$ rpki-client -vvf repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/323030313a6466363a313830303a3a2f34382d3438203d3e20313331373535.roa File: 323030313a6466363a313830303a3a2f34382d3438203d3e20313331373535.roa (raw, json) Hash identifier: ngwq27xsuytU4jFUyyS/sbzfhiUNRTARsL/0hbNcALM= Subject key identifier: FD:5A:14:4B:67:31:02:97:3C:35:68:8B:EE:50:FF:9F:9B:AE:DB:84 Certificate issuer: /CN=DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB Certificate serial: 5A079C11E70D5ECD686BC99E0333721D2861F299 Authority key identifier: DC:34:C8:B5:F4:38:B8:D4:CB:13:F2:45:1A:D1:F0:95:5E:5F:7F:BB Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.cer Subject info access: rsync://repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/323030313a6466363a313830303a3a2f34382d3438203d3e20313331373535.roa Signing time: Thu 28 Aug 2025 08:00:00 +0000 ROA not before: Thu 28 Aug 2025 07:55:00 +0000 ROA not after: Thu 27 Aug 2026 08:00:00 +0000 asID: 131755 IP address blocks: 2001:df6:1800::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.crl rsync://repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Sep 2025 17:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:07:9c:11:e7:0d:5e:cd:68:6b:c9:9e:03:33:72:1d:28:61:f2:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB Validity Not Before: Aug 28 07:55:00 2025 GMT Not After : Aug 27 08:00:00 2026 GMT Subject: CN=FD5A144B673102973C35688BEE50FF9F9BAEDB84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0f:2d:48:65:24:bb:48:4a:5d:29:5a:43:39: 97:64:55:52:24:16:2b:c9:2a:60:fe:22:7b:52:53: 32:17:f5:ad:26:f3:0a:3a:76:55:72:f7:ee:52:84: 79:f8:f2:14:d0:e6:c9:32:8a:fd:0e:f0:7b:00:5c: 30:a9:d2:84:d8:13:ad:f0:c1:32:ad:e5:14:a5:0e: 49:50:f0:b0:e0:70:6a:e1:6a:92:2d:ba:bf:10:3c: 67:55:78:14:79:e5:1f:e0:e8:3c:59:28:0f:67:5f: bc:7b:80:2a:10:23:d1:ba:3f:cc:92:55:e4:68:81: 3a:a3:4f:78:5c:20:91:88:99:a2:b6:80:ea:80:53: b4:74:15:69:84:f9:c0:d4:0a:92:cc:c7:32:b3:60: 58:b6:2d:41:0a:4b:9c:f3:33:5b:0f:c3:6a:ea:e3: 81:fe:26:5c:91:0e:fa:d3:20:9d:df:29:a2:c4:76: 4b:c5:0b:40:d9:57:2a:bf:ed:6e:47:4f:cf:4a:99: 58:ef:3f:fe:e2:6e:52:60:fc:2f:17:80:55:07:98: 99:d9:91:30:2c:5e:72:a5:81:ac:42:4a:c6:9e:71: 1a:34:2f:ad:8d:14:c0:d7:d4:4b:6d:1f:fe:7b:fc: 66:bf:ba:bb:9f:57:18:0d:9b:fc:a9:e3:6f:2e:9d: 2b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:5A:14:4B:67:31:02:97:3C:35:68:8B:EE:50:FF:9F:9B:AE:DB:84 X509v3 Authority Key Identifier: keyid:DC:34:C8:B5:F4:38:B8:D4:CB:13:F2:45:1A:D1:F0:95:5E:5F:7F:BB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/DC34C8B5F438B8D4CB13F2451AD1F0955E5F7FBB.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2a8f0435-4d38-47ef-850f-51ba4617fb3d/0/323030313a6466363a313830303a3a2f34382d3438203d3e20313331373535.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:1800::/48 Signature Algorithm: sha256WithRSAEncryption 0d:e1:cd:94:65:65:83:e0:9a:6b:bb:3d:73:0f:29:71:e4:58: 08:6f:4e:27:30:80:40:6c:f9:50:ac:ad:85:59:bd:54:22:b1: 74:16:ac:29:95:73:fb:11:3a:e0:59:eb:74:58:c4:a9:e7:03: 44:a7:ee:2d:64:d5:f7:a2:ed:17:eb:7f:22:35:73:f0:ec:b7: 30:4a:44:3c:f4:3a:ab:10:b3:ee:44:d6:27:c7:e3:ac:a4:9b: 00:56:0f:9a:23:66:1c:40:63:4f:84:2d:a6:07:89:66:c1:f9: c6:cf:96:9e:b5:4d:2f:d5:03:79:3f:71:5c:29:cc:ff:29:14: 33:91:0e:26:05:c0:05:36:0c:e4:63:34:0b:c0:bd:96:b4:ac: 3d:4e:f8:7b:c7:9e:37:85:a6:3b:64:31:38:04:b9:69:76:dd: 45:f5:b8:bc:44:10:3c:1e:f4:af:10:0a:b7:5c:aa:41:9a:34: e5:87:d7:c2:10:6d:30:bf:eb:41:2e:cf:23:b9:16:d4:b8:11: c0:07:6d:01:82:9a:9e:1b:df:45:66:45:f6:c5:e7:ef:20:12: af:89:d8:09:be:ca:3d:6a:f8:7d:c9:6d:89:3a:91:41:3a:79: 81:ec:e1:83:ff:00:e4:10:28:8d:f7:36:57:ec:f3:d0:52:19: d4:dd:ad:9b -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUWgecEecNXs1oa8meAzNyHShh8pkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoREMzNEM4QjVGNDM4QjhENENCMTNGMjQ1MUFEMUYwOTU1 RTVGN0ZCQjAeFw0yNTA4MjgwNzU1MDBaFw0yNjA4MjcwODAwMDBaMDMxMTAvBgNV BAMTKEZENUExNDRCNjczMTAyOTczQzM1Njg4QkVFNTBGRjlGOUJBRURCODQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyDy1IZSS7SEpdKVpDOZdkVVIk FivJKmD+IntSUzIX9a0m8wo6dlVy9+5ShHn48hTQ5skyiv0O8HsAXDCp0oTYE63w wTKt5RSlDklQ8LDgcGrhapItur8QPGdVeBR55R/g6DxZKA9nX7x7gCoQI9G6P8yS VeRogTqjT3hcIJGImaK2gOqAU7R0FWmE+cDUCpLMxzKzYFi2LUEKS5zzM1sPw2rq 44H+JlyRDvrTIJ3fKaLEdkvFC0DZVyq/7W5HT89KmVjvP/7iblJg/C8XgFUHmJnZ kTAsXnKlgaxCSsaecRo0L62NFMDX1EttH/57/Ga/urufVxgNm/yp428unStFAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU/VoUS2cxApc8NWiL7lD/n5uu24QwHwYDVR0j BBgwFoAU3DTItfQ4uNTLE/JFGtHwlV5ff7swDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y YThmMDQzNS00ZDM4LTQ3ZWYtODUwZi01MWJhNDYxN2ZiM2QvMC9EQzM0QzhCNUY0 MzhCOEQ0Q0IxM0YyNDUxQUQxRjA5NTVFNUY3RkJCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvREMzNEM4QjVGNDM4QjhENENCMTNGMjQ1MUFEMUYwOTU1RTVG N0ZCQi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJhOGYwNDM1LTRkMzgtNDdlZi04 NTBmLTUxYmE0NjE3ZmIzZC8wLzMyMzAzMDMxM2E2NDY2MzYzYTMxMzgzMDMwM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMxMzczNTM1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN 9hgAMA0GCSqGSIb3DQEBCwUAA4IBAQAN4c2UZWWD4Jpruz1zDylx5FgIb04nMIBA bPlQrK2FWb1UIrF0FqwplXP7ETrgWet0WMSp5wNEp+4tZNX3ou0X638iNXPw7Lcw SkQ89DqrELPuRNYnx+OspJsAVg+aI2YcQGNPhC2mB4lmwfnGz5aetU0v1QN5P3Fc Kcz/KRQzkQ4mBcAFNgzkYzQLwL2WtKw9Tvh7x543haY7ZDE4BLlpdt1F9bi8RBA8 HvSvEAq3XKpBmjTlh9fCEG0wv+tBLs8juRbUuBHAB20BgpqeG99FZkX2xefvIBKv idgJvso9avh9yW2JOpFBOnmB7OGD/wDkECiN9zZX7PPQUhnU3a2b -----END CERTIFICATE-----Generated at Mon Sep 8 10:35:27 2025 by rpki-client