:24:f6:a8:8c:2c:04:63:34:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C2E1998AC1681A41F68250BFABD05A982E00EA44 Validity Not Before: May 12 19:55:01 2025 GMT Not After : May 11 20:00:01 2026 GMT Subject: CN=6B8450140A83E3DADD52D63164E01F6D988A5067 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:7a:c3:1c:5b:c5:56:1b:65:ad:f1:cd:7b:df: 1d:15:8d:7b:6b:06:6e:3e:0b:a2:be:d8:00:7e:b9: f1:ab:06:61:6b:e6:ea:a3:d1:e7:48:10:45:8c:b2: 2c:95:e6:bd:61:9c:87:0c:bc:32:7a:20:37:9c:37: e2:6a:ab:40:ae:d4:e9:e9:43:33:5a:f5:f4:4c:2f: fd:49:43:1d:8a:5d:c8:7c:6c:e2:c1:ea:46:01:28: 24:e1:a4:7b:68:85:72:e9:11:74:c0:fe:04:e9:38: 82:ea:4f:a6:82:09:ba:36:72:de:b2:c6:27:ee:6c: af:c1:4e:27:4d:01:7b:cf:ec:d2:cf:0b:0b:89:7a: 01:80:12:33:b0:17:d9:bf:db:a6:18:cf:f8:1c:32: 22:e5:f7:5d:67:09:bf:99:d0:d0:70:00:dc:c9:75: 86:3c:ab:64:bc:68:97:63:66:fe:5b:14:80:83:a2: c2:9e:fa:85:48:db:7b:73:4b:91:4c:bf:01:e9:67: 43:d2:b6:1a:a0:4c:9c:cd:91:d9:0b:d4:f3:d3:a1: 02:df:ee:3a:3b:c9:8d:91:4d:43:80:18:a7:5e:f9: 9e:49:39:4b:e9:f0:94:ae:79:1f:88:f1:8c:cc:77: 30:ba:c1:15:d2:60:32:83:13:79:a8:fc:01:ba:78: ce:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:84:50:14:0A:83:E3:DA:DD:52:D6:31:64:E0:1F:6D:98:8A:50:67 X509v3 Authority Key Identifier: keyid:C2:E1:99:8A:C1:68:1A:41:F6:82:50:BF:AB:D0:5A:98:2E:00:EA:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/C2E1998AC1681A41F68250BFABD05A982E00EA44.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C2E1998AC1681A41F68250BFABD05A982E00EA44.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1bdce391-a5d3-411b-a97b-e862fbf5631c/1/323030313a6466333a653034303a3a2f34382d3438203d3e20313532383036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:e040::/48 Signature Algorithm: sha256WithRSAEncryption 5e:e3:04:ec:92:2c:d4:72:d8:84:9d:c8:0f:67:79:83:ad:cb: 44:3b:0d:f0:1c:04:63:90:6e:a3:5b:c9:c2:19:e0:bc:f3:d5: cf:03:9e:78:1f:0e:86:80:86:a3:03:01:f8:d3:2f:a1:da:6c: 34:ac:5d:e1:7c:41:df:a6:71:41:fd:c3:0e:4b:c4:9f:95:75: e5:b5:f6:04:58:8d:61:37:3b:ee:a7:00:6f:04:20:8a:a5:94: af:43:1b:84:6c:50:ed:2f:13:2a:41:0a:fb:68:a3:e2:f6:22: 96:df:db:87:c6:73:9b:d8:9f:9a:85:25:ba:1c:66:b8:62:0b: fc:12:7e:e1:31:8c:f8:f8:7c:62:b7:34:e5:50:81:89:69:b8: c7:14:91:ba:87:27:0d:cd:a1:d7:ad:43:37:19:27:7d:bf:2e: 80:fb:f5:c3:c9:56:64:b8:d1:83:ff:04:12:48:25:32:57:9d: 3e:1b:b7:a0:73:6a:c8:81:92:48:89:55:ba:ed:37:d6:2e:56: ac:b1:f2:78:9e:e9:c4:b8:9a:ac:22:ab:13:4c:16:d6:39:d8: 35:33:73:37:f2:27:f3:53:cb:33:2f:e3:20:30:eb:ec:ec:b8: 14:84:8e:d7:2d:7d:b2:2f:83:01:69:39:0d:3e:87:99:6b:86: 1e:59:c6:05 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUOL3CQsmXzG8DQl8k9qiMLARjNCIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzJFMTk5OEFDMTY4MUE0MUY2ODI1MEJGQUJEMDVBOTgy RTAwRUE0NDAeFw0yNTA1MTIxOTU1MDFaFw0yNjA1MTEyMDAwMDFaMDMxMTAvBgNV BAMTKDZCODQ1MDE0MEE4M0UzREFERDUyRDYzMTY0RTAxRjZEOTg4QTUwNjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdesMcW8VWG2Wt8c173x0VjXtr Bm4+C6K+2AB+ufGrBmFr5uqj0edIEEWMsiyV5r1hnIcMvDJ6IDecN+Jqq0Cu1Onp QzNa9fRML/1JQx2KXch8bOLB6kYBKCThpHtohXLpEXTA/gTpOILqT6aCCbo2ct6y xifubK/BTidNAXvP7NLPCwuJegGAEjOwF9m/26YYz/gcMiLl911nCb+Z0NBwANzJ dYY8q2S8aJdjZv5bFICDosKe+oVI23tzS5FMvwHpZ0PSthqgTJzNkdkL1PPToQLf 7jo7yY2RTUOAGKde+Z5JOUvp8JSueR+I8YzMdzC6wRXSYDKDE3mo/AG6eM7rAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUa4RQFAqD49rdUtYxZOAfbZiKUGcwHwYDVR0j BBgwFoAUwuGZisFoGkH2glC/q9BamC4A6kQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x YmRjZTM5MS1hNWQzLTQxMWItYTk3Yi1lODYyZmJmNTYzMWMvMS9DMkUxOTk4QUMx NjgxQTQxRjY4MjUwQkZBQkQwNUE5ODJFMDBFQTQ0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzJFMTk5OEFDMTY4MUE0MUY2ODI1MEJGQUJEMDVBOTgyRTAw RUE0NC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFiZGNlMzkxLWE1ZDMtNDExYi1h OTdiLWU4NjJmYmY1NjMxYy8xLzMyMzAzMDMxM2E2NDY2MzMzYTY1MzAzNDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMyMzgzMDM2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8+BAMA0GCSqGSIb3DQEBCwUAA4IBAQBe4wTskizUctiEncgPZ3mDrctEOw3wHARj kG6jW8nCGeC889XPA554Hw6GgIajAwH40y+h2mw0rF3hfEHfpnFB/cMOS8SflXXl tfYEWI1hNzvupwBvBCCKpZSvQxuEbFDtLxMqQQr7aKPi9iKW39uHxnOb2J+ahSW6 HGa4Ygv8En7hMYz4+HxitzTlUIGJabjHFJG6hycNzaHXrUM3GSd9vy6A+/XDyVZk uNGD/wQSSCUyV50+G7egc2rIgZJIiVW67TfWLlassfJ4nunEuJqsIqsTTBbWOdg1 M3M38ifzU8szL+MgMOvs7LgUhI7XLX2yL4MBaTkNPoeZa4YeWcYF -----END CERTIFICATE-----Generated at Wed Nov 5 08:48:14 2025 by rpki-client