$ rpki-client -vvf repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/323430313a316430303a323a3a2f34382d3438203d3e203338353035.roa File: 323430313a316430303a323a3a2f34382d3438203d3e203338353035.roa (raw, json) Hash identifier: EZdh60eQJ0O5FCzuczO3QBjbRRYgOvtWbCa5RUYH7z8= Subject key identifier: C3:3C:A8:AC:38:CE:59:E5:75:74:1F:14:E0:B1:29:62:97:F7:0B:23 Certificate issuer: /CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6 Certificate serial: 4C089ED3C2EFAE5412E051648C9DA5B3810AA786 Authority key identifier: 83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/323430313a316430303a323a3a2f34382d3438203d3e203338353035.roa Signing time: Mon 09 Jun 2025 17:00:00 +0000 ROA not before: Mon 09 Jun 2025 16:55:00 +0000 ROA not after: Mon 08 Jun 2026 17:00:00 +0000 asID: 38505 IP address blocks: 2401:1d00:2::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.crl rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 23:33:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:08:9e:d3:c2:ef:ae:54:12:e0:51:64:8c:9d:a5:b3:81:0a:a7:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6 Validity Not Before: Jun 9 16:55:00 2025 GMT Not After : Jun 8 17:00:00 2026 GMT Subject: CN=C33CA8AC38CE59E575741F14E0B1296297F70B23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:89:97:91:65:b7:3f:b0:20:84:e4:78:25:0d: 09:4a:5d:0a:7c:eb:52:1f:a0:32:cc:dd:4d:be:4d: 50:9e:10:89:74:89:e2:a9:e0:06:af:3c:87:cf:f4: ce:93:69:8b:bc:40:60:df:54:ac:4b:54:6a:fb:0a: b9:97:62:b9:01:7c:b8:e6:9c:9c:dd:cb:76:d7:ca: 68:92:7b:41:a2:24:28:2b:42:b5:70:7c:b9:5e:36: fa:9d:bb:e8:b2:74:05:1e:3c:ec:0e:26:7d:98:a6: 8f:7f:4f:1e:c4:bd:dc:90:e5:be:d2:7f:fd:40:40: 8c:e2:11:04:5e:e3:8d:c2:45:a7:fe:08:13:ea:37: bc:6b:a3:a1:8b:3f:06:a1:24:3c:62:32:7d:7a:84: ed:94:85:35:51:7a:77:9d:b5:e5:32:59:01:c3:ff: aa:21:c1:9b:4c:1c:f7:33:63:10:7e:f7:9f:8b:02: 5d:40:bb:92:e1:71:a7:d3:06:1e:6c:28:91:11:f3: 42:b2:fe:75:27:bc:53:88:38:3d:bd:11:af:d7:9a: 38:00:e9:1a:fa:37:4e:b2:2d:0b:e7:2f:9d:3e:ba: ae:13:e0:a5:83:d9:0b:41:e9:63:2e:9f:ce:8e:39: 73:9f:d7:22:a1:ab:54:fc:e3:42:fb:c8:ef:9e:72: b4:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:3C:A8:AC:38:CE:59:E5:75:74:1F:14:E0:B1:29:62:97:F7:0B:23 X509v3 Authority Key Identifier: keyid:83:D3:98:6C:5C:BD:56:BD:0C:E9:03:D1:B5:1E:AD:65:D1:1D:33:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/83D3986C5CBD56BD0CE903D1B51EAD65D11D33A6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/83d0786d-3d3e-45b7-9665-8d474fd14aea/0/323430313a316430303a323a3a2f34382d3438203d3e203338353035.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:1d00:2::/48 Signature Algorithm: sha256WithRSAEncryption 35:3e:7c:ba:82:9a:83:4e:b1:7b:38:08:11:82:94:48:85:b0: 07:6a:7e:5f:25:9d:25:5e:1e:d8:16:2e:8a:a5:14:02:ff:b1: a9:9b:12:14:bf:c2:3e:f0:e2:d2:cc:4e:ff:db:10:30:c3:16: 9b:7a:c0:53:f2:11:79:3a:ae:3b:45:27:40:f0:78:f9:0f:b2: 01:4d:33:0a:b9:c1:32:53:3b:35:37:ae:87:13:82:3f:08:d8: 25:d6:e5:eb:3d:29:bf:b3:1c:0d:e9:16:78:6f:12:39:05:37: 80:d6:99:32:b4:f6:71:e7:ef:76:47:d5:46:75:43:f6:20:e4: 4a:97:8b:16:45:79:cf:7c:17:9c:2e:fd:2a:fa:95:df:d2:70: 91:be:6f:22:a6:af:59:f5:e0:94:fa:ae:bb:ef:b9:13:e5:eb: c1:0f:f3:16:ef:a1:f6:4e:07:8e:d5:66:49:16:81:4d:b2:c3: 1b:e0:ee:c2:38:f2:1a:d2:11:e1:50:df:d5:02:d7:66:31:75: 7f:9a:15:48:83:3b:f8:c6:b2:80:5b:9c:74:69:40:ed:a4:b7: 12:b3:25:1d:39:7c:45:5d:37:37:c1:b7:74:01:21:da:03:10: 43:a1:ee:ed:2f:b1:43:7a:78:28:81:83:d9:81:7d:23:ad:2e: 23:53:88:a9 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUTAie08LvrlQS4FFkjJ2ls4EKp4YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVE MTFEMzNBNjAeFw0yNTA2MDkxNjU1MDBaFw0yNjA2MDgxNzAwMDBaMDMxMTAvBgNV BAMTKEMzM0NBOEFDMzhDRTU5RTU3NTc0MUYxNEUwQjEyOTYyOTdGNzBCMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFiZeRZbc/sCCE5HglDQlKXQp8 61IfoDLM3U2+TVCeEIl0ieKp4AavPIfP9M6TaYu8QGDfVKxLVGr7CrmXYrkBfLjm nJzdy3bXymiSe0GiJCgrQrVwfLleNvqdu+iydAUePOwOJn2Ypo9/Tx7EvdyQ5b7S f/1AQIziEQRe443CRaf+CBPqN7xro6GLPwahJDxiMn16hO2UhTVRenedteUyWQHD /6ohwZtMHPczYxB+95+LAl1Au5LhcafTBh5sKJER80Ky/nUnvFOIOD29Ea/XmjgA 6Rr6N06yLQvnL50+uq4T4KWD2QtB6WMun86OOXOf1yKhq1T840L7yO+ecrSpAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUwzyorDjOWeV1dB8U4LEpYpf3CyMwHwYDVR0j BBgwFoAUg9OYbFy9Vr0M6QPRtR6tZdEdM6YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 M2QwNzg2ZC0zZDNlLTQ1YjctOTY2NS04ZDQ3NGZkMTRhZWEvMC84M0QzOTg2QzVD QkQ1NkJEMENFOTAzRDFCNTFFQUQ2NUQxMUQzM0E2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvODNEMzk4NkM1Q0JENTZCRDBDRTkwM0QxQjUxRUFENjVEMTFE MzNBNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzZDA3ODZkLTNkM2UtNDViNy05 NjY1LThkNDc0ZmQxNGFlYS8wLzMyMzQzMDMxM2EzMTY0MzAzMDNhMzIzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzUzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAEdAAACMA0G CSqGSIb3DQEBCwUAA4IBAQA1Pny6gpqDTrF7OAgRgpRIhbAHan5fJZ0lXh7YFi6K pRQC/7GpmxIUv8I+8OLSzE7/2xAwwxabesBT8hF5Oq47RSdA8Hj5D7IBTTMKucEy Uzs1N66HE4I/CNgl1uXrPSm/sxwN6RZ4bxI5BTeA1pkytPZx5+92R9VGdUP2IORK l4sWRXnPfBecLv0q+pXf0nCRvm8ipq9Z9eCU+q6777kT5evBD/MW76H2TgeO1WZJ FoFNssMb4O7COPIa0hHhUN/VAtdmMXV/mhVIgzv4xrKAW5x0aUDtpLcSsyUdOXxF XTc3wbd0ASHaAxBDoe7tL7FDengogYPZgX0jrS4jU4ip -----END CERTIFICATE-----Generated at Mon Jun 16 21:28:29 2025 by rpki-client