$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a323233353a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a323233353a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: KHwY6Z0jHMbfBDdJGFU2rVGCmizq7lJHRW86nQaCbGc= Subject key identifier: 7B:9F:00:A5:30:9B:C9:4D:9A:14:5B:71:53:F8:B1:EF:0B:C5:AB:24 Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Certificate serial: 7C959C974ADE5BB03CD3FAE4792D399306EC218F Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a323233353a3a2f34382d3438203d3e20313533303837.roa Signing time: Fri 04 Jul 2025 13:00:03 +0000 ROA not before: Fri 04 Jul 2025 12:55:03 +0000 ROA not after: Fri 03 Jul 2026 13:00:03 +0000 asID: 153087 IP address blocks: 2404:97c0:2235::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 13:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:95:9c:97:4a:de:5b:b0:3c:d3:fa:e4:79:2d:39:93:06:ec:21:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Validity Not Before: Jul 4 12:55:03 2025 GMT Not After : Jul 3 13:00:03 2026 GMT Subject: CN=7B9F00A5309BC94D9A145B7153F8B1EF0BC5AB24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ea:3d:af:c7:20:7f:f0:ff:15:a2:85:01:fb: 30:b4:2e:23:66:4d:58:76:a1:b0:f6:a5:72:72:b9: 49:fb:bd:07:52:dc:98:fa:ce:1a:92:b9:32:1c:38: 3c:c9:81:10:ca:4f:46:9f:29:d8:92:53:c6:75:67: 73:1b:a4:48:db:ef:5e:a7:90:12:8b:90:39:73:b9: b2:b2:18:b2:58:92:6f:5a:5f:2a:88:b1:ba:ad:28: bb:cc:ef:c4:84:1a:ba:c7:d0:14:9e:10:09:82:68: d5:99:ec:20:ed:7c:44:9c:46:56:a2:75:f1:43:62: d1:57:9a:25:48:27:ca:d9:42:41:fa:20:84:82:9f: 05:52:d4:80:83:61:27:25:99:14:f5:5a:9e:01:76: 59:9a:46:d5:60:63:fe:64:7d:51:29:0d:88:79:e6: c3:29:74:5f:f0:49:22:a3:88:7e:d6:fb:25:c9:10: 5c:4c:3a:52:ac:a0:9c:b2:44:19:87:f9:e4:02:13: fb:8e:59:ef:1e:65:c6:e2:41:86:e0:28:7d:63:84: c5:42:8a:9b:b1:5f:4a:7e:6d:48:30:ae:61:a9:48: fa:9b:38:e4:74:81:4f:0e:d9:6e:92:d0:0f:0f:e4: ad:90:39:9a:e8:6e:e5:12:ab:9a:c7:b4:dc:b7:ac: 2f:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:9F:00:A5:30:9B:C9:4D:9A:14:5B:71:53:F8:B1:EF:0B:C5:AB:24 X509v3 Authority Key Identifier: keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a323233353a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:2235::/48 Signature Algorithm: sha256WithRSAEncryption 2b:26:d3:e8:f7:34:c6:c1:10:80:f7:44:7e:5e:1a:b2:4f:c0: e1:f1:0a:bd:03:1b:f7:84:d4:c3:2f:83:c6:95:d3:7a:8a:f2: fd:14:97:59:27:20:63:03:b0:27:01:ee:b9:ae:42:35:92:03: c4:f5:b1:23:b2:53:6f:75:8d:a4:26:03:cb:9e:cc:0a:ae:5e: 02:f8:87:e4:2a:db:09:25:9f:85:8a:4a:23:7d:18:c9:88:51: 21:d6:ef:a0:b1:13:bb:41:30:da:2e:7f:cb:e8:6c:64:71:6d: 09:17:79:bd:80:1e:55:c1:18:f9:ee:b7:96:a9:9d:6b:7c:f8: ca:c2:00:fe:bf:7f:a8:1e:92:a8:6c:06:47:aa:6f:c1:d5:72: ee:4a:26:9d:aa:32:71:3e:f8:b5:fe:b8:45:cd:ce:24:7f:32: 26:38:8f:f7:da:7a:28:2d:13:7b:d8:75:76:50:df:32:a8:0f: f9:46:ff:3d:81:8e:73:f8:dc:2b:01:4b:26:f9:94:cb:65:7c: 29:19:99:ba:ed:74:68:01:2a:50:28:64:bd:21:e8:0b:66:dc: 3c:86:fb:86:ec:37:f9:c2:8b:82:10:56:d0:7e:ad:82:1f:5f: 26:c4:15:84:6d:1b:86:ce:8d:c6:12:c1:56:82:b6:40:ad:25: 7e:04:06:9d -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUfJWcl0reW7A80/rkeS05kwbsIY8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky NzI5REVFRTAeFw0yNTA3MDQxMjU1MDNaFw0yNjA3MDMxMzAwMDNaMDMxMTAvBgNV BAMTKDdCOUYwMEE1MzA5QkM5NEQ5QTE0NUI3MTUzRjhCMUVGMEJDNUFCMjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6j2vxyB/8P8VooUB+zC0LiNm TVh2obD2pXJyuUn7vQdS3Jj6zhqSuTIcODzJgRDKT0afKdiSU8Z1Z3MbpEjb716n kBKLkDlzubKyGLJYkm9aXyqIsbqtKLvM78SEGrrH0BSeEAmCaNWZ7CDtfEScRlai dfFDYtFXmiVIJ8rZQkH6IISCnwVS1ICDYSclmRT1Wp4BdlmaRtVgY/5kfVEpDYh5 5sMpdF/wSSKjiH7W+yXJEFxMOlKsoJyyRBmH+eQCE/uOWe8eZcbiQYbgKH1jhMVC ipuxX0p+bUgwrmGpSPqbOOR0gU8O2W6S0A8P5K2QOZrobuUSq5rHtNy3rC/XAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUe58ApTCbyU2aFFtxU/ix7wvFqyQwHwYDVR0j BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5 REVFRS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04 MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzIzMjMzMzUz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM1MzMzMDM4Mzcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BJfAIjUwDQYJKoZIhvcNAQELBQADggEBACsm0+j3NMbBEID3RH5eGrJPwOHxCr0D G/eE1MMvg8aV03qK8v0Ul1knIGMDsCcB7rmuQjWSA8T1sSOyU291jaQmA8uezAqu XgL4h+Qq2wkln4WKSiN9GMmIUSHW76CxE7tBMNouf8vobGRxbQkXeb2AHlXBGPnu t5apnWt8+MrCAP6/f6gekqhsBkeqb8HVcu5KJp2qMnE++LX+uEXNziR/MiY4j/fa eigtE3vYdXZQ3zKoD/lG/z2BjnP43CsBSyb5lMtlfCkZmbrtdGgBKlAoZL0h6Atm 3DyG+4bsN/nCi4IQVtB+rYIfXybEFYRtG4bOjcYSwVaCtkCtJX4EBp0= -----END CERTIFICATE-----Generated at Sun Jul 27 02:00:48 2025 by rpki-client