$ rpki-client -vvf repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/323030313a6466343a386534303a3a2f34382d3438203d3e20313533313530.roa File: 323030313a6466343a386534303a3a2f34382d3438203d3e20313533313530.roa (raw, json) Hash identifier: VpLoaUpt0yVfGQxrRTavIki8YrtUgZnpRbQuyi6BNMU= Subject key identifier: AD:A9:BC:E3:FC:A8:9C:1E:59:08:DC:4D:55:FC:E2:01:60:E0:57:AC Certificate issuer: /CN=09E4737CEE36CCCE6819F704F9A924E3B310A5E2 Certificate serial: 3E57EAFEB6D52870F6CA74418E402B3BCE2E6B36 Authority key identifier: 09:E4:73:7C:EE:36:CC:CE:68:19:F7:04:F9:A9:24:E3:B3:10:A5:E2 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.cer Subject info access: rsync://repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/323030313a6466343a386534303a3a2f34382d3438203d3e20313533313530.roa Signing time: Tue 28 Oct 2025 04:00:00 +0000 ROA not before: Tue 28 Oct 2025 03:55:00 +0000 ROA not after: Tue 27 Oct 2026 04:00:00 +0000 asID: 153150 IP address blocks: 2001:df4:8e40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.crl rsync://repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 13:33:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:57:ea:fe:b6:d5:28:70:f6:ca:74:41:8e:40:2b:3b:ce:2e:6b:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=09E4737CEE36CCCE6819F704F9A924E3B310A5E2 Validity Not Before: Oct 28 03:55:00 2025 GMT Not After : Oct 27 04:00:00 2026 GMT Subject: CN=ADA9BCE3FCA89C1E5908DC4D55FCE20160E057AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:30:51:a8:34:47:d0:23:3c:88:b5:0c:87:38: 54:0a:fe:33:ff:a5:cb:f8:48:cb:14:0b:b2:e0:f4: 7d:6a:4a:cf:a7:23:89:7e:c6:05:5c:74:74:e0:91: 0d:52:e5:d1:6d:e8:bd:d5:ca:80:20:f2:23:ca:ce: ba:0c:ed:5a:a7:f8:63:81:bf:f1:9c:b5:82:ad:b4: 3e:3d:cb:12:2a:bf:6d:57:f8:bc:f6:6b:b0:fe:3b: 66:d5:62:93:7f:6f:cf:b4:93:64:9c:95:55:86:a2: 32:ba:81:ff:e7:b7:ff:cc:6d:85:f1:43:63:b4:ff: 93:aa:3e:c2:3d:1c:99:43:12:37:52:15:06:b5:2a: 05:91:be:0d:48:90:de:bd:39:99:76:3b:29:96:29: 85:07:8a:93:65:77:ea:08:dd:4f:f5:58:30:69:fe: ab:d6:38:0a:ef:dd:58:a7:55:9e:18:4a:e2:6b:fa: 6e:dd:9d:87:3b:54:b3:17:65:ce:f1:9c:4b:40:aa: b1:44:71:e3:35:95:87:ab:7e:5a:d8:9b:03:d8:b6: 3f:03:14:66:f0:bf:07:e6:63:47:42:c4:08:ea:db: 05:86:24:ee:89:d1:f7:50:fb:f1:f1:7f:ac:eb:98: b8:7a:5e:98:86:a4:8a:cb:b3:45:49:d6:d6:9e:e0: 9a:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:A9:BC:E3:FC:A8:9C:1E:59:08:DC:4D:55:FC:E2:01:60:E0:57:AC X509v3 Authority Key Identifier: keyid:09:E4:73:7C:EE:36:CC:CE:68:19:F7:04:F9:A9:24:E3:B3:10:A5:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/09E4737CEE36CCCE6819F704F9A924E3B310A5E2.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/959612a2-4433-42b9-8f4f-b847776acafd/1/323030313a6466343a386534303a3a2f34382d3438203d3e20313533313530.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:8e40::/48 Signature Algorithm: sha256WithRSAEncryption 57:4e:87:df:e5:c7:61:01:b0:a5:1e:ef:56:07:17:45:87:22: 38:fa:ab:f0:76:24:9e:a7:f6:99:ed:6e:12:30:a4:73:60:ea: 0b:80:73:65:d3:4d:60:e5:13:94:ef:83:63:ef:d3:99:60:1a: 86:52:44:14:99:21:f7:41:a3:8a:8e:4b:66:92:fd:40:0c:90: 01:30:a9:48:b4:67:0e:04:8b:db:a7:ef:8b:b7:14:8f:d3:5b: 84:83:ba:16:27:d9:d8:46:ad:1a:41:c0:32:4f:72:9e:b7:3f: 1a:e2:82:2c:1f:cb:67:8b:fd:d0:3f:d3:9a:2b:ae:c7:07:13: 29:16:27:91:a5:15:69:b4:e2:d3:9a:f3:d2:45:84:f3:e6:f3: cc:96:32:6a:dd:08:5b:96:f5:63:9a:12:00:7e:7a:e7:6e:49: 7f:1d:4f:8d:42:e7:2d:6f:d6:4e:64:d3:10:34:9e:1a:eb:87: b0:8f:9f:16:9a:71:8b:11:78:3a:8e:9e:b9:3b:36:e6:e3:79: c5:74:6a:34:11:46:04:6c:f5:0a:09:8a:cb:4f:eb:79:2c:7a: 44:39:5c:53:ee:b4:13:0d:ba:6f:3f:14:c1:fc:ec:0c:fc:82: 11:c7:44:6c:bf:ad:c5:d5:8e:cf:74:be:29:9d:12:ed:03:79: 1c:6a:1e:71 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUPlfq/rbVKHD2ynRBjkArO84uazYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDlFNDczN0NFRTM2Q0NDRTY4MTlGNzA0RjlBOTI0RTNC MzEwQTVFMjAeFw0yNTEwMjgwMzU1MDBaFw0yNjEwMjcwNDAwMDBaMDMxMTAvBgNV BAMTKEFEQTlCQ0UzRkNBODlDMUU1OTA4REM0RDU1RkNFMjAxNjBFMDU3QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoMFGoNEfQIzyItQyHOFQK/jP/ pcv4SMsUC7Lg9H1qSs+nI4l+xgVcdHTgkQ1S5dFt6L3VyoAg8iPKzroM7Vqn+GOB v/GctYKttD49yxIqv21X+Lz2a7D+O2bVYpN/b8+0k2SclVWGojK6gf/nt//MbYXx Q2O0/5OqPsI9HJlDEjdSFQa1KgWRvg1IkN69OZl2OymWKYUHipNld+oI3U/1WDBp /qvWOArv3VinVZ4YSuJr+m7dnYc7VLMXZc7xnEtAqrFEceM1lYerflrYmwPYtj8D FGbwvwfmY0dCxAjq2wWGJO6J0fdQ+/Hxf6zrmLh6XpiGpIrLs0VJ1tae4JpRAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUram84/yonB5ZCNxNVfziAWDgV6wwHwYDVR0j BBgwFoAUCeRzfO42zM5oGfcE+akk47MQpeIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85 NTk2MTJhMi00NDMzLTQyYjktOGY0Zi1iODQ3Nzc2YWNhZmQvMS8wOUU0NzM3Q0VF MzZDQ0NFNjgxOUY3MDRGOUE5MjRFM0IzMTBBNUUyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvMDlFNDczN0NFRTM2Q0NDRTY4MTlGNzA0RjlBOTI0RTNCMzEw QTVFMi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk1OTYxMmEyLTQ0MzMtNDJiOS04 ZjRmLWI4NDc3NzZhY2FmZC8xLzMyMzAzMDMxM2E2NDY2MzQzYTM4NjUzNDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzEzNTMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9I5AMA0GCSqGSIb3DQEBCwUAA4IBAQBXToff5cdhAbClHu9WBxdFhyI4+qvwdiSe p/aZ7W4SMKRzYOoLgHNl001g5ROU74Nj79OZYBqGUkQUmSH3QaOKjktmkv1ADJAB MKlItGcOBIvbp++LtxSP01uEg7oWJ9nYRq0aQcAyT3Ketz8a4oIsH8tni/3QP9Oa K67HBxMpFieRpRVptOLTmvPSRYTz5vPMljJq3QhblvVjmhIAfnrnbkl/HU+NQuct b9ZOZNMQNJ4a64ewj58WmnGLEXg6jp65Ozbm43nFdGo0EUYEbPUKCYrLT+t5LHpE OVxT7rQTDbpvPxTB/OwM/IIRx0Rsv63F1Y7PdL4pnRLtA3kcah5x -----END CERTIFICATE-----Generated at Wed Nov 5 11:25:46 2025 by rpki-client