$ rpki-client -vvf repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa File: 323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa (raw, json) Hash identifier: 1A57a+WSkaUEe/nNKsaDACTzujL/BWvYX5TZ+R8VoL8= Subject key identifier: 71:DD:60:F8:EF:68:C1:5B:C2:54:B1:55:F4:26:BC:97:9E:AA:D2:11 Certificate issuer: /CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837 Certificate serial: 652BB88F29873086BC6024FFCD234C2080E435FA Authority key identifier: F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa Signing time: Tue 15 Jul 2025 02:00:01 +0000 ROA not before: Tue 15 Jul 2025 01:55:01 +0000 ROA not after: Tue 14 Jul 2026 02:00:01 +0000 asID: 136079 IP address blocks: 2405:2cc0:2::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 00:55:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:2b:b8:8f:29:87:30:86:bc:60:24:ff:cd:23:4c:20:80:e4:35:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837 Validity Not Before: Jul 15 01:55:01 2025 GMT Not After : Jul 14 02:00:01 2026 GMT Subject: CN=71DD60F8EF68C15BC254B155F426BC979EAAD211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:d8:95:80:cf:c7:ad:80:f1:a5:3c:a0:07:c5: 4b:6f:d0:25:9d:c6:7d:4d:23:a8:21:57:d9:83:40: 81:f8:d5:03:90:b2:f1:d7:30:dd:95:b8:c8:35:90: 10:2d:1d:3e:11:16:96:59:1a:45:00:e0:c2:df:c0: 0c:1d:72:33:64:94:4b:53:6d:ef:5c:5c:dd:58:ac: 32:27:fc:10:a4:75:c9:5a:10:1a:37:fa:4e:2f:b2: c5:d7:5b:05:f0:96:12:7e:96:b4:f8:fb:37:d5:c4: 7d:59:dd:87:69:39:f3:fd:93:c4:20:2f:c1:77:41: 62:e0:97:29:96:60:e0:95:22:7b:10:c5:12:eb:22: b2:53:10:af:e0:90:88:5b:84:56:6a:b3:f5:6d:05: 8e:de:02:37:bf:35:52:c0:45:82:32:78:2a:4a:98: 13:33:6b:41:fa:12:70:fc:ab:88:42:9e:12:c2:a2: c6:4f:b3:5b:dc:6e:88:25:3d:9c:34:7f:d2:3d:97: 50:8a:7b:dd:82:2c:a3:f3:2a:be:23:1a:ff:ca:61: 52:09:4f:ad:7f:5d:9e:ca:2a:de:2e:63:c1:bb:2b: f5:22:00:7e:67:9e:58:d9:11:1d:82:25:42:f2:1c: 8c:cf:37:d1:7f:00:03:86:61:59:d4:4c:6c:e1:35: 2a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:DD:60:F8:EF:68:C1:5B:C2:54:B1:55:F4:26:BC:97:9E:AA:D2:11 X509v3 Authority Key Identifier: keyid:F3:AB:A8:F3:C2:DD:89:25:DD:47:BF:7E:A2:13:73:02:A7:2B:58:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3ABA8F3C2DD8925DD47BF7EA2137302A72B5837.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8e693b89-4597-40b5-92b0-b299fa769afa/0/323430353a326363303a323a3a2f34382d3438203d3e20313336303739.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:2cc0:2::/48 Signature Algorithm: sha256WithRSAEncryption b7:36:f3:8b:98:2d:06:93:b7:7d:79:5b:f8:98:60:bf:0e:9e: 18:44:7e:23:39:cf:c6:8d:33:a8:f2:5d:d2:19:5f:e6:da:ea: 6d:34:8a:76:a7:fc:1e:19:11:a4:64:dd:86:54:bd:92:c0:57: 4a:38:bc:c5:40:bb:15:59:68:a3:98:e7:cc:14:97:ab:8e:f7: 44:1e:c5:79:82:cf:bb:c4:ca:b7:17:aa:c1:c5:82:f6:c7:a8: 4e:a4:97:e1:eb:85:0a:b4:a0:e3:5d:4c:d6:2f:5b:c0:84:b9: e6:3f:59:37:fa:d5:e1:58:ee:a3:c2:6a:34:3b:89:ae:9d:eb: 2c:1f:60:34:35:ea:fe:95:3f:69:3b:c5:e9:72:c3:73:b5:d4: ca:b6:96:3e:7e:df:9d:dc:73:b8:a4:36:59:9c:68:28:25:71: d1:fb:66:e4:be:ef:20:19:dd:07:84:57:dc:83:03:8d:89:81: 1d:98:9b:24:78:36:40:ef:06:c9:a3:bf:aa:6f:81:13:21:79: 3d:14:b2:60:43:05:06:ab:7f:a6:09:22:a8:44:3a:0b:f9:f1: e8:d2:e9:f7:7b:81:e9:b8:3f:6e:f4:a9:24:fd:29:a3:5c:2a: 83:95:9b:44:e3:62:21:1c:fd:ef:19:1a:d4:f5:35:ae:43:ae: dc:91:da:5a -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUZSu4jymHMIa8YCT/zSNMIIDkNfowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJB NzJCNTgzNzAeFw0yNTA3MTUwMTU1MDFaFw0yNjA3MTQwMjAwMDFaMDMxMTAvBgNV BAMTKDcxREQ2MEY4RUY2OEMxNUJDMjU0QjE1NUY0MjZCQzk3OUVBQUQyMTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX2JWAz8etgPGlPKAHxUtv0CWd xn1NI6ghV9mDQIH41QOQsvHXMN2VuMg1kBAtHT4RFpZZGkUA4MLfwAwdcjNklEtT be9cXN1YrDIn/BCkdclaEBo3+k4vssXXWwXwlhJ+lrT4+zfVxH1Z3YdpOfP9k8Qg L8F3QWLglymWYOCVInsQxRLrIrJTEK/gkIhbhFZqs/VtBY7eAje/NVLARYIyeCpK mBMza0H6EnD8q4hCnhLCosZPs1vcboglPZw0f9I9l1CKe92CLKPzKr4jGv/KYVIJ T61/XZ7KKt4uY8G7K/UiAH5nnljZER2CJULyHIzPN9F/AAOGYVnUTGzhNSpFAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUcd1g+O9owVvCVLFV9Ca8l56q0hEwHwYDVR0j BBgwFoAU86uo88LdiSXdR79+ohNzAqcrWDcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZTY5M2I4OS00NTk3LTQwYjUtOTJiMC1iMjk5ZmE3NjlhZmEvMC9GM0FCQThGM0My REQ4OTI1REQ0N0JGN0VBMjEzNzMwMkE3MkI1ODM3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjNBQkE4RjNDMkREODkyNURENDdCRjdFQTIxMzczMDJBNzJC NTgzNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhlNjkzYjg5LTQ1OTctNDBiNS05 MmIwLWIyOTlmYTc2OWFmYS8wLzMyMzQzMDM1M2EzMjYzNjMzMDNhMzIzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM3Mzkucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBSzAAAIw DQYJKoZIhvcNAQELBQADggEBALc284uYLQaTt315W/iYYL8OnhhEfiM5z8aNM6jy XdIZX+ba6m00inan/B4ZEaRk3YZUvZLAV0o4vMVAuxVZaKOY58wUl6uO90QexXmC z7vEyrcXqsHFgvbHqE6kl+HrhQq0oONdTNYvW8CEueY/WTf61eFY7qPCajQ7ia6d 6ywfYDQ16v6VP2k7xelyw3O11Mq2lj5+353cc7ikNlmcaCglcdH7ZuS+7yAZ3QeE V9yDA42JgR2YmyR4NkDvBsmjv6pvgRMheT0UsmBDBQarf6YJIqhEOgv58ejS6fd7 gem4P270qST9KaNcKoOVm0TjYiEc/e8ZGtT1Na5DrtyR2lo= -----END CERTIFICATE-----Generated at Wed Jul 23 02:10:25 2025 by rpki-client