$ rpki-client -vvf rpki.owl.net/rrdp/owl/0/323430333a666263303a3a2f33322d3438203d3e2033323538.roa File: 323430333a666263303a3a2f33322d3438203d3e2033323538.roa (raw, json) Hash identifier: tXrN0zoKF82QapDtfGgfQ/sKCgpFN3PcfxbF24KevGM= Subject key identifier: DC:B5:5E:67:36:AA:61:46:82:2E:16:0A:31:AD:2C:B5:30:81:0D:83 Certificate issuer: /CN=A91FA6830000/serialNumber=34071A863A3C6EF2DD36795F45540E2FB68950A0 Certificate serial: 3B81D90F4E26882343203A268B64E6E327D0BCCB Authority key identifier: 34:07:1A:86:3A:3C:6E:F2:DD:36:79:5F:45:54:0E:2F:B6:89:50:A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAcahjo8bvLdNnlfRVQOL7aJUKA.cer Subject info access: rsync://rpki.owl.net/rrdp/owl/0/323430333a666263303a3a2f33322d3438203d3e2033323538.roa Signing time: Fri 11 Apr 2025 09:35:12 +0000 ROA not before: Fri 11 Apr 2025 09:30:12 +0000 ROA not after: Fri 10 Apr 2026 09:35:12 +0000 asID: 3258 IP address blocks: 2403:fbc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.owl.net/rrdp/owl/0/34071A863A3C6EF2DD36795F45540E2FB68950A0.crl rsync://rpki.owl.net/rrdp/owl/0/34071A863A3C6EF2DD36795F45540E2FB68950A0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAcahjo8bvLdNnlfRVQOL7aJUKA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 23:20:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:81:d9:0f:4e:26:88:23:43:20:3a:26:8b:64:e6:e3:27:d0:bc:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA6830000, serialNumber=34071A863A3C6EF2DD36795F45540E2FB68950A0 Validity Not Before: Apr 11 09:30:12 2025 GMT Not After : Apr 10 09:35:12 2026 GMT Subject: CN=DCB55E6736AA6146822E160A31AD2CB530810D83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:2f:36:cd:b2:dd:15:5d:b7:46:4c:f4:ea:1d: b5:67:6f:6a:dd:4d:f1:34:bf:c9:ce:7f:2f:0b:52: eb:13:df:5d:c8:dd:fc:82:40:9e:0e:19:b9:66:ae: 3d:e2:7d:c6:04:89:68:60:1d:e8:2c:a2:46:ff:4f: da:eb:09:10:91:3d:a3:a8:ed:0d:3f:b3:0c:8a:fb: 54:f3:f9:6a:82:f0:33:a8:94:8b:79:22:1a:83:94: 0a:62:de:90:c0:eb:cb:22:a1:c5:56:7a:49:92:3e: 9e:74:92:a6:68:df:1d:ab:23:d6:8b:9e:a9:29:8e: 87:bd:af:68:d0:b3:b4:31:e2:da:b2:e0:63:57:b8: 85:82:a6:4d:87:06:cd:4c:d7:4c:0f:54:bb:3e:68: f9:f7:84:6d:91:54:14:03:de:90:9c:40:31:76:f5: 67:e5:a8:ba:2c:76:43:98:24:71:82:52:3c:0d:6e: 55:4e:7e:1d:14:31:b4:e0:ae:fc:74:2b:9e:06:58: 8b:e5:90:d0:9e:c3:de:f6:1b:31:a1:ca:5f:31:87: 1a:95:58:db:42:3b:be:88:40:c1:0d:3c:91:05:85: 5e:1d:12:95:0a:0f:16:c8:38:8c:b1:ef:17:2b:04: 69:ef:a3:41:60:a0:77:19:4a:f1:23:d2:a6:38:06: b2:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:B5:5E:67:36:AA:61:46:82:2E:16:0A:31:AD:2C:B5:30:81:0D:83 X509v3 Authority Key Identifier: keyid:34:07:1A:86:3A:3C:6E:F2:DD:36:79:5F:45:54:0E:2F:B6:89:50:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.owl.net/rrdp/owl/0/34071A863A3C6EF2DD36795F45540E2FB68950A0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAcahjo8bvLdNnlfRVQOL7aJUKA.cer Subject Information Access: Signed Object - URI:rsync://rpki.owl.net/rrdp/owl/0/323430333a666263303a3a2f33322d3438203d3e2033323538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:fbc0::/32 Signature Algorithm: sha256WithRSAEncryption 1f:7d:48:5c:63:a9:62:1a:09:3e:10:ba:66:5c:3b:ec:d6:4a: 30:1e:ee:31:7a:93:87:53:ce:a1:e4:fc:18:52:34:48:dc:70: b5:af:8e:21:ab:31:9b:86:3b:cf:d0:46:db:48:c5:a9:de:dd: 16:59:aa:6a:0d:37:4a:c6:17:2e:34:5b:5b:9b:91:97:89:b0: 51:4d:38:7f:7f:12:94:7b:66:25:ee:a3:a2:6b:63:09:c5:69: 5b:e9:a9:30:6f:4a:85:f6:93:f0:24:7a:25:26:11:fc:4b:ba: 1c:40:e8:f4:a8:65:3c:1f:8d:60:88:61:d3:01:87:8d:72:a7: a8:a7:b1:a9:ef:74:d4:93:c7:bc:ae:fc:b0:e1:09:51:fa:f8: 1d:ba:31:42:9c:09:bf:0d:8a:f8:7b:dd:fc:04:23:21:45:e8: cd:73:2d:40:01:bc:bb:df:57:9e:e6:3d:11:77:de:7b:02:32: 4f:2c:50:b8:cc:e0:24:06:f6:7c:ed:62:5a:b0:9d:e6:79:fd: b7:66:9f:5d:e8:55:4b:bf:62:27:dd:5d:46:df:cf:a2:1d:28: 4a:ff:d4:95:3c:77:47:3e:4a:61:03:24:2a:e7:5b:cf:1b:9b: ec:46:74:6d:2f:b6:fc:9b:a9:df:7f:27:41:0d:e3:43:c3:65: e4:3f:21:44 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIUO4HZD04miCNDIDomi2Tm4yfQvMswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRkE2ODMwMDAwMTEwLwYDVQQFEygzNDA3MUE4NjNB M0M2RUYyREQzNjc5NUY0NTU0MEUyRkI2ODk1MEEwMB4XDTI1MDQxMTA5MzAxMloX DTI2MDQxMDA5MzUxMlowMzExMC8GA1UEAxMoRENCNTVFNjczNkFBNjE0NjgyMkUx NjBBMzFBRDJDQjUzMDgxMEQ4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKovNs2y3RVdt0ZM9OodtWdvat1N8TS/yc5/LwtS6xPfXcjd/IJAng4ZuWau PeJ9xgSJaGAd6CyiRv9P2usJEJE9o6jtDT+zDIr7VPP5aoLwM6iUi3kiGoOUCmLe kMDryyKhxVZ6SZI+nnSSpmjfHasj1oueqSmOh72vaNCztDHi2rLgY1e4hYKmTYcG zUzXTA9Uuz5o+feEbZFUFAPekJxAMXb1Z+Wouix2Q5gkcYJSPA1uVU5+HRQxtOCu /HQrngZYi+WQ0J7D3vYbMaHKXzGHGpVY20I7vohAwQ08kQWFXh0SlQoPFsg4jLHv FysEae+jQWCgdxlK8SPSpjgGsu0CAwEAAaOCAeMwggHfMB0GA1UdDgQWBBTctV5n NqphRoIuFgoxrSy1MIENgzAfBgNVHSMEGDAWgBQ0BxqGOjxu8t02eV9FVA4vtolQ oDAOBgNVHQ8BAf8EBAMCB4AwXQYDVR0fBFYwVDBSoFCgToZMcnN5bmM6Ly9ycGtp Lm93bC5uZXQvcnJkcC9vd2wvMC8zNDA3MUE4NjNBM0M2RUYyREQzNjc5NUY0NTU0 MEUyRkI2ODk1MEEwLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJz eW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUy QkI0NjhGN0M3MkZEMUZGMi9OQWNhaGpvOGJ2TGRObmxmUlZRT0w3YUpVS0EuY2Vy MHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9ycGtpLm93bC5u ZXQvcnJkcC9vd2wvMC8zMjM0MzAzMzNhNjY2MjYzMzAzYTNhMmYzMzMyMmQzNDM4 MjAzZDNlMjAzMzMyMzUzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQD+8AwDQYJKoZIhvcNAQELBQAD ggEBAB99SFxjqWIaCT4QumZcO+zWSjAe7jF6k4dTzqHk/BhSNEjccLWvjiGrMZuG O8/QRttIxane3RZZqmoNN0rGFy40W1ubkZeJsFFNOH9/EpR7ZiXuo6JrYwnFaVvp qTBvSoX2k/AkeiUmEfxLuhxA6PSoZTwfjWCIYdMBh41yp6insanvdNSTx7yu/LDh CVH6+B26MUKcCb8Nivh73fwEIyFF6M1zLUABvLvfV57mPRF33nsCMk8sULjM4CQG 9nztYlqwneZ5/bdmn13oVUu/YifdXUbfz6IdKEr/1JU8d0c+SmEDJCrnW88bm+xG dG0vtvybqd9/J0EN40PDZeQ/IUQ= -----END CERTIFICATE-----Generated at Sat Apr 26 08:02:25 2025 by rpki-client