$ rpki-client -vvf repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a363a3a2f34382d3438203d3e20313437313337.roa File: 323430303a343661303a363a3a2f34382d3438203d3e20313437313337.roa (raw, json) Hash identifier: 0k545OOwyj9NvbehxX+QV0g5xQmQQnbTNP95f97h71M= Subject key identifier: A5:FA:34:7A:97:8B:D3:51:43:1E:6C:68:75:1B:34:5A:58:92:67:61 Certificate issuer: /CN=9A52B6405ED406A7B17C4478D516DF3E37282980 Certificate serial: 7D7A488A2AB8913519377D8C10727730B7E83FBF Authority key identifier: 9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a363a3a2f34382d3438203d3e20313437313337.roa Signing time: Thu 10 Jul 2025 20:00:02 +0000 ROA not before: Thu 10 Jul 2025 19:55:02 +0000 ROA not after: Thu 09 Jul 2026 20:00:02 +0000 asID: 147137 IP address blocks: 2400:46a0:6::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 11:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:7a:48:8a:2a:b8:91:35:19:37:7d:8c:10:72:77:30:b7:e8:3f:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9A52B6405ED406A7B17C4478D516DF3E37282980 Validity Not Before: Jul 10 19:55:02 2025 GMT Not After : Jul 9 20:00:02 2026 GMT Subject: CN=A5FA347A978BD351431E6C68751B345A58926761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:6f:d5:e5:20:fa:fb:e6:e7:de:46:8f:bd:5f: 5b:48:04:54:4e:11:54:d5:e9:1a:df:38:d9:40:4b: fa:1c:86:16:20:93:42:9a:bf:83:18:6f:e5:38:45: 00:43:55:0f:d3:86:e1:f2:ea:b2:c7:43:72:91:30: 06:4c:bc:25:06:b9:25:fc:3b:0a:58:ee:04:17:65: 21:03:ba:ae:f1:29:4d:11:a9:17:2e:5f:3a:62:fe: 76:e0:a9:fd:7a:60:82:a2:8e:d0:dd:c9:7d:39:b5: 89:4b:14:7c:19:9f:d8:72:bb:4a:36:8a:ca:3e:f5: 26:95:51:5d:e4:7d:3b:bc:0b:06:d4:9b:f8:0c:64: 8d:db:3c:e2:2c:5a:8f:06:b9:35:36:02:bd:b6:38: 35:d4:be:3e:64:85:46:96:e2:14:b9:21:87:f3:fc: 0f:30:f9:67:92:e6:64:1c:77:9b:2f:68:03:ac:a2: 2b:09:ee:03:e4:14:90:c3:a4:04:99:36:92:ac:2a: bb:dc:a9:ae:94:42:db:14:9d:4c:ac:68:e5:e9:db: a7:33:84:3c:01:02:7a:a7:08:91:ff:e9:30:0c:47: 8b:bc:6c:44:19:e2:e9:38:f4:9f:b9:39:87:55:d3: 5e:85:d1:d7:33:71:10:d4:34:bd:87:85:17:14:be: 5c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:FA:34:7A:97:8B:D3:51:43:1E:6C:68:75:1B:34:5A:58:92:67:61 X509v3 Authority Key Identifier: keyid:9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a363a3a2f34382d3438203d3e20313437313337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:46a0:6::/48 Signature Algorithm: sha256WithRSAEncryption 2b:a3:e9:de:7a:76:55:84:59:e0:ca:75:cb:bc:2a:9c:cf:d4: 62:13:31:ac:0d:72:98:ca:bf:ed:aa:46:f7:d9:b7:82:c7:94: de:78:f9:80:38:0d:7d:8d:ce:85:37:aa:96:ed:e9:ae:f0:ed: d6:f8:29:f6:bf:f1:cb:62:0d:28:71:08:3e:b6:79:a6:0b:45: 19:36:7c:ad:14:13:c8:cc:5d:e3:4e:f5:af:88:77:8d:4b:56: 9c:9a:98:db:7a:c1:c6:e0:45:91:da:42:34:15:fc:3f:63:87: 57:8e:c8:75:7b:8d:bf:82:92:51:00:25:f5:26:7a:cf:26:2e: 3b:82:35:6b:b0:ab:97:9b:9b:03:d7:19:b0:81:cb:68:b0:67: 43:98:4a:26:ea:9c:98:47:e0:88:3a:db:82:41:77:ed:f5:cd: e6:18:32:d3:72:da:3d:c7:e3:cd:a2:bd:c2:d8:47:a6:66:dc: ab:23:22:58:3d:76:f7:b8:8e:dc:d3:a5:7d:1f:10:ae:49:4e: 07:cf:88:92:e5:06:3c:11:63:dd:4e:fb:1d:7b:16:0d:62:f5: d1:60:6b:aa:6c:9b:77:ad:53:27:6f:bd:be:36:b7:d8:61:0d: d8:7e:7b:97:73:f9:5e:30:a2:af:3f:d4:13:02:a3:e2:f4:bc: d7:4a:d1:2e -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUfXpIiiq4kTUZN32MEHJ3MLfoP78wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0Uz NzI4Mjk4MDAeFw0yNTA3MTAxOTU1MDJaFw0yNjA3MDkyMDAwMDJaMDMxMTAvBgNV BAMTKEE1RkEzNDdBOTc4QkQzNTE0MzFFNkM2ODc1MUIzNDVBNTg5MjY3NjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsb9XlIPr75ufeRo+9X1tIBFRO EVTV6RrfONlAS/ochhYgk0Kav4MYb+U4RQBDVQ/ThuHy6rLHQ3KRMAZMvCUGuSX8 OwpY7gQXZSEDuq7xKU0RqRcuXzpi/nbgqf16YIKijtDdyX05tYlLFHwZn9hyu0o2 iso+9SaVUV3kfTu8CwbUm/gMZI3bPOIsWo8GuTU2Ar22ODXUvj5khUaW4hS5IYfz /A8w+WeS5mQcd5svaAOsoisJ7gPkFJDDpASZNpKsKrvcqa6UQtsUnUysaOXp26cz hDwBAnqnCJH/6TAMR4u8bEQZ4uk49J+5OYdV016F0dczcRDUNL2HhRcUvlx1AgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUpfo0epeL01FDHmxodRs0WliSZ2EwHwYDVR0j BBgwFoAUmlK2QF7UBqexfER41RbfPjcoKYAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YTY2NWMzMi02ZGFmLTQ3MmItYmNlNi0zMTdkNWQ2Yzc4OWUvMC85QTUyQjY0MDVF RDQwNkE3QjE3QzQ0NzhENTE2REYzRTM3MjgyOTgwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0UzNzI4 Mjk4MC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNjY1YzMyLTZkYWYtNDcyYi1i Y2U2LTMxN2Q1ZDZjNzg5ZS8wLzMyMzQzMDMwM2EzNDM2NjEzMDNhMzYzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMTM0MzczMTMzMzcucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAEagAAYw DQYJKoZIhvcNAQELBQADggEBACuj6d56dlWEWeDKdcu8KpzP1GITMawNcpjKv+2q RvfZt4LHlN54+YA4DX2NzoU3qpbt6a7w7db4Kfa/8ctiDShxCD62eaYLRRk2fK0U E8jMXeNO9a+Id41LVpyamNt6wcbgRZHaQjQV/D9jh1eOyHV7jb+CklEAJfUmes8m LjuCNWuwq5ebmwPXGbCBy2iwZ0OYSibqnJhH4Ig624JBd+31zeYYMtNy2j3H482i vcLYR6Zm3KsjIlg9dve4jtzTpX0fEK5JTgfPiJLlBjwRY91O+x17Fg1i9dFga6ps m3etUydvvb42t9hhDdh+e5dz+V4woq8/1BMCo+L0vNdK0S4= -----END CERTIFICATE-----Generated at Wed Jul 23 12:17:24 2025 by rpki-client