$ rpki-client -vvf repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/323430353a366463303a3a2f33322d3332203d3e20313339343237.roa File: 323430353a366463303a3a2f33322d3332203d3e20313339343237.roa (raw, json) Hash identifier: wF6dopi/8yFT5FMMEEtbalVZ2HlgmQH2NzcCqjkPo/A= Subject key identifier: B5:A7:2A:0B:D4:53:F4:BB:FF:B3:0F:EE:01:84:BB:06:66:47:19:40 Certificate issuer: /CN=8E3F7441403B9CDF2FD603CCBAF13D1671202D2D Certificate serial: 0612F546B87421837FDB3162BB4735AD5176C5DB Authority key identifier: 8E:3F:74:41:40:3B:9C:DF:2F:D6:03:CC:BA:F1:3D:16:71:20:2D:2D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/323430353a366463303a3a2f33322d3332203d3e20313339343237.roa Signing time: Fri 25 Apr 2025 18:00:00 +0000 ROA not before: Fri 25 Apr 2025 17:55:00 +0000 ROA not after: Fri 24 Apr 2026 18:00:00 +0000 asID: 139427 IP address blocks: 2405:6dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.crl rsync://repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 08:29:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:12:f5:46:b8:74:21:83:7f:db:31:62:bb:47:35:ad:51:76:c5:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8E3F7441403B9CDF2FD603CCBAF13D1671202D2D Validity Not Before: Apr 25 17:55:00 2025 GMT Not After : Apr 24 18:00:00 2026 GMT Subject: CN=B5A72A0BD453F4BBFFB30FEE0184BB0666471940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:6b:db:88:b3:f8:56:45:da:a7:41:f4:b2:2e: 19:f3:f0:36:5c:96:18:60:2e:97:46:19:a2:53:79: b0:55:3c:14:50:84:a7:be:33:18:67:8e:11:24:3e: 94:67:c6:22:b5:0c:3c:02:9c:dc:d0:a8:f7:99:9c: a9:3a:b9:fb:f4:a1:6e:81:4f:58:39:39:b2:15:e6: e4:30:82:8a:56:97:37:a3:10:2b:7c:ec:b2:3e:24: b7:30:63:41:55:ee:2f:d4:6e:06:75:e7:bf:b7:25: 7d:6e:96:02:76:98:24:a5:94:80:13:c9:ab:14:79: 7f:6d:a6:3e:08:4c:29:7b:f9:9a:64:21:a4:a0:cc: e0:f4:0c:db:98:a8:f9:06:53:92:bf:1f:13:b9:80: 56:6e:37:35:3c:93:9c:4a:24:69:2c:62:85:34:36: df:0a:54:4f:ee:a4:50:d3:51:59:26:48:26:fe:7c: d1:c3:7c:38:af:aa:0d:08:ca:e7:26:a4:8c:f7:29: 8f:be:c6:e1:00:d3:e3:68:c3:c6:7f:26:f9:2e:12: ba:44:85:f3:83:cc:e0:73:18:e1:2f:c3:f0:54:03: d3:21:ec:0e:b6:5b:0f:86:94:65:b8:0f:67:d9:75: eb:e6:93:0d:61:e2:10:7a:7b:05:31:b1:a3:dc:29: 50:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:A7:2A:0B:D4:53:F4:BB:FF:B3:0F:EE:01:84:BB:06:66:47:19:40 X509v3 Authority Key Identifier: keyid:8E:3F:74:41:40:3B:9C:DF:2F:D6:03:CC:BA:F1:3D:16:71:20:2D:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8E3F7441403B9CDF2FD603CCBAF13D1671202D2D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aa914ada-a9aa-4d7f-9e47-594bcb7a70ab/0/323430353a366463303a3a2f33322d3332203d3e20313339343237.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:6dc0::/32 Signature Algorithm: sha256WithRSAEncryption 20:74:92:54:6a:f9:eb:32:0a:8e:c3:fe:7c:79:07:af:f5:65: 65:ef:89:a5:28:64:e0:f0:a2:9d:e0:1d:8e:09:e9:ab:c2:aa: 80:9a:34:c5:8a:0e:b4:d1:5b:f5:5a:a5:fb:11:04:dd:4b:9a: ab:fe:52:16:da:53:e2:b9:d6:64:d3:17:d6:03:10:bb:f6:4c: 5c:8a:d7:46:73:ca:df:a2:13:7a:82:60:e6:9b:1a:b3:30:f9: 63:ea:fe:b7:95:d8:b7:ca:3c:06:5e:ba:d0:1b:7b:ab:f0:01: 65:ab:63:43:a9:f3:71:96:5d:f5:77:cb:6d:ce:32:7a:5e:b3: 99:dc:a9:e0:9e:06:37:c4:06:e1:43:a9:8a:be:50:9c:cb:62: d8:49:5a:ae:04:f0:35:4f:ca:c8:5d:52:a8:a2:1b:eb:c8:21: 89:89:a3:1a:fc:10:72:aa:e6:65:97:d8:8e:a3:e8:d1:b3:22: 2f:3d:a3:a8:7f:38:82:24:b6:04:f8:f5:e7:f8:35:c0:8c:44: a1:3c:97:3c:4e:a8:73:1e:b5:f1:a2:e2:52:67:0e:77:de:5e: 1c:ee:d9:2a:c0:1d:d1:3f:e9:01:d8:cd:ff:85:00:e8:5f:12: 5d:19:3f:62:50:73:be:3a:8f:5f:11:44:fe:aa:0e:0c:56:3b: be:57:1f:48 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUBhL1Rrh0IYN/2zFiu0c1rVF2xdswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEUzRjc0NDE0MDNCOUNERjJGRDYwM0NDQkFGMTNEMTY3 MTIwMkQyRDAeFw0yNTA0MjUxNzU1MDBaFw0yNjA0MjQxODAwMDBaMDMxMTAvBgNV BAMTKEI1QTcyQTBCRDQ1M0Y0QkJGRkIzMEZFRTAxODRCQjA2NjY0NzE5NDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQa9uIs/hWRdqnQfSyLhnz8DZc lhhgLpdGGaJTebBVPBRQhKe+MxhnjhEkPpRnxiK1DDwCnNzQqPeZnKk6ufv0oW6B T1g5ObIV5uQwgopWlzejECt87LI+JLcwY0FV7i/UbgZ157+3JX1ulgJ2mCSllIAT yasUeX9tpj4ITCl7+ZpkIaSgzOD0DNuYqPkGU5K/HxO5gFZuNzU8k5xKJGksYoU0 Nt8KVE/upFDTUVkmSCb+fNHDfDivqg0IyucmpIz3KY++xuEA0+Now8Z/JvkuErpE hfODzOBzGOEvw/BUA9Mh7A62Ww+GlGW4D2fZdevmkw1h4hB6ewUxsaPcKVDTAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUtacqC9RT9Lv/sw/uAYS7BmZHGUAwHwYDVR0j BBgwFoAUjj90QUA7nN8v1gPMuvE9FnEgLS0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h YTkxNGFkYS1hOWFhLTRkN2YtOWU0Ny01OTRiY2I3YTcwYWIvMC84RTNGNzQ0MTQw M0I5Q0RGMkZENjAzQ0NCQUYxM0QxNjcxMjAyRDJELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOEUzRjc0NDE0MDNCOUNERjJGRDYwM0NDQkFGMTNEMTY3MTIw MkQyRC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FhOTE0YWRhLWE5YWEtNGQ3Zi05 ZTQ3LTU5NGJjYjdhNzBhYi8wLzMyMzQzMDM1M2EzNjY0NjMzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzMzOTM0MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQFbcAwDQYJKoZI hvcNAQELBQADggEBACB0klRq+esyCo7D/nx5B6/1ZWXviaUoZODwop3gHY4J6avC qoCaNMWKDrTRW/VapfsRBN1Lmqv+UhbaU+K51mTTF9YDELv2TFyK10Zzyt+iE3qC YOabGrMw+WPq/reV2LfKPAZeutAbe6vwAWWrY0Op83GWXfV3y23OMnpes5ncqeCe BjfEBuFDqYq+UJzLYthJWq4E8DVPyshdUqiiG+vIIYmJoxr8EHKq5mWX2I6j6NGz Ii89o6h/OIIktgT49ef4NcCMRKE8lzxOqHMetfGi4lJnDnfeXhzu2SrAHdE/6QHY zf+FAOhfEl0ZP2JQc746j18RRP6qDgxWO75XH0g= -----END CERTIFICATE-----Generated at Wed Apr 30 08:22:56 2025 by rpki-client