$ rpki-client -vvf repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/323030313a6466313a366263303a3a2f34382d3438203d3e20313431363036.roa File: 323030313a6466313a366263303a3a2f34382d3438203d3e20313431363036.roa (raw, json) Hash identifier: LnoUiVTC+YkZ5Y/4/Q1S1mXaeabC5U6lsaInD923/gY= Subject key identifier: 4C:F3:5B:03:1C:48:F4:EA:6E:2B:34:92:73:69:7F:C4:5A:DC:48:AE Certificate issuer: /CN=407B7C7EE09EDBAA0A3525E209FF8E93E48653C8 Certificate serial: 1869142F21DFBE4884617FFC39446325AB1067D5 Authority key identifier: 40:7B:7C:7E:E0:9E:DB:AA:0A:35:25:E2:09:FF:8E:93:E4:86:53:C8 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.cer Subject info access: rsync://repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/323030313a6466313a366263303a3a2f34382d3438203d3e20313431363036.roa Signing time: Thu 10 Jul 2025 05:00:00 +0000 ROA not before: Thu 10 Jul 2025 04:55:00 +0000 ROA not after: Thu 09 Jul 2026 05:00:00 +0000 asID: 141606 IP address blocks: 2001:df1:6bc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.crl rsync://repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 15:11:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:69:14:2f:21:df:be:48:84:61:7f:fc:39:44:63:25:ab:10:67:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407B7C7EE09EDBAA0A3525E209FF8E93E48653C8 Validity Not Before: Jul 10 04:55:00 2025 GMT Not After : Jul 9 05:00:00 2026 GMT Subject: CN=4CF35B031C48F4EA6E2B349273697FC45ADC48AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a9:cb:0f:0d:9b:9a:94:75:ce:3d:dd:60:2e: 9a:76:56:0b:7d:62:ca:90:8b:15:14:69:d9:8f:76: e4:b4:c2:1b:64:c0:42:44:dd:5e:1e:5b:cb:5d:bb: c2:ea:22:b2:ea:88:5e:15:86:28:a0:ab:d1:0d:73: 8b:13:c3:24:30:a5:ae:ab:67:c2:b3:28:16:ec:c8: 84:ce:61:9a:56:18:61:09:a9:e2:e0:c1:16:93:55: 4c:e2:63:55:75:27:c7:67:db:8e:f6:ed:0d:64:de: 8c:ad:60:67:36:c3:82:46:f7:ad:1f:f5:80:23:52: ad:d9:15:ca:97:52:24:da:46:1e:ad:42:09:ca:90: 19:22:a6:99:08:4e:91:cd:50:93:3a:91:8b:57:4b: 7a:5f:2f:dd:c0:36:d6:39:72:98:54:5d:c3:37:9e: e1:50:b8:14:28:c7:bf:7a:eb:5b:2f:4d:df:68:fb: 8f:92:91:30:10:05:50:d3:ba:19:f1:86:ad:d1:0c: 0f:0b:7f:1b:46:94:64:94:cb:74:01:6d:fd:61:ce: 15:2e:2b:d0:9b:69:48:c5:2f:35:83:98:c6:f1:d8: d5:c0:bd:f2:41:c2:93:3c:de:24:78:67:f4:03:48: 84:73:b1:11:88:ee:49:8f:2f:2e:10:84:a5:13:20: b5:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:F3:5B:03:1C:48:F4:EA:6E:2B:34:92:73:69:7F:C4:5A:DC:48:AE X509v3 Authority Key Identifier: keyid:40:7B:7C:7E:E0:9E:DB:AA:0A:35:25:E2:09:FF:8E:93:E4:86:53:C8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/407B7C7EE09EDBAA0A3525E209FF8E93E48653C8.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6d64bf6a-4302-460f-9669-09a50a73af1a/0/323030313a6466313a366263303a3a2f34382d3438203d3e20313431363036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:6bc0::/48 Signature Algorithm: sha256WithRSAEncryption 49:e5:89:d2:ca:22:6d:16:e5:ca:23:43:2b:e1:93:2d:b0:4f: f4:e9:ec:0d:6f:a4:4f:7d:3f:6a:ca:b0:8e:fe:cd:84:c3:86: 10:f5:e7:bd:a8:64:d0:7a:4f:05:4e:58:b5:35:eb:bc:10:7a: e6:23:d0:f2:1f:5c:45:0c:96:87:6f:01:55:c9:dd:21:2b:8d: 49:42:55:f8:d3:35:8d:98:65:4f:ab:5c:81:3c:1f:4e:ef:11: 45:4c:fc:d7:6e:75:2e:48:63:3c:31:dd:20:a9:58:d6:da:38: 83:79:e1:26:0e:fd:e3:78:18:49:79:17:39:26:11:b2:44:e3: f2:a1:22:7c:4e:85:99:fb:f9:a5:4a:50:bb:51:7c:0c:07:65: 7e:c5:e7:50:03:3f:55:cb:21:17:5a:9c:e7:1a:55:57:79:09: 93:0d:49:16:6c:ae:71:ce:41:da:ed:c0:ec:1d:43:83:d1:8f: 9e:85:23:e0:e1:62:de:0c:4c:77:ee:c7:56:c6:08:49:3f:cd: 86:72:4d:cf:f3:e0:16:7e:56:4a:53:26:84:03:7f:64:ef:fc: e1:ae:6d:20:1f:fb:3f:2a:d6:89:0f:b0:bc:5b:60:44:58:d3: 9c:df:02:82:7c:c4:99:cf:27:3f:b9:95:aa:b9:54:12:ea:00: c9:63:b0:24 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUGGkULyHfvkiEYX/8OURjJasQZ9UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA3QjdDN0VFMDlFREJBQTBBMzUyNUUyMDlGRjhFOTNF NDg2NTNDODAeFw0yNTA3MTAwNDU1MDBaFw0yNjA3MDkwNTAwMDBaMDMxMTAvBgNV BAMTKDRDRjM1QjAzMUM0OEY0RUE2RTJCMzQ5MjczNjk3RkM0NUFEQzQ4QUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgqcsPDZualHXOPd1gLpp2Vgt9 YsqQixUUadmPduS0whtkwEJE3V4eW8tdu8LqIrLqiF4Vhiigq9ENc4sTwyQwpa6r Z8KzKBbsyITOYZpWGGEJqeLgwRaTVUziY1V1J8dn24727Q1k3oytYGc2w4JG960f 9YAjUq3ZFcqXUiTaRh6tQgnKkBkippkITpHNUJM6kYtXS3pfL93ANtY5cphUXcM3 nuFQuBQox79661svTd9o+4+SkTAQBVDTuhnxhq3RDA8LfxtGlGSUy3QBbf1hzhUu K9CbaUjFLzWDmMbx2NXAvfJBwpM83iR4Z/QDSIRzsRGI7kmPLy4QhKUTILVrAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUTPNbAxxI9OpuKzSSc2l/xFrcSK4wHwYDVR0j BBgwFoAUQHt8fuCe26oKNSXiCf+Ok+SGU8gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 ZDY0YmY2YS00MzAyLTQ2MGYtOTY2OS0wOWE1MGE3M2FmMWEvMC80MDdCN0M3RUUw OUVEQkFBMEEzNTI1RTIwOUZGOEU5M0U0ODY1M0M4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDA3QjdDN0VFMDlFREJBQTBBMzUyNUUyMDlGRjhFOTNFNDg2 NTNDOC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZkNjRiZjZhLTQzMDItNDYwZi05 NjY5LTA5YTUwYTczYWYxYS8wLzMyMzAzMDMxM2E2NDY2MzEzYTM2NjI2MzMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDMxMzYzMDM2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 8WvAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ5YnSyiJtFuXKI0Mr4ZMtsE/06ewNb6RP fT9qyrCO/s2Ew4YQ9ee9qGTQek8FTli1Neu8EHrmI9DyH1xFDJaHbwFVyd0hK41J QlX40zWNmGVPq1yBPB9O7xFFTPzXbnUuSGM8Md0gqVjW2jiDeeEmDv3jeBhJeRc5 JhGyROPyoSJ8ToWZ+/mlSlC7UXwMB2V+xedQAz9VyyEXWpznGlVXeQmTDUkWbK5x zkHa7cDsHUOD0Y+ehSPg4WLeDEx37sdWxghJP82Gck3P8+AWflZKUyaEA39k7/zh rm0gH/s/KtaJD7C8W2BEWNOc3wKCfMSZzyc/uZWquVQS6gDJY7Ak -----END CERTIFICATE-----Generated at Wed Jul 23 12:00:13 2025 by rpki-client