$ rpki-client -vvf repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a393a3a2f34382d3438203d3e20313437313337.roa File: 323430303a343661303a393a3a2f34382d3438203d3e20313437313337.roa (raw, json) Hash identifier: UbfbQp2UJcWdUXOg3yUdX64d8tTRpxRLmsAiq/gQPtk= Subject key identifier: 4D:60:3D:97:E6:13:76:E0:09:FB:69:56:BB:C5:0E:B5:76:E4:83:71 Certificate issuer: /CN=9A52B6405ED406A7B17C4478D516DF3E37282980 Certificate serial: 5C1D02F4E27D114099FE42D4FA1CE4CF0356DAFD Authority key identifier: 9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a393a3a2f34382d3438203d3e20313437313337.roa Signing time: Thu 10 Jul 2025 20:00:03 +0000 ROA not before: Thu 10 Jul 2025 19:55:03 +0000 ROA not after: Thu 09 Jul 2026 20:00:03 +0000 asID: 147137 IP address blocks: 2400:46a0:9::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 11:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:1d:02:f4:e2:7d:11:40:99:fe:42:d4:fa:1c:e4:cf:03:56:da:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9A52B6405ED406A7B17C4478D516DF3E37282980 Validity Not Before: Jul 10 19:55:03 2025 GMT Not After : Jul 9 20:00:03 2026 GMT Subject: CN=4D603D97E61376E009FB6956BBC50EB576E48371 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c2:0c:84:8e:77:e4:d6:25:0f:52:f7:15:f0: e1:76:a8:1c:09:e1:81:1b:12:8d:cd:9f:b3:83:bb: e4:8d:36:5a:1f:cc:39:c9:8c:a0:ca:59:46:14:c2: 8b:92:3d:0b:f1:9c:ba:90:39:b0:b1:fc:d3:cc:52: cf:7b:69:fb:6c:d3:15:9b:22:d5:8b:5b:b5:28:80: 0a:0a:cb:30:46:73:15:ad:94:b9:e6:dd:54:e9:99: 32:01:6d:9b:3d:49:0f:6e:6b:48:f1:59:8d:36:09: 1f:92:96:d2:6f:82:b6:ed:59:b5:20:73:c7:f6:d2: b4:84:53:b2:99:6d:62:42:41:4e:59:f1:72:01:1d: 26:8f:30:19:7c:5a:52:e9:ef:9e:5a:df:d0:d7:20: 56:9e:3f:bf:89:96:65:42:9f:5f:e4:3e:4f:44:be: 16:0b:19:18:e7:e8:93:e8:4e:0d:bb:4c:dc:be:43: 56:ea:e0:b7:b9:fa:11:f1:0a:06:49:3b:01:51:ad: 6a:40:08:0a:71:a1:17:1d:fb:37:e7:af:e4:81:ee: 00:a1:94:b1:ac:11:58:53:6a:d7:63:db:c1:87:0d: bb:b4:d2:4f:d9:df:dc:eb:d3:6f:f5:89:c5:3a:7c: e5:a0:b4:22:43:72:1b:0b:da:91:ff:3a:3b:e4:e8: ce:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:60:3D:97:E6:13:76:E0:09:FB:69:56:BB:C5:0E:B5:76:E4:83:71 X509v3 Authority Key Identifier: keyid:9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a393a3a2f34382d3438203d3e20313437313337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:46a0:9::/48 Signature Algorithm: sha256WithRSAEncryption 8c:f6:cc:25:29:4e:24:65:b7:a2:ad:a4:62:09:29:79:bf:e9: 9e:24:48:7e:c8:be:81:73:1f:fd:71:f9:ac:32:6f:f1:15:a7: d1:ed:51:bd:67:8b:56:63:62:14:09:a4:f7:80:68:f7:b7:16: ca:ba:e4:e6:07:bc:28:3a:4f:6e:a9:1f:61:ad:df:18:9a:62: bc:f0:29:f5:30:68:be:5a:89:4a:59:db:86:fc:41:84:40:b9: c0:df:68:34:59:ba:5f:80:08:1b:a1:90:83:df:4a:52:27:a3: 9b:8e:fb:14:27:c2:d2:3b:14:09:40:d9:97:93:a4:2d:1d:80: 64:32:cb:a5:ef:87:c0:5d:88:ed:3a:13:ff:d6:eb:54:a0:d9: 0d:04:a8:74:11:62:8f:7b:2e:6b:80:dd:0b:7d:63:a0:48:9f: b9:97:ad:64:30:04:4c:e7:9c:2f:b5:c4:7c:50:4b:03:6d:f0: a0:24:24:c5:15:17:0d:aa:17:d6:87:9b:b7:a6:c2:7f:11:f9: 1c:1f:35:ee:9d:de:91:34:4b:0e:fd:62:cb:4a:c2:c7:f1:7a: 82:24:82:77:42:3b:7e:48:52:ba:ef:dd:8f:7c:aa:95:e5:d5: 79:3b:4f:04:c0:92:62:2b:50:53:c2:4f:7c:21:68:03:44:5b: 66:71:c6:3b -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUXB0C9OJ9EUCZ/kLU+hzkzwNW2v0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0Uz NzI4Mjk4MDAeFw0yNTA3MTAxOTU1MDNaFw0yNjA3MDkyMDAwMDNaMDMxMTAvBgNV BAMTKDRENjAzRDk3RTYxMzc2RTAwOUZCNjk1NkJCQzUwRUI1NzZFNDgzNzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNwgyEjnfk1iUPUvcV8OF2qBwJ 4YEbEo3Nn7ODu+SNNlofzDnJjKDKWUYUwouSPQvxnLqQObCx/NPMUs97afts0xWb ItWLW7UogAoKyzBGcxWtlLnm3VTpmTIBbZs9SQ9ua0jxWY02CR+SltJvgrbtWbUg c8f20rSEU7KZbWJCQU5Z8XIBHSaPMBl8WlLp755a39DXIFaeP7+JlmVCn1/kPk9E vhYLGRjn6JPoTg27TNy+Q1bq4Le5+hHxCgZJOwFRrWpACApxoRcd+zfnr+SB7gCh lLGsEVhTatdj28GHDbu00k/Z39zr02/1icU6fOWgtCJDchsL2pH/Ojvk6M4HAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUTWA9l+YTduAJ+2lWu8UOtXbkg3EwHwYDVR0j BBgwFoAUmlK2QF7UBqexfER41RbfPjcoKYAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z YTY2NWMzMi02ZGFmLTQ3MmItYmNlNi0zMTdkNWQ2Yzc4OWUvMC85QTUyQjY0MDVF RDQwNkE3QjE3QzQ0NzhENTE2REYzRTM3MjgyOTgwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0UzNzI4 Mjk4MC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNjY1YzMyLTZkYWYtNDcyYi1i Y2U2LTMxN2Q1ZDZjNzg5ZS8wLzMyMzQzMDMwM2EzNDM2NjEzMDNhMzkzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMTM0MzczMTMzMzcucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAEagAAkw DQYJKoZIhvcNAQELBQADggEBAIz2zCUpTiRlt6KtpGIJKXm/6Z4kSH7IvoFzH/1x +awyb/EVp9HtUb1ni1ZjYhQJpPeAaPe3Fsq65OYHvCg6T26pH2Gt3xiaYrzwKfUw aL5aiUpZ24b8QYRAucDfaDRZul+ACBuhkIPfSlIno5uO+xQnwtI7FAlA2ZeTpC0d gGQyy6Xvh8BdiO06E//W61Sg2Q0EqHQRYo97LmuA3Qt9Y6BIn7mXrWQwBEznnC+1 xHxQSwNt8KAkJMUVFw2qF9aHm7emwn8R+RwfNe6d3pE0Sw79YstKwsfxeoIkgndC O35IUrrv3Y98qpXl1Xk7TwTAkmIrUFPCT3whaANEW2Zxxjs= -----END CERTIFICATE-----Generated at Wed Jul 23 12:17:31 2025 by rpki-client