$ rpki-client -vvf repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a61633a3a2f34382d3438203d3e203538343835.roa File: 323430323a653130303a61633a3a2f34382d3438203d3e203538343835.roa (raw, json) Hash identifier: PJK40q7WUwTW88oYuOeJRlP3deJscpLSdiVo4TnCchE= Subject key identifier: C5:1F:1D:EF:65:DE:7C:1E:2F:CD:E3:69:D8:D1:EF:F2:6D:CD:1E:99 Certificate issuer: /CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39 Certificate serial: 589E71C345779CDA66FB1A7F7D394C991DCD848B Authority key identifier: FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a61633a3a2f34382d3438203d3e203538343835.roa Signing time: Thu 23 Oct 2025 12:00:00 +0000 ROA not before: Thu 23 Oct 2025 11:55:00 +0000 ROA not after: Thu 22 Oct 2026 12:00:00 +0000 asID: 58485 IP address blocks: 2402:e100:ac::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:9e:71:c3:45:77:9c:da:66:fb:1a:7f:7d:39:4c:99:1d:cd:84:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39 Validity Not Before: Oct 23 11:55:00 2025 GMT Not After : Oct 22 12:00:00 2026 GMT Subject: CN=C51F1DEF65DE7C1E2FCDE369D8D1EFF26DCD1E99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:31:8e:4c:62:0a:4e:70:8a:f7:d7:f5:27:a0: 5d:3a:03:7f:d6:7b:33:9e:d2:ef:d5:55:97:8b:b0: 36:5b:93:8d:e8:c4:3b:74:7c:95:ca:74:d5:44:db: 21:31:3a:c9:46:23:4d:8b:18:a2:86:9a:7f:0d:f0: 98:07:d8:88:5f:c0:ac:41:91:88:b9:0f:77:dd:96: 36:7c:c7:f3:cb:34:dd:f8:22:a2:0b:04:c0:b2:fd: 8c:e2:1a:50:64:d0:bc:3e:d6:cd:45:28:9f:5d:9c: 3e:89:cf:0c:d8:b1:47:f9:07:00:6e:e0:80:f8:1b: 30:45:16:93:79:b2:7a:78:4e:48:d8:50:12:8c:73: f9:70:a7:45:d4:79:00:68:d1:9f:7c:2d:56:d9:ac: 64:80:df:04:13:3a:2c:a7:d4:6b:b4:6b:9b:7a:42: 8b:2e:24:e0:1a:1b:07:0f:11:9e:5c:22:9a:65:f1: 94:52:c5:12:f9:e7:61:63:f4:d5:30:5f:6b:fd:2b: cd:42:fa:aa:4f:09:65:53:39:9b:da:75:11:a2:37: bb:43:12:25:18:f3:7f:11:07:5a:e6:3d:9f:0f:86: 6b:fd:e5:f6:c7:af:84:57:15:76:fa:5c:35:44:53: 9e:fb:a5:ee:26:cc:f5:35:79:68:8d:49:dc:4e:90: eb:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:1F:1D:EF:65:DE:7C:1E:2F:CD:E3:69:D8:D1:EF:F2:6D:CD:1E:99 X509v3 Authority Key Identifier: keyid:FA:5B:CA:98:4E:EB:AF:FD:CE:D8:41:90:C7:07:56:DB:EB:3B:FF:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FA5BCA984EEBAFFDCED84190C70756DBEB3BFF39.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2ee47bbf-ba84-448f-962b-2aaf5c7dd68d/0/323430323a653130303a61633a3a2f34382d3438203d3e203538343835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:e100:ac::/48 Signature Algorithm: sha256WithRSAEncryption 6e:c6:f2:83:fb:1d:9f:ad:c6:d9:39:4b:4f:b1:98:45:24:3b: 63:72:68:1b:7a:73:fd:c5:1e:e0:91:31:32:55:31:4f:3c:36: 25:bb:09:d1:34:02:b0:ab:5f:f1:2e:09:d1:f3:8b:2b:d0:aa: e2:b1:5d:f2:ad:b1:1f:eb:fd:05:70:33:f8:f4:83:0f:9e:91: eb:d1:ea:0b:1a:32:23:a8:2d:24:31:23:64:f9:ae:13:3d:6b: 6b:7b:1c:fd:f9:0f:9f:2a:ea:09:b2:49:75:4e:9e:fb:08:81: 1f:75:e2:f6:08:20:7a:a6:df:2a:35:ab:1a:fd:67:40:4c:10: 20:b1:92:12:83:9d:be:89:a2:d8:35:b4:2a:95:3e:d4:20:e6: ed:72:1f:78:14:fa:2f:63:e2:7f:18:6e:51:0c:87:48:4d:42: 6f:a9:d2:7e:da:df:f6:ab:89:69:73:ed:78:87:24:27:5a:38: 96:ff:2a:c0:f4:b5:38:3e:b8:d2:9f:fe:81:03:87:a9:bf:5e: 15:e4:b4:2e:5b:0b:0c:37:f2:e6:df:7a:2f:de:19:4a:01:60: b9:4f:24:1c:02:c6:04:24:ab:59:a7:ac:cb:16:45:2c:cb:a1: 1c:2a:83:a0:17:aa:06:d6:c2:09:0f:f0:0b:e2:fd:7a:b2:36: b6:77:66:53 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUWJ5xw0V3nNpm+xp/fTlMmR3NhIswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJF QjNCRkYzOTAeFw0yNTEwMjMxMTU1MDBaFw0yNjEwMjIxMjAwMDBaMDMxMTAvBgNV BAMTKEM1MUYxREVGNjVERTdDMUUyRkNERTM2OUQ4RDFFRkYyNkRDRDFFOTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4MY5MYgpOcIr31/UnoF06A3/W ezOe0u/VVZeLsDZbk43oxDt0fJXKdNVE2yExOslGI02LGKKGmn8N8JgH2IhfwKxB kYi5D3fdljZ8x/PLNN34IqILBMCy/YziGlBk0Lw+1s1FKJ9dnD6JzwzYsUf5BwBu 4ID4GzBFFpN5snp4TkjYUBKMc/lwp0XUeQBo0Z98LVbZrGSA3wQTOiyn1Gu0a5t6 QosuJOAaGwcPEZ5cIppl8ZRSxRL552Fj9NUwX2v9K81C+qpPCWVTOZvadRGiN7tD EiUY838RB1rmPZ8Phmv95fbHr4RXFXb6XDVEU577pe4mzPU1eWiNSdxOkOsLAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUxR8d72XefB4vzeNp2NHv8m3NHpkwHwYDVR0j BBgwFoAU+lvKmE7rr/3O2EGQxwdW2+s7/zkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZWU0N2JiZi1iYTg0LTQ0OGYtOTYyYi0yYWFmNWM3ZGQ2OGQvMC9GQTVCQ0E5ODRF RUJBRkZEQ0VEODQxOTBDNzA3NTZEQkVCM0JGRjM5LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRkE1QkNBOTg0RUVCQUZGRENFRDg0MTkwQzcwNzU2REJFQjNC RkYzOS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJlZTQ3YmJmLWJhODQtNDQ4Zi05 NjJiLTJhYWY1YzdkZDY4ZC8wLzMyMzQzMDMyM2E2NTMxMzAzMDNhNjE2MzNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzgzNDM4MzUucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAuEAAKww DQYJKoZIhvcNAQELBQADggEBAG7G8oP7HZ+txtk5S0+xmEUkO2NyaBt6c/3FHuCR MTJVMU88NiW7CdE0ArCrX/EuCdHziyvQquKxXfKtsR/r/QVwM/j0gw+ekevR6gsa MiOoLSQxI2T5rhM9a2t7HP35D58q6gmySXVOnvsIgR914vYIIHqm3yo1qxr9Z0BM ECCxkhKDnb6Jotg1tCqVPtQg5u1yH3gU+i9j4n8YblEMh0hNQm+p0n7a3/ariWlz 7XiHJCdaOJb/KsD0tTg+uNKf/oEDh6m/XhXktC5bCww38ubfei/eGUoBYLlPJBwC xgQkq1mnrMsWRSzLoRwqg6AXqgbWwgkP8Avi/XqyNrZ3ZlM= -----END CERTIFICATE-----Generated at Tue Nov 4 19:25:51 2025 by rpki-client