$ rpki-client -vvf repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a666163653a3a2f34382d3438203d3e203538353532.roa File: 323430343a666430303a666163653a3a2f34382d3438203d3e203538353532.roa (raw, json) Hash identifier: nfM168xSqVa1x6lLbiX0k8IobfSikQPA62Q/hS2VOFA= Subject key identifier: 21:7D:FD:EC:A3:85:85:52:1D:36:40:C8:D5:88:D0:A5:34:ED:CA:5C Certificate issuer: /CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Certificate serial: 1FD553C4A268DED7B78B00DAE8AA70AB4611BB68 Authority key identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a666163653a3a2f34382d3438203d3e203538353532.roa Signing time: Fri 10 Apr 2026 09:00:00 +0000 ROA not before: Fri 10 Apr 2026 08:55:00 +0000 ROA not after: Fri 09 Apr 2027 09:00:00 +0000 asID: 58552 IP address blocks: 2404:fd00:face::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 06:17:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:d5:53:c4:a2:68:de:d7:b7:8b:00:da:e8:aa:70:ab:46:11:bb:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Validity Not Before: Apr 10 08:55:00 2026 GMT Not After : Apr 9 09:00:00 2027 GMT Subject: CN=217DFDECA38585521D3640C8D588D0A534EDCA5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5e:cb:65:a9:fb:04:1a:e1:4b:02:17:9c:5c: ff:e7:b9:2b:4b:30:3c:39:4e:b8:03:d3:04:ca:fb: a8:59:8b:64:8e:95:68:70:07:93:ae:78:8f:18:d6: 08:1a:07:ba:ba:bc:91:ba:0a:3d:8e:f4:0a:04:9b: af:91:3d:d4:69:5f:f7:75:29:b9:b5:fa:58:24:18: 34:52:d7:da:1a:cf:12:38:a9:31:df:b1:2d:c1:f7: 1e:ef:31:57:94:13:d0:db:d7:92:25:27:55:b9:a8: f2:f6:3f:16:ff:86:a6:87:3d:93:10:cf:3d:22:d2: f7:b5:06:8b:a4:c7:f2:6a:fc:c4:be:ee:93:28:83: 23:15:d3:be:95:9c:98:12:f2:41:1e:a8:7c:61:c9: 5a:8e:a3:90:c5:55:13:ae:23:3e:4f:f6:77:af:f2: 4f:1f:70:c4:59:0f:7d:a8:15:de:ba:54:2c:cf:5a: 55:e4:ea:98:4b:b9:c9:ae:43:b6:28:a8:b7:2c:94: df:d9:e1:99:cf:fd:75:c0:51:8d:5f:9c:ac:54:6f: af:98:2b:4a:23:b8:61:dc:a9:a1:74:5d:dc:07:93: 2c:b9:05:74:e6:ef:80:0e:22:cb:e4:22:ce:b3:5a: 67:18:f5:89:4e:b3:c4:4d:f1:86:6c:13:ef:57:4e: 21:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:7D:FD:EC:A3:85:85:52:1D:36:40:C8:D5:88:D0:A5:34:ED:CA:5C X509v3 Authority Key Identifier: keyid:AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a666163653a3a2f34382d3438203d3e203538353532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:fd00:face::/48 Signature Algorithm: sha256WithRSAEncryption 97:69:af:12:19:5a:bd:4f:a0:36:aa:3c:a4:ba:04:b2:ef:53: ab:df:bb:fc:37:fa:04:3f:26:31:a8:61:a6:19:17:ff:01:e1: a1:29:f9:73:75:84:35:61:6a:64:6a:51:13:3b:96:40:e2:d9: 47:56:11:1a:2b:7b:1d:75:4e:bd:1d:cd:e8:eb:75:e8:3b:24: 79:7c:f6:84:ea:6f:b6:ad:2e:ff:c7:c5:ed:1b:78:dc:aa:b9: f7:f2:6f:6a:ce:47:3f:4f:71:f4:24:ff:49:2d:96:6b:b0:25: 8d:1d:a8:d4:54:31:50:fe:30:18:51:bf:b3:51:44:6e:88:68: de:03:8d:64:e4:93:41:6f:1b:55:f7:b6:61:d5:05:e7:6b:ba: 7a:2a:95:a4:84:38:d8:25:ee:93:69:66:cb:96:b7:5f:22:85: 75:f6:d5:41:1b:ff:8a:45:b8:2a:28:6c:9b:0d:a7:bd:6b:aa: b3:f6:b1:3d:4d:38:c3:d9:cf:12:77:05:7f:d7:ec:e3:56:db: 17:48:35:4d:d4:f8:e4:a3:3c:1c:04:bf:35:69:b2:26:63:fa: 70:7d:f0:37:eb:85:ae:f2:f5:0d:48:18:9d:0f:10:9c:9b:ee: cf:80:ea:84:b5:05:de:96:f5:e8:64:94:e0:d0:ed:68:19:3e: a5:fe:4f:0c -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUH9VTxKJo3te3iwDa6Kpwq0YRu2gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FF NEQ1RkRFNjAeFw0yNjA0MTAwODU1MDBaFw0yNzA0MDkwOTAwMDBaMDMxMTAvBgNV BAMTKDIxN0RGREVDQTM4NTg1NTIxRDM2NDBDOEQ1ODhEMEE1MzRFRENBNUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAXstlqfsEGuFLAhecXP/nuStL MDw5TrgD0wTK+6hZi2SOlWhwB5OueI8Y1ggaB7q6vJG6Cj2O9AoEm6+RPdRpX/d1 Kbm1+lgkGDRS19oazxI4qTHfsS3B9x7vMVeUE9Db15IlJ1W5qPL2Pxb/hqaHPZMQ zz0i0ve1Boukx/Jq/MS+7pMogyMV076VnJgS8kEeqHxhyVqOo5DFVROuIz5P9nev 8k8fcMRZD32oFd66VCzPWlXk6phLucmuQ7YoqLcslN/Z4ZnP/XXAUY1fnKxUb6+Y K0ojuGHcqaF0XdwHkyy5BXTm74AOIsvkIs6zWmcY9YlOs8RN8YZsE+9XTiH/AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUIX397KOFhVIdNkDI1YjQpTTtylwwHwYDVR0j BBgwFoAUr0tY1LFlMLn2kZ2/T1PcOuTV/eYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDIyN2RiZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMC9BRjRCNThENEIx NjUzMEI5RjY5MTlEQkY0RjUzREMzQUU0RDVGREU2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FFNEQ1 RkRFNi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkMjI3ZGJlLTRhMWMtNDBiMC05 NGE2LTc5M2JkYmRhMzc3Ny8wLzMyMzQzMDM0M2E2NjY0MzAzMDNhNjY2MTYzNjUz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNTM4MzUzNTMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAT9 APrOMA0GCSqGSIb3DQEBCwUAA4IBAQCXaa8SGVq9T6A2qjykugSy71Or37v8N/oE PyYxqGGmGRf/AeGhKflzdYQ1YWpkalETO5ZA4tlHVhEaK3sddU69Hc3o63XoOyR5 fPaE6m+2rS7/x8XtG3jcqrn38m9qzkc/T3H0JP9JLZZrsCWNHajUVDFQ/jAYUb+z UURuiGjeA41k5JNBbxtV97Zh1QXna7p6KpWkhDjYJe6TaWbLlrdfIoV19tVBG/+K RbgqKGybDae9a6qz9rE9TTjD2c8SdwV/1+zjVtsXSDVN1PjkozwcBL81abImY/pw ffA364Wu8vUNSBidDxCcm+7PgOqEtQXelvXoZJTg0O1oGT6l/k8M -----END CERTIFICATE-----Generated at Fri Apr 17 22:33:04 2026 by rpki-client