$ rpki-client -vvf repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232313a3a2f34382d3438203d3e20313339393730.roa File: 323430353a616163303a3232313a3a2f34382d3438203d3e20313339393730.roa (raw, json) Hash identifier: 4llT7hZB15Pi+P6opWsDeTzdqlEW5rvghBdJ0Bbu86c= Subject key identifier: 52:C4:F2:9D:8D:60:B2:2D:41:46:B4:21:06:FC:E3:7B:F0:F8:EC:40 Certificate issuer: /CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Certificate serial: 138D2F3BB94707218D5FF083EA43643F02B44E5A Authority key identifier: DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232313a3a2f34382d3438203d3e20313339393730.roa Signing time: Mon 07 Jul 2025 12:00:00 +0000 ROA not before: Mon 07 Jul 2025 11:55:00 +0000 ROA not after: Mon 06 Jul 2026 12:00:00 +0000 asID: 139970 IP address blocks: 2405:aac0:221::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 09:05:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:8d:2f:3b:b9:47:07:21:8d:5f:f0:83:ea:43:64:3f:02:b4:4e:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Validity Not Before: Jul 7 11:55:00 2025 GMT Not After : Jul 6 12:00:00 2026 GMT Subject: CN=52C4F29D8D60B22D4146B42106FCE37BF0F8EC40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:64:54:e0:c3:38:a2:d1:f0:e3:dd:2a:04:44: a8:bd:62:94:44:c4:d7:44:68:28:53:86:6c:3a:7b: 50:44:76:37:8c:90:c5:14:8e:70:2b:67:28:f2:db: 60:09:8e:40:41:8d:6b:a0:f5:d9:cb:cc:20:a5:be: 79:1c:15:cb:a5:2b:fd:2d:4e:46:c7:33:ad:c0:ed: 05:24:79:68:8f:56:33:18:2b:71:37:8c:1c:bb:92: 0c:e6:27:78:65:8f:c9:d8:4f:c4:bb:f3:87:5e:f6: fe:31:69:d9:1d:90:89:ed:14:f6:2d:b2:27:d6:1d: 03:61:d6:c7:7b:52:58:81:a3:ec:8d:4f:db:30:b0: 6e:47:f0:d4:1c:e1:a8:e7:3f:31:d7:f8:22:c4:4c: 70:4d:1d:b2:f5:e7:9b:55:f5:6d:6f:c1:2c:8d:a0: 4c:90:fe:d6:d5:56:31:f8:60:2d:14:9d:0a:4d:dc: 6f:eb:9b:35:9d:6d:cc:88:dd:63:f7:60:e6:d8:db: 99:12:77:2a:34:64:f3:88:82:c3:f0:27:d8:d8:c5: 1e:68:36:38:27:44:75:a5:1f:7b:4c:7d:fc:b8:8c: 9f:6a:60:0c:27:1d:74:0a:48:85:fc:7e:01:6f:48: d0:07:17:fa:66:53:a4:33:a0:d2:14:ac:51:a2:87: 23:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:C4:F2:9D:8D:60:B2:2D:41:46:B4:21:06:FC:E3:7B:F0:F8:EC:40 X509v3 Authority Key Identifier: keyid:DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232313a3a2f34382d3438203d3e20313339393730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:aac0:221::/48 Signature Algorithm: sha256WithRSAEncryption 45:0d:06:4c:01:15:19:d9:2e:46:1c:41:7c:40:8f:0d:db:c5: d2:ce:76:31:83:15:88:06:e4:aa:95:55:ec:bb:81:a7:69:1c: 78:a7:38:1c:d9:81:6e:55:8d:49:8b:0e:3a:e9:25:46:4a:4b: e5:85:02:eb:de:c5:78:5a:bf:6a:16:63:4a:5e:1d:ca:8e:d6: b8:5a:df:58:62:29:55:28:bb:6e:96:8d:1e:59:b3:5c:4a:0e: c7:55:d9:1e:ac:c6:85:2a:30:8d:a6:3e:d6:0d:ce:b4:1b:5c: 54:c3:19:3b:1d:57:83:17:1c:b7:b3:aa:00:d4:73:c6:e5:5e: ff:20:c3:66:ec:14:39:a2:2c:d1:26:8e:66:b7:f0:92:36:be: 25:5d:08:ea:21:d4:ca:d3:d9:28:83:d5:9b:25:3f:97:4d:dc: 8e:3c:95:19:ee:61:75:1f:20:ec:0e:b8:5c:de:29:77:a8:f1: 7a:56:db:36:ef:df:43:7d:b5:ac:a1:3a:36:20:f0:fa:4b:a6: 4d:f5:a2:25:90:df:5b:b9:c6:5a:5a:13:7f:d4:33:0e:99:45: 42:05:60:4b:15:5c:28:a7:03:55:c9:db:fb:3d:9c:9e:4a:ba: 76:80:6c:bd:bd:83:6a:cf:fc:19:68:3a:ff:3f:ba:bf:fb:6b: ea:94:23:44 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUE40vO7lHByGNX/CD6kNkPwK0TlowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAx NjRGRTVDRjAeFw0yNTA3MDcxMTU1MDBaFw0yNjA3MDYxMjAwMDBaMDMxMTAvBgNV BAMTKDUyQzRGMjlEOEQ2MEIyMkQ0MTQ2QjQyMTA2RkNFMzdCRjBGOEVDNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ZFTgwzii0fDj3SoERKi9YpRE xNdEaChThmw6e1BEdjeMkMUUjnArZyjy22AJjkBBjWug9dnLzCClvnkcFculK/0t TkbHM63A7QUkeWiPVjMYK3E3jBy7kgzmJ3hlj8nYT8S784de9v4xadkdkIntFPYt sifWHQNh1sd7UliBo+yNT9swsG5H8NQc4ajnPzHX+CLETHBNHbL155tV9W1vwSyN oEyQ/tbVVjH4YC0UnQpN3G/rmzWdbcyI3WP3YObY25kSdyo0ZPOIgsPwJ9jYxR5o NjgnRHWlH3tMffy4jJ9qYAwnHXQKSIX8fgFvSNAHF/pmU6QzoNIUrFGihyO/AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUUsTynY1gsi1BRrQhBvzje/D47EAwHwYDVR0j BBgwFoAU2odmqQhRrkTXa4Vj2DWG8BZP5c8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZGVkYzAzMy1jZDRkLTQ2MjAtOTM3Mi1lNmUwMzlmYzA2YjkvMC9EQTg3NjZBOTA4 NTFBRTQ0RDc2Qjg1NjNEODM1ODZGMDE2NEZFNUNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAxNjRG RTVDRi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkZWRjMDMzLWNkNGQtNDYyMC05 MzcyLWU2ZTAzOWZjMDZiOS8wLzMyMzQzMDM1M2E2MTYxNjMzMDNhMzIzMjMxM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM5MzkzNzMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAWq wAIhMA0GCSqGSIb3DQEBCwUAA4IBAQBFDQZMARUZ2S5GHEF8QI8N28XSznYxgxWI BuSqlVXsu4GnaRx4pzgc2YFuVY1Jiw466SVGSkvlhQLr3sV4Wr9qFmNKXh3Kjta4 Wt9YYilVKLtulo0eWbNcSg7HVdkerMaFKjCNpj7WDc60G1xUwxk7HVeDFxy3s6oA 1HPG5V7/IMNm7BQ5oizRJo5mt/CSNr4lXQjqIdTK09kog9WbJT+XTdyOPJUZ7mF1 HyDsDrhc3il3qPF6Vts2799DfbWsoTo2IPD6S6ZN9aIlkN9bucZaWhN/1DMOmUVC BWBLFVwopwNVydv7PZyeSrp2gGy9vYNqz/wZaDr/P7q/+2vqlCNE -----END CERTIFICATE-----Generated at Wed Jul 23 12:16:23 2025 by rpki-client