$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333135303a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a333135303a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: tgnEOAz4ln6k9iWDx9KpeIgmfHkJg4X1mSwrhZ0iEyY= Subject key identifier: BB:B9:D1:56:8F:61:2A:4B:16:5B:A2:48:C2:6B:CA:EB:E3:98:9A:13 Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Certificate serial: 431CC1C474D55919DBFEE68BFF165E1DB2AE20DA Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333135303a3a2f34382d3438203d3e20313533303837.roa Signing time: Fri 04 Jul 2025 13:00:02 +0000 ROA not before: Fri 04 Jul 2025 12:55:02 +0000 ROA not after: Fri 03 Jul 2026 13:00:02 +0000 asID: 153087 IP address blocks: 2404:97c0:3150::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 13:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:1c:c1:c4:74:d5:59:19:db:fe:e6:8b:ff:16:5e:1d:b2:ae:20:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Validity Not Before: Jul 4 12:55:02 2025 GMT Not After : Jul 3 13:00:02 2026 GMT Subject: CN=BBB9D1568F612A4B165BA248C26BCAEBE3989A13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:b9:d5:b5:8d:23:6d:fd:dd:0a:f6:40:c8:72: 5c:d5:33:15:e0:9f:8a:45:81:b4:9f:ae:1d:71:1f: 90:d4:2e:9a:f6:c6:0f:a6:ba:1a:4a:06:8b:4e:84: af:2a:16:a4:4f:e5:14:d2:26:d3:73:0d:16:25:b2: 70:7e:25:af:8d:48:b4:33:04:70:e1:21:21:f7:81: 7a:6b:48:a9:fb:38:49:4d:42:d6:86:f8:a9:09:23: 21:19:85:18:0d:12:1c:3d:f6:ba:56:15:1c:79:c9: 87:63:24:0b:32:9e:77:02:73:88:9f:e5:47:79:6a: 2a:f1:9e:b3:34:18:23:44:e8:df:5b:5c:8e:7a:5a: 59:93:32:da:1b:6d:7c:99:38:bb:76:34:4c:55:fe: c6:44:61:bf:51:5b:7a:02:77:fc:c7:9c:e1:d0:f6: 46:df:9d:46:67:e8:c6:bf:9f:ff:eb:c1:16:ca:af: 0f:31:9e:5d:17:26:bf:1e:b3:ba:78:db:85:ec:7f: ca:23:f2:74:ec:1a:8c:15:48:d4:36:af:7d:2a:13: a7:38:0b:2e:bf:b1:68:30:63:a8:85:c7:e3:e0:e6: 33:e5:11:73:18:af:c2:46:2b:69:f2:97:5b:a4:f6: c8:5e:07:bd:02:26:2f:53:80:32:66:f3:97:d4:55: cc:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:B9:D1:56:8F:61:2A:4B:16:5B:A2:48:C2:6B:CA:EB:E3:98:9A:13 X509v3 Authority Key Identifier: keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a333135303a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:3150::/48 Signature Algorithm: sha256WithRSAEncryption 23:72:21:61:1c:e7:7b:3c:a8:4e:ea:04:c4:6f:ce:7b:db:80: 86:44:50:8f:47:39:1a:8d:c6:b8:a2:e3:ae:7d:1f:ee:be:62: 43:1f:10:71:c1:43:3f:bd:6c:f0:4e:5b:08:cc:fd:8b:1d:89: 6e:d3:6f:b0:08:50:ef:0a:48:4e:8d:35:90:c6:36:7c:c3:ae: 1f:55:b6:73:e9:aa:03:d0:90:06:e0:c6:df:cb:27:16:f4:5d: c8:af:b2:ef:c8:6e:9f:c1:5a:03:3f:45:46:f2:33:43:15:6e: ef:18:a7:06:81:83:2d:25:9b:5a:c6:e3:95:0e:45:dc:62:87: 45:81:85:ac:58:dd:0f:12:51:94:cc:70:c8:ee:d8:eb:ca:56: a9:da:f8:20:1e:9f:40:65:07:f4:42:15:16:55:d6:03:e8:aa: be:b8:60:30:6c:61:77:36:b2:91:94:03:bc:e0:98:97:48:9f: bc:68:98:30:74:a4:84:b6:02:61:9f:40:a0:2a:f8:83:6e:6b: 8b:9b:c3:87:bf:3b:ea:e4:f6:38:ff:1b:aa:1d:f6:a3:94:ec: 1a:b7:a5:42:60:2e:6a:cd:40:3e:21:98:4a:87:63:d2:d6:7c: a2:04:42:0a:de:e4:49:a0:04:bd:ce:97:b3:72:f8:74:03:ce: 4d:ff:de:f8 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUQxzBxHTVWRnb/uaL/xZeHbKuINowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky NzI5REVFRTAeFw0yNTA3MDQxMjU1MDJaFw0yNjA3MDMxMzAwMDJaMDMxMTAvBgNV BAMTKEJCQjlEMTU2OEY2MTJBNEIxNjVCQTI0OEMyNkJDQUVCRTM5ODlBMTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiudW1jSNt/d0K9kDIclzVMxXg n4pFgbSfrh1xH5DULpr2xg+muhpKBotOhK8qFqRP5RTSJtNzDRYlsnB+Ja+NSLQz BHDhISH3gXprSKn7OElNQtaG+KkJIyEZhRgNEhw99rpWFRx5yYdjJAsynncCc4if 5Ud5airxnrM0GCNE6N9bXI56WlmTMtobbXyZOLt2NExV/sZEYb9RW3oCd/zHnOHQ 9kbfnUZn6Ma/n//rwRbKrw8xnl0XJr8es7p424Xsf8oj8nTsGowVSNQ2r30qE6c4 Cy6/sWgwY6iFx+Pg5jPlEXMYr8JGK2nyl1uk9sheB70CJi9TgDJm85fUVcyzAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUu7nRVo9hKksWW6JIwmvK6+OYmhMwHwYDVR0j BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5 REVFRS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04 MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzMzMTM1MzAz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTM1MzMzMDM4Mzcucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk BJfAMVAwDQYJKoZIhvcNAQELBQADggEBACNyIWEc53s8qE7qBMRvznvbgIZEUI9H ORqNxrii4659H+6+YkMfEHHBQz+9bPBOWwjM/YsdiW7Tb7AIUO8KSE6NNZDGNnzD rh9VtnPpqgPQkAbgxt/LJxb0Xcivsu/Ibp/BWgM/RUbyM0MVbu8YpwaBgy0lm1rG 45UORdxih0WBhaxY3Q8SUZTMcMju2OvKVqna+CAen0BlB/RCFRZV1gPoqr64YDBs YXc2spGUA7zgmJdIn7xomDB0pIS2AmGfQKAq+INua4ubw4e/O+rk9jj/G6od9qOU 7Bq3pUJgLmrNQD4hmEqHY9LWfKIEQgre5EmgBL3Ol7Ny+HQDzk3/3vg= -----END CERTIFICATE-----Generated at Sun Jul 27 02:00:49 2025 by rpki-client