$ rpki-client -vvf repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232343a3a2f34382d3438203d3e20313339393439.roa File: 323430353a616163303a3232343a3a2f34382d3438203d3e20313339393439.roa (raw, json) Hash identifier: IkcqCeYGQb80Q1AOJnsq13AQ5bpaYjmxKy7ulkw8B5Q= Subject key identifier: A8:8E:06:5F:64:3B:7E:97:81:7A:EA:91:AB:20:F0:FE:BE:8A:5A:84 Certificate issuer: /CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Certificate serial: 49695C9C79E123C65994D6F5C004D9278CC8D208 Authority key identifier: DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject info access: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232343a3a2f34382d3438203d3e20313339393439.roa Signing time: Wed 09 Jul 2025 07:00:00 +0000 ROA not before: Wed 09 Jul 2025 06:55:00 +0000 ROA not after: Wed 08 Jul 2026 07:00:00 +0000 asID: 139949 IP address blocks: 2405:aac0:224::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 09:05:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:69:5c:9c:79:e1:23:c6:59:94:d6:f5:c0:04:d9:27:8c:c8:d2:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA8766A90851AE44D76B8563D83586F0164FE5CF Validity Not Before: Jul 9 06:55:00 2025 GMT Not After : Jul 8 07:00:00 2026 GMT Subject: CN=A88E065F643B7E97817AEA91AB20F0FEBE8A5A84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:8a:85:aa:4c:99:26:10:48:d3:63:39:26:f8: 7c:dd:a6:da:7b:20:38:2d:d8:3c:8e:d2:31:b7:a0: e7:4b:45:cb:b3:58:5b:9e:d0:2b:5f:57:d0:1e:a8: 04:b3:e3:2f:e9:c2:33:0d:b3:81:77:c0:b3:94:95: 99:48:4a:d8:5e:9f:f8:99:a0:a3:cc:7d:7b:20:fe: b4:e5:05:dd:7c:7a:e6:79:60:81:ff:84:98:c5:05: e0:60:0a:29:5a:f4:16:fe:75:fa:c8:69:bd:6c:1a: 4a:dc:f5:5f:9b:99:16:bc:1c:ba:30:32:a0:ee:c2: 13:09:33:29:97:ae:f5:b8:9c:17:51:5e:8f:63:99: 85:d9:2a:f9:d5:eb:56:5e:65:bd:fa:2c:67:63:eb: ad:71:b7:cf:26:2b:48:01:81:e6:67:b6:ba:b5:13: e7:4c:c8:9e:72:0d:3b:f4:b5:70:cb:c8:a8:52:bd: d1:86:fd:bb:06:dc:98:20:e2:a2:26:22:8c:ce:df: 37:31:e6:91:02:e5:69:17:e6:9d:3d:24:c2:33:77: 6c:7e:d3:1d:40:aa:44:10:43:8e:ff:b6:26:44:a5: de:1f:57:7b:6c:7a:e4:70:4c:db:df:7b:eb:08:9f: ae:ba:53:0d:3a:0c:58:9a:a7:e2:b3:83:0d:53:4e: 52:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:8E:06:5F:64:3B:7E:97:81:7A:EA:91:AB:20:F0:FE:BE:8A:5A:84 X509v3 Authority Key Identifier: keyid:DA:87:66:A9:08:51:AE:44:D7:6B:85:63:D8:35:86:F0:16:4F:E5:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/DA8766A90851AE44D76B8563D83586F0164FE5CF.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DA8766A90851AE44D76B8563D83586F0164FE5CF.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3dedc033-cd4d-4620-9372-e6e039fc06b9/0/323430353a616163303a3232343a3a2f34382d3438203d3e20313339393439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:aac0:224::/48 Signature Algorithm: sha256WithRSAEncryption 2f:cd:59:0c:b3:31:1a:5d:fb:91:c5:37:19:bb:94:a0:01:2e: 6b:c9:6d:dd:15:c0:e1:5b:6a:cb:df:ef:20:96:f7:6b:d9:41: ba:c8:cc:8f:e8:36:f7:4b:06:4d:8c:50:18:7a:02:5e:d4:d3: df:f4:f9:5d:4d:42:3f:42:12:99:13:85:5d:61:c2:e4:1a:1e: 3d:3e:d8:d2:33:b2:19:4a:ed:b2:3c:7f:d9:f4:2a:48:88:9b: 94:f9:4b:73:ef:45:c2:56:56:21:df:12:00:6e:7d:31:16:80: 5d:7e:7c:2f:32:16:57:97:05:3f:d1:60:f4:4a:7a:de:f5:69: 06:11:dc:e5:84:e8:4c:1f:74:c9:bf:6e:b4:a4:0f:55:f5:9a: c7:13:75:c8:65:1f:33:e2:56:13:41:80:b5:69:6e:44:1c:dd: 7e:b6:6b:54:57:74:3f:63:b8:74:26:d1:40:20:19:2e:bb:6c: 0d:4d:1e:8a:a8:65:0d:e0:4a:00:de:6f:a7:a5:e4:ad:41:b5: e4:b3:4e:0a:10:57:7c:a8:8a:f8:d1:ce:27:65:5e:90:a6:f0: a9:65:a7:48:d3:d6:27:c2:a0:23:a7:ed:da:39:1f:8e:71:b9: cd:3e:2e:7b:93:36:26:56:17:4f:0c:a3:06:bd:9e:ff:f6:c7: 4c:7f:d2:a3 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUSWlcnHnhI8ZZlNb1wATZJ4zI0ggwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAx NjRGRTVDRjAeFw0yNTA3MDkwNjU1MDBaFw0yNjA3MDgwNzAwMDBaMDMxMTAvBgNV BAMTKEE4OEUwNjVGNjQzQjdFOTc4MTdBRUE5MUFCMjBGMEZFQkU4QTVBODQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRioWqTJkmEEjTYzkm+Hzdptp7 IDgt2DyO0jG3oOdLRcuzWFue0CtfV9AeqASz4y/pwjMNs4F3wLOUlZlISthen/iZ oKPMfXsg/rTlBd18euZ5YIH/hJjFBeBgCila9Bb+dfrIab1sGkrc9V+bmRa8HLow MqDuwhMJMymXrvW4nBdRXo9jmYXZKvnV61ZeZb36LGdj661xt88mK0gBgeZntrq1 E+dMyJ5yDTv0tXDLyKhSvdGG/bsG3Jgg4qImIozO3zcx5pEC5WkX5p09JMIzd2x+ 0x1AqkQQQ47/tiZEpd4fV3tseuRwTNvfe+sIn666Uw06DFiap+Kzgw1TTlLNAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUqI4GX2Q7fpeBeuqRqyDw/r6KWoQwHwYDVR0j BBgwFoAU2odmqQhRrkTXa4Vj2DWG8BZP5c8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z ZGVkYzAzMy1jZDRkLTQ2MjAtOTM3Mi1lNmUwMzlmYzA2YjkvMC9EQTg3NjZBOTA4 NTFBRTQ0RDc2Qjg1NjNEODM1ODZGMDE2NEZFNUNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREE4NzY2QTkwODUxQUU0NEQ3NkI4NTYzRDgzNTg2RjAxNjRG RTVDRi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNkZWRjMDMzLWNkNGQtNDYyMC05 MzcyLWU2ZTAzOWZjMDZiOS8wLzMyMzQzMDM1M2E2MTYxNjMzMDNhMzIzMjM0M2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM5MzkzNDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAWq wAIkMA0GCSqGSIb3DQEBCwUAA4IBAQAvzVkMszEaXfuRxTcZu5SgAS5ryW3dFcDh W2rL3+8glvdr2UG6yMyP6Db3SwZNjFAYegJe1NPf9PldTUI/QhKZE4VdYcLkGh49 PtjSM7IZSu2yPH/Z9CpIiJuU+Utz70XCVlYh3xIAbn0xFoBdfnwvMhZXlwU/0WD0 Snre9WkGEdzlhOhMH3TJv260pA9V9ZrHE3XIZR8z4lYTQYC1aW5EHN1+tmtUV3Q/ Y7h0JtFAIBkuu2wNTR6KqGUN4EoA3m+npeStQbXks04KEFd8qIr40c4nZV6QpvCp ZadI09YnwqAjp+3aOR+OcbnNPi57kzYmVhdPDKMGvZ7/9sdMf9Kj -----END CERTIFICATE-----Generated at Thu Jul 24 17:16:57 2025 by rpki-client