$ rpki-client -vvf repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3333343a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a3333343a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: LJ44LKDM9Ovqp7HIdQ+WGCgJ/9nkhxs+EQSXrS2ADcc= Subject key identifier: 27:B4:F8:48:BD:B6:70:EE:0B:46:6B:9F:36:90:1A:E0:42:64:DF:43 Certificate issuer: /CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Certificate serial: 278EE02F31BA23B1869168692EE0D6F5A81DEFB0 Authority key identifier: 47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject info access: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3333343a3a2f34382d3438203d3e20313533303837.roa Signing time: Fri 04 Jul 2025 13:00:04 +0000 ROA not before: Fri 04 Jul 2025 12:55:04 +0000 ROA not after: Fri 03 Jul 2026 13:00:04 +0000 asID: 153087 IP address blocks: 2404:97c0:334::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 13:42:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:8e:e0:2f:31:ba:23:b1:86:91:68:69:2e:e0:d6:f5:a8:1d:ef:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=473748B8EB39BEE96F6462C3B53CEA392729DEEE Validity Not Before: Jul 4 12:55:04 2025 GMT Not After : Jul 3 13:00:04 2026 GMT Subject: CN=27B4F848BDB670EE0B466B9F36901AE04264DF43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8f:42:b6:48:01:cc:7f:d9:2c:62:a7:8b:66: 78:7f:16:92:ec:e3:e1:52:39:30:ac:06:c7:84:f0: 18:6e:89:22:83:db:7f:84:25:a1:3d:80:89:74:c4: f6:05:fe:a0:22:c5:c6:63:dd:0b:ef:90:b0:05:ee: d0:68:18:ca:99:5f:eb:de:0c:8a:dd:21:9e:43:e9: fa:b9:e1:c4:cb:dd:e5:e5:c6:9e:6b:54:3a:a5:6a: 56:20:3e:fa:e4:fb:ee:ec:37:1c:1a:2d:d6:8f:6f: 47:22:aa:75:74:8b:f4:e3:34:aa:c3:e2:e7:29:fd: 72:26:f1:7a:66:08:11:fb:4e:cc:49:46:fe:e8:b0: 0e:d0:65:a0:ae:c4:39:65:38:aa:c5:69:23:e5:4d: df:20:e6:f1:13:09:76:27:be:c7:07:b6:bd:49:32: 9f:ad:30:6b:fe:a7:ec:08:06:24:9c:5a:d5:38:9e: e8:3c:ef:37:5a:14:5a:62:5d:c0:ac:a0:1c:7e:bb: 3d:80:af:25:a6:ea:11:c9:79:37:24:5e:f5:d1:c9: ab:af:b8:cb:61:ce:20:09:83:66:10:fd:b6:b6:f9: 1a:4c:3f:d8:62:d8:a1:11:79:ca:38:4c:12:5e:5c: a3:cb:34:3e:3f:2d:17:92:10:df:6b:07:2d:3e:79: 3a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:B4:F8:48:BD:B6:70:EE:0B:46:6B:9F:36:90:1A:E0:42:64:DF:43 X509v3 Authority Key Identifier: keyid:47:37:48:B8:EB:39:BE:E9:6F:64:62:C3:B5:3C:EA:39:27:29:DE:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/473748B8EB39BEE96F6462C3B53CEA392729DEEE.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/473748B8EB39BEE96F6462C3B53CEA392729DEEE.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0654a8c3-30c8-4957-8291-a0c1f9b1839e/0/323430343a393763303a3333343a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:334::/48 Signature Algorithm: sha256WithRSAEncryption 88:a6:41:f8:d6:40:e2:1a:0b:b8:a1:92:73:05:2a:22:9b:6f: b6:64:e3:f4:94:07:82:d2:88:03:4c:d1:b9:40:02:a9:01:d3: 73:6d:e6:16:65:e0:64:b6:77:26:2d:5b:d0:5e:64:6d:13:bf: f0:63:96:57:5f:95:19:95:6b:8f:9b:01:61:30:cb:58:67:7f: b2:99:08:42:79:f9:a7:b8:e9:40:76:9d:3e:10:f4:34:5f:26: 36:7f:86:2e:1c:d2:42:61:70:ac:42:fa:64:21:61:c0:76:fe: 27:82:a1:60:dc:01:c5:78:08:5f:53:ce:16:02:10:ef:76:9a: 34:d6:8d:8e:6e:cf:d0:51:80:21:ea:ec:ce:86:f3:20:ce:1c: 55:32:a5:30:c3:f2:31:89:79:ed:f4:24:07:6c:58:eb:0e:75: 7e:5c:ac:11:7a:fb:33:32:64:1a:bb:a8:3e:b9:52:e5:2e:89: bb:a5:3b:12:b2:1e:0e:f1:71:5f:64:e4:36:4d:cb:02:9f:d5: 85:fa:68:80:2e:f7:f4:73:96:91:5f:c2:ae:b7:20:62:5b:86: ab:e6:01:5b:5f:99:4b:78:1f:e1:14:ca:82:46:1a:28:96:90: f9:ce:69:3e:d1:16:27:e0:26:84:07:f9:4b:fc:03:40:43:3f: 8b:8d:69:6d -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUJ47gLzG6I7GGkWhpLuDW9agd77AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzky NzI5REVFRTAeFw0yNTA3MDQxMjU1MDRaFw0yNjA3MDMxMzAwMDRaMDMxMTAvBgNV BAMTKDI3QjRGODQ4QkRCNjcwRUUwQjQ2NkI5RjM2OTAxQUUwNDI2NERGNDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6j0K2SAHMf9ksYqeLZnh/FpLs 4+FSOTCsBseE8BhuiSKD23+EJaE9gIl0xPYF/qAixcZj3QvvkLAF7tBoGMqZX+ve DIrdIZ5D6fq54cTL3eXlxp5rVDqlalYgPvrk++7sNxwaLdaPb0ciqnV0i/TjNKrD 4ucp/XIm8XpmCBH7TsxJRv7osA7QZaCuxDllOKrFaSPlTd8g5vETCXYnvscHtr1J Mp+tMGv+p+wIBiScWtU4nug87zdaFFpiXcCsoBx+uz2AryWm6hHJeTckXvXRyauv uMthziAJg2YQ/ba2+RpMP9hi2KEReco4TBJeXKPLND4/LReSEN9rBy0+eTqTAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUJ7T4SL22cO4LRmufNpAa4EJk30MwHwYDVR0j BBgwFoAURzdIuOs5vulvZGLDtTzqOScp3u4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w NjU0YThjMy0zMGM4LTQ5NTctODI5MS1hMGMxZjliMTgzOWUvMC80NzM3NDhCOEVC MzlCRUU5NkY2NDYyQzNCNTNDRUEzOTI3MjlERUVFLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDczNzQ4QjhFQjM5QkVFOTZGNjQ2MkMzQjUzQ0VBMzkyNzI5 REVFRS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA2NTRhOGMzLTMwYzgtNDk1Ny04 MjkxLWEwYzFmOWIxODM5ZS8wLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzMzMzM0M2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzAzODM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJASX wAM0MA0GCSqGSIb3DQEBCwUAA4IBAQCIpkH41kDiGgu4oZJzBSoim2+2ZOP0lAeC 0ogDTNG5QAKpAdNzbeYWZeBktncmLVvQXmRtE7/wY5ZXX5UZlWuPmwFhMMtYZ3+y mQhCefmnuOlAdp0+EPQ0XyY2f4YuHNJCYXCsQvpkIWHAdv4ngqFg3AHFeAhfU84W AhDvdpo01o2Obs/QUYAh6uzOhvMgzhxVMqUww/IxiXnt9CQHbFjrDnV+XKwRevsz MmQau6g+uVLlLom7pTsSsh4O8XFfZOQ2TcsCn9WF+miALvf0c5aRX8KutyBiW4ar 5gFbX5lLeB/hFMqCRhoolpD5zmk+0RYn4CaEB/lL/ANAQz+LjWlt -----END CERTIFICATE-----Generated at Sun Jul 27 01:59:59 2025 by rpki-client