$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3232323a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a3232323a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: Nmp+qyCgxlPGSEMy9NEBVMpCbGYPUy7tS1mb3Hhynm4= Subject key identifier: 3A:FC:89:C0:6E:11:09:41:75:E8:5A:3A:B0:07:BE:81:80:64:6F:3E Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Certificate serial: 4112184491508E76ED3101B73E8B5D2F418C2BF1 Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3232323a3a2f34382d3438203d3e20313533303837.roa Signing time: Sat 05 Jul 2025 09:00:01 +0000 ROA not before: Sat 05 Jul 2025 08:55:01 +0000 ROA not after: Sat 04 Jul 2026 09:00:01 +0000 asID: 153087 IP address blocks: 2404:97c0:222::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 13:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:12:18:44:91:50:8e:76:ed:31:01:b7:3e:8b:5d:2f:41:8c:2b:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Validity Not Before: Jul 5 08:55:01 2025 GMT Not After : Jul 4 09:00:01 2026 GMT Subject: CN=3AFC89C06E11094175E85A3AB007BE8180646F3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:b5:81:1c:39:36:af:d7:dd:e0:a6:30:81:e0: 6e:2a:50:17:bc:b2:81:f6:6c:15:e3:a2:3e:d3:67: ba:fe:38:48:1d:a6:12:f0:41:07:9e:fd:82:a3:aa: 10:e1:2b:7b:03:02:6f:d8:23:54:c1:94:8a:1c:16: 36:21:94:33:a1:5d:e2:db:e0:78:1d:6b:a8:7d:38: 1a:b2:f7:77:93:95:3d:de:bf:4a:ac:21:8d:9f:83: ad:cd:a3:76:35:cd:26:47:99:57:4f:93:06:d2:b6: b5:f6:b0:e0:3e:fe:bd:20:15:94:99:24:1b:b6:98: 36:03:49:ab:77:bd:b1:a0:0d:4a:e2:e4:05:1e:bc: f7:6e:91:c2:23:65:52:74:80:2e:05:d0:07:70:8b: 81:98:af:8b:b9:dd:8a:5b:d5:e7:af:81:b8:36:3e: 18:5c:4c:ef:63:e2:c7:c9:30:f6:0d:db:ad:82:34: 9e:df:22:7a:30:25:5d:cb:7b:88:c8:15:5d:c7:b0: 0f:8c:98:51:e2:96:ce:f8:83:3b:56:f6:cc:ac:b1: a7:52:50:b2:92:3a:5a:d2:d8:01:70:65:b1:8b:1e: f3:a2:03:c0:f2:ee:50:05:0d:37:54:01:0f:18:63: ec:a6:74:aa:ba:3d:d9:29:cf:fa:c2:00:96:32:29: be:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:FC:89:C0:6E:11:09:41:75:E8:5A:3A:B0:07:BE:81:80:64:6F:3E X509v3 Authority Key Identifier: keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3232323a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:222::/48 Signature Algorithm: sha256WithRSAEncryption aa:1c:60:04:8c:b7:51:ec:b5:3d:d0:73:bc:d6:4d:f7:1e:04: dc:f1:aa:d2:4a:6c:e8:41:b3:dd:46:b9:44:b7:20:8e:a7:4b: 13:ed:e5:c1:50:94:08:70:f4:92:9b:63:5f:9c:9c:60:49:50: fc:21:f9:75:d6:50:40:63:0a:4a:38:ee:70:5f:1b:8d:e3:c3: ad:2c:84:d1:66:81:e6:6f:48:3d:35:4d:f1:65:b3:93:4c:9e: 17:28:c6:17:a8:91:a3:04:1f:c7:87:95:88:57:dd:c5:32:2b: 3b:65:9d:90:98:e3:a4:e5:89:81:da:54:04:b6:24:06:8c:21: 55:e1:3b:f4:21:56:6f:70:bb:3c:32:6c:2d:83:fc:69:c5:27: 30:46:33:0f:71:fd:2a:21:94:b9:07:0d:24:f5:07:49:2b:44: 2f:df:d2:e8:17:89:2d:04:b9:14:96:aa:fe:00:47:e1:8b:eb: d6:25:ea:1d:f2:3e:da:89:6f:64:f0:4b:d7:e6:50:4b:19:5f: 62:e1:29:c4:e1:b6:b0:fa:3e:f1:70:74:3c:09:0d:91:52:ee: 89:a8:78:bd:2b:5b:3a:0a:49:64:9c:ee:12:5f:3f:b6:d9:41: 60:04:d3:38:01:fa:fc:c6:ce:6c:5f:70:53:98:0c:00:b8:f7: be:a8:ef:2c -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUQRIYRJFQjnbtMQG3PotdL0GMK/EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky NzI5REVFRTAeFw0yNTA3MDUwODU1MDFaFw0yNjA3MDQwOTAwMDFaMDMxMTAvBgNV BAMTKDNBRkM4OUMwNkUxMTA5NDE3NUU4NUEzQUIwMDdCRTgxODA2NDZGM0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTtYEcOTav193gpjCB4G4qUBe8 soH2bBXjoj7TZ7r+OEgdphLwQQee/YKjqhDhK3sDAm/YI1TBlIocFjYhlDOhXeLb 4Hgda6h9OBqy93eTlT3ev0qsIY2fg63No3Y1zSZHmVdPkwbStrX2sOA+/r0gFZSZ JBu2mDYDSat3vbGgDUri5AUevPdukcIjZVJ0gC4F0Adwi4GYr4u53Ypb1eevgbg2 PhhcTO9j4sfJMPYN262CNJ7fInowJV3Le4jIFV3HsA+MmFHils74gztW9syssadS ULKSOlrS2AFwZbGLHvOiA8Dy7lAFDTdUAQ8YY+ymdKq6Pdkpz/rCAJYyKb4TAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUOvyJwG4RCUF16Fo6sAe+gYBkbz4wHwYDVR0j BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5 REVFRS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04 MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzIzMjMyM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzAzODM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJASX wAIiMA0GCSqGSIb3DQEBCwUAA4IBAQCqHGAEjLdR7LU90HO81k33HgTc8arSSmzo QbPdRrlEtyCOp0sT7eXBUJQIcPSSm2NfnJxgSVD8Ifl11lBAYwpKOO5wXxuN48Ot LITRZoHmb0g9NU3xZbOTTJ4XKMYXqJGjBB/Hh5WIV93FMis7ZZ2QmOOk5YmB2lQE tiQGjCFV4Tv0IVZvcLs8Mmwtg/xpxScwRjMPcf0qIZS5Bw0k9QdJK0Qv39LoF4kt BLkUlqr+AEfhi+vWJeod8j7aiW9k8EvX5lBLGV9i4SnE4baw+j7xcHQ8CQ2RUu6J qHi9K1s6CklknO4SXz+22UFgBNM4Afr8xs5sX3BTmAwAuPe+qO8s -----END CERTIFICATE-----Generated at Sun Jul 27 07:53:01 2025 by rpki-client