$ rpki-client -vvf repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa File: 323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa (raw, json) Hash identifier: 8d1124p6osknr5mIf0Fwnuo5LSN5Fn+xLhfttGNnPCo= Subject key identifier: 27:33:A5:E7:B2:7F:A6:3A:F9:6F:53:1B:10:1F:3F:6E:11:20:DF:26 Certificate issuer: /CN=9F6D5D5649D001D2B7A3378F99314A992D482E4A Certificate serial: 0EC877D1E9EA49E17BF147C1654D2A822D654855 Authority key identifier: 9F:6D:5D:56:49:D0:01:D2:B7:A3:37:8F:99:31:4A:99:2D:48:2E:4A Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa Signing time: Sun 01 Jun 2025 23:00:00 +0000 ROA not before: Sun 01 Jun 2025 22:55:00 +0000 ROA not after: Sun 31 May 2026 23:00:00 +0000 asID: 136821 IP address blocks: 2001:df2:2100::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.crl rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 11:54:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:c8:77:d1:e9:ea:49:e1:7b:f1:47:c1:65:4d:2a:82:2d:65:48:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9F6D5D5649D001D2B7A3378F99314A992D482E4A Validity Not Before: Jun 1 22:55:00 2025 GMT Not After : May 31 23:00:00 2026 GMT Subject: CN=2733A5E7B27FA63AF96F531B101F3F6E1120DF26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d3:ba:ad:bf:41:ff:8f:fd:6c:e7:f6:e5:d7: e6:04:fe:83:b4:4c:e2:01:44:90:7d:31:4d:04:63: a4:12:e1:e2:85:30:f5:95:c8:08:68:84:97:b3:6b: f3:92:84:2d:cf:8c:57:61:fe:3b:f9:17:97:95:5f: da:98:6f:2a:77:c4:4f:10:91:f0:94:4f:2e:05:24: b6:f5:53:ea:14:03:60:9c:59:53:b9:a6:f5:06:52: 1b:fa:9f:ef:2a:7b:80:61:ae:cd:ab:7a:3e:22:94: 72:4a:88:14:17:86:00:67:96:cb:81:24:74:a8:19: 5d:66:e1:51:75:5c:28:63:ed:42:0d:77:33:cc:4a: fb:f2:38:ff:de:22:0d:79:56:67:8d:93:c5:94:fb: ac:c9:2e:24:39:74:16:95:3f:71:b9:0e:15:2a:14: 7b:62:b8:5d:22:1a:19:7c:39:dd:6c:75:21:df:16: bc:f2:cd:ab:54:07:82:ea:2a:80:da:f4:fb:a6:e5: 41:65:6e:db:96:1b:96:d9:65:4b:7d:94:ed:2d:bc: 6d:cc:55:3e:cb:c4:92:31:bc:ad:c0:3d:78:5e:74: 34:2a:30:8b:d7:da:44:88:a0:86:a8:78:83:d7:ca: 19:85:39:b4:16:1c:76:3e:f6:8d:61:f5:47:85:19: 94:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:33:A5:E7:B2:7F:A6:3A:F9:6F:53:1B:10:1F:3F:6E:11:20:DF:26 X509v3 Authority Key Identifier: keyid:9F:6D:5D:56:49:D0:01:D2:B7:A3:37:8F:99:31:4A:99:2D:48:2E:4A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:2100::/48 Signature Algorithm: sha256WithRSAEncryption 29:9a:44:b9:e1:31:2c:e8:74:53:43:11:56:5c:88:de:9c:5d: d5:c5:bf:ec:e4:42:ed:75:c0:9b:96:ce:07:1b:4d:86:21:7b: 95:7b:1e:89:da:a2:bc:ca:f0:e4:0f:56:c7:26:8b:f5:63:ef: ae:24:fb:46:98:f5:2f:0d:26:a9:6d:6f:e4:d2:72:c6:63:d4: 27:56:73:74:01:50:83:1b:47:e2:e7:03:b8:bc:c7:d9:cd:90: b0:13:a7:01:5d:b6:4e:68:98:9e:ac:c1:23:86:05:05:f8:ab: 77:f0:28:25:e6:3a:75:54:91:f0:27:f8:c4:e7:90:40:70:ad: 8e:29:8d:58:b0:ff:db:e6:00:ff:bf:96:83:91:49:ef:ac:70: 5b:53:16:08:da:9a:3d:21:9f:20:3c:6b:d5:2e:d7:5a:2c:c9: 16:2c:58:ac:cd:ca:1f:da:e1:fe:e4:27:6b:2b:42:38:b7:75: db:3d:5a:56:d0:b3:af:4c:a0:11:7a:88:c4:c5:d5:d4:23:6f: 6e:87:47:b1:ad:9f:b8:da:4a:fa:7c:8e:88:64:c1:81:09:f6: b3:e1:81:4b:da:ec:e2:fa:ad:33:ab:3a:53:7a:82:78:bb:e5: a9:f1:71:52:e8:91:10:00:9c:ce:0e:5e:c8:8f:5f:c1:43:b8: 7f:81:0e:c9 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUDsh30enqSeF78UfBZU0qgi1lSFUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUY2RDVENTY0OUQwMDFEMkI3QTMzNzhGOTkzMTRBOTky RDQ4MkU0QTAeFw0yNTA2MDEyMjU1MDBaFw0yNjA1MzEyMzAwMDBaMDMxMTAvBgNV BAMTKDI3MzNBNUU3QjI3RkE2M0FGOTZGNTMxQjEwMUYzRjZFMTEyMERGMjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh07qtv0H/j/1s5/bl1+YE/oO0 TOIBRJB9MU0EY6QS4eKFMPWVyAhohJeza/OShC3PjFdh/jv5F5eVX9qYbyp3xE8Q kfCUTy4FJLb1U+oUA2CcWVO5pvUGUhv6n+8qe4Bhrs2rej4ilHJKiBQXhgBnlsuB JHSoGV1m4VF1XChj7UINdzPMSvvyOP/eIg15VmeNk8WU+6zJLiQ5dBaVP3G5DhUq FHtiuF0iGhl8Od1sdSHfFrzyzatUB4LqKoDa9Pum5UFlbtuWG5bZZUt9lO0tvG3M VT7LxJIxvK3APXhedDQqMIvX2kSIoIaoeIPXyhmFObQWHHY+9o1h9UeFGZQZAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUJzOl57J/pjr5b1MbEB8/bhEg3yYwHwYDVR0j BBgwFoAUn21dVknQAdK3ozePmTFKmS1ILkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y ZmQzZmMyNC03NWEyLTQ3ZjYtOTI4ZS00ZTk4MDJiOTcwODUvMC85RjZENUQ1NjQ5 RDAwMUQyQjdBMzM3OEY5OTMxNEE5OTJENDgyRTRBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOUY2RDVENTY0OUQwMDFEMkI3QTMzNzhGOTkzMTRBOTkyRDQ4 MkU0QS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmZDNmYzI0LTc1YTItNDdmNi05 MjhlLTRlOTgwMmI5NzA4NS8wLzMyMzAzMDMxM2E2NDY2MzIzYTMyMzEzMDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM2MzgzMjMxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8iEAMA0GCSqGSIb3DQEBCwUAA4IBAQApmkS54TEs6HRTQxFWXIjenF3Vxb/s5ELt dcCbls4HG02GIXuVex6J2qK8yvDkD1bHJov1Y++uJPtGmPUvDSapbW/k0nLGY9Qn VnN0AVCDG0fi5wO4vMfZzZCwE6cBXbZOaJierMEjhgUF+Kt38Cgl5jp1VJHwJ/jE 55BAcK2OKY1YsP/b5gD/v5aDkUnvrHBbUxYI2po9IZ8gPGvVLtdaLMkWLFiszcof 2uH+5CdrK0I4t3XbPVpW0LOvTKAReojExdXUI29uh0exrZ+42kr6fI6IZMGBCfaz 4YFL2uzi+q0zqzpTeoJ4u+Wp8XFS6JEQAJzODl7Ij1/BQ7h/gQ7J -----END CERTIFICATE-----Generated at Tue Jun 17 11:08:32 2025 by rpki-client