$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333134363a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a333134363a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: J9+H0zfCZWn+xjuPGRv9Wz6RTUrilx0oA3r8oIJzJFw= Subject key identifier: 89:B9:24:C4:40:58:7E:3D:3A:4A:76:19:58:EC:42:3A:8B:CB:3D:A3 Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Certificate serial: 4EB7D2D146857534B7DBA1844A52ACC88511A889 Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333134363a3a2f34382d3438203d3e20313533303837.roa Signing time: Fri 04 Jul 2025 13:00:04 +0000 ROA not before: Fri 04 Jul 2025 12:55:04 +0000 ROA not after: Fri 03 Jul 2026 13:00:04 +0000 asID: 153087 IP address blocks: 2404:97c0:3146::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 13:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:b7:d2:d1:46:85:75:34:b7:db:a1:84:4a:52:ac:c8:85:11:a8:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Validity Not Before: Jul 4 12:55:04 2025 GMT Not After : Jul 3 13:00:04 2026 GMT Subject: CN=89B924C440587E3D3A4A761958EC423A8BCB3DA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:4b:6e:80:b0:3a:9f:4a:8c:17:16:6b:ec:31: 83:bd:7d:22:b1:e0:c1:1d:82:43:f1:2f:fb:c1:44: a9:86:e3:de:cc:50:03:df:77:df:a3:b5:83:df:99: 16:49:e4:07:30:99:13:92:df:de:92:63:b8:a2:a9: 01:d1:84:df:af:2a:98:9a:c9:9a:50:26:f4:86:5e: 2a:bf:c7:ff:e2:33:64:16:84:6f:c9:95:b9:83:7f: b9:5c:54:34:d4:f8:9e:9a:68:78:08:56:de:c4:d1: a5:1f:44:e5:bd:66:c0:68:0c:bb:2a:15:1d:e4:1f: d1:a3:bc:06:44:6d:7a:49:49:39:3b:80:5d:97:75: 57:68:f3:80:2e:b2:2b:c9:a7:34:45:e8:8c:51:d1: 4e:0f:fa:d6:a5:38:83:ac:4c:f9:d4:c9:5b:00:75: 5b:d6:70:e2:28:6a:6c:77:b8:2f:63:9a:13:b1:27: e6:88:ea:bf:1e:9f:14:45:bc:a3:d7:73:d7:8e:ea: e9:62:d4:0a:99:20:65:98:84:ee:66:56:ed:3d:b6: c7:8d:5b:8e:f2:4c:3d:b8:50:0b:96:08:28:6c:11: d4:8a:21:cf:7f:39:9a:3d:ae:cc:55:84:2e:d4:b2: 7e:be:61:95:00:88:b7:a6:fa:89:31:8a:bc:a6:6d: 5d:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:B9:24:C4:40:58:7E:3D:3A:4A:76:19:58:EC:42:3A:8B:CB:3D:A3 X509v3 Authority Key Identifier: keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333134363a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:3146::/48 Signature Algorithm: sha256WithRSAEncryption b4:94:bf:ce:13:96:d0:d0:50:49:11:9b:15:d9:09:09:76:c2: cf:db:29:f1:2f:d2:52:21:28:4c:14:17:68:fe:aa:48:f2:44: f2:75:20:8d:90:df:6d:4b:04:01:f8:ca:6f:9f:73:12:85:e0: 05:64:54:26:12:c4:9c:30:ab:a9:90:e4:da:15:f8:c8:7b:63: 2e:ca:e5:c1:42:23:86:eb:b8:8e:95:bf:8c:02:5b:c0:57:fc: 45:fa:ac:9c:5d:05:16:dd:2c:eb:a2:50:4a:39:11:b5:3d:e9: 88:05:a7:4a:8d:32:a6:8a:cb:d7:c1:b3:58:27:95:f9:2a:b6: cb:8a:87:77:03:64:87:ce:35:a4:ce:78:8a:ad:6d:76:88:f4: 19:dc:e5:97:c6:8d:7b:12:ed:62:3e:76:70:4a:6d:57:fc:ea: 86:b2:f3:19:ab:af:43:5b:1a:55:f8:be:27:38:87:ba:ba:2b: f8:7e:d2:d6:92:1f:a8:ff:a1:02:47:ba:84:13:35:38:9f:5d: 4c:4c:34:48:34:af:65:78:bb:f3:16:4b:c1:44:6e:e1:d9:83: 5b:57:50:45:70:fa:45:0c:d5:25:fe:65:c3:9c:bd:f0:69:e5: 03:c2:1d:d0:4b:0b:ba:4e:f4:c4:4b:82:69:fc:dd:ac:3c:5a: 67:6b:b6:42 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUTrfS0UaFdTS326GESlKsyIURqIkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky NzI5REVFRTAeFw0yNTA3MDQxMjU1MDRaFw0yNjA3MDMxMzAwMDRaMDMxMTAvBgNV BAMTKDg5QjkyNEM0NDA1ODdFM0QzQTRBNzYxOTU4RUM0MjNBOEJDQjNEQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlS26AsDqfSowXFmvsMYO9fSKx 4MEdgkPxL/vBRKmG497MUAPfd9+jtYPfmRZJ5AcwmROS396SY7iiqQHRhN+vKpia yZpQJvSGXiq/x//iM2QWhG/JlbmDf7lcVDTU+J6aaHgIVt7E0aUfROW9ZsBoDLsq FR3kH9GjvAZEbXpJSTk7gF2XdVdo84AusivJpzRF6IxR0U4P+talOIOsTPnUyVsA dVvWcOIoamx3uC9jmhOxJ+aI6r8enxRFvKPXc9eO6uli1AqZIGWYhO5mVu09tseN W47yTD24UAuWCChsEdSKIc9/OZo9rsxVhC7Usn6+YZUAiLem+okxirymbV0vAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUibkkxEBYfj06SnYZWOxCOovLPaMwHwYDVR0j BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5 REVFRS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04 MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzMzMTM0MzYz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM1MzMzMDM4Mzcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BJfAMUYwDQYJKoZIhvcNAQELBQADggEBALSUv84TltDQUEkRmxXZCQl2ws/bKfEv 0lIhKEwUF2j+qkjyRPJ1II2Q321LBAH4ym+fcxKF4AVkVCYSxJwwq6mQ5NoV+Mh7 Yy7K5cFCI4bruI6Vv4wCW8BX/EX6rJxdBRbdLOuiUEo5EbU96YgFp0qNMqaKy9fB s1gnlfkqtsuKh3cDZIfONaTOeIqtbXaI9Bnc5ZfGjXsS7WI+dnBKbVf86oay8xmr r0NbGlX4vic4h7q6K/h+0taSH6j/oQJHuoQTNTifXUxMNEg0r2V4u/MWS8FEbuHZ g1tXUEVw+kUM1SX+ZcOcvfBp5QPCHdBLC7pO9MRLgmn83aw8WmdrtkI= -----END CERTIFICATE-----Generated at Sun Jul 27 02:01:09 2025 by rpki-client