$ rpki-client -vvf repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a31353a3a2f34382d3438203d3e203538353532.roa File: 323430343a666430303a31353a3a2f34382d3438203d3e203538353532.roa (raw, json) Hash identifier: SsW7Stk+Pp6WTiS6p78gjNoIdctdFnVrTsnyN5/zJw8= Subject key identifier: 9B:A6:57:80:BB:E4:01:17:5F:66:43:51:DA:33:F7:70:0E:79:AD:C4 Certificate issuer: /CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Certificate serial: 7085D2239ACC68B36E19A7E9962FC706A90391D9 Authority key identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a31353a3a2f34382d3438203d3e203538353532.roa Signing time: Fri 31 Oct 2025 06:00:02 +0000 ROA not before: Fri 31 Oct 2025 05:55:02 +0000 ROA not after: Fri 30 Oct 2026 06:00:02 +0000 asID: 58552 IP address blocks: 2404:fd00:15::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 16:31:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:85:d2:23:9a:cc:68:b3:6e:19:a7:e9:96:2f:c7:06:a9:03:91:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Validity Not Before: Oct 31 05:55:02 2025 GMT Not After : Oct 30 06:00:02 2026 GMT Subject: CN=9BA65780BBE401175F664351DA33F7700E79ADC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:4e:f4:f5:e5:ce:e0:dc:60:01:43:14:22:29: 6d:a5:cc:98:1e:bf:11:c9:1e:64:d9:eb:6a:88:72: b0:19:a4:5e:10:39:39:23:a3:8f:bd:95:9b:2f:6b: d7:e2:4d:3b:05:12:a4:fb:f3:5f:2c:46:ee:5e:5f: cc:cf:e4:ca:42:67:a0:b5:a3:7f:82:39:c8:aa:cc: 46:b1:41:bd:ee:a7:da:c7:89:70:af:00:a7:e7:e3: cf:13:b1:b4:24:9f:0d:fb:78:c6:d0:35:8f:30:34: e6:69:42:77:ad:df:2a:11:89:30:8b:46:b6:78:11: 65:22:d5:bc:b5:35:55:ae:b0:6c:fa:3b:47:cc:8c: 36:4e:2e:86:d1:1f:91:3d:08:aa:dc:3d:e0:81:d2: 3e:97:20:fd:e7:63:fc:16:12:cb:da:b9:2a:ac:56: f6:7a:f5:32:94:f8:7f:8c:d3:34:37:14:5e:80:23: d2:12:fd:a7:7a:c8:cf:ae:48:63:c9:15:7f:17:13: 9c:b8:f6:65:40:a8:3d:43:2e:eb:34:37:cf:8a:1d: f4:66:97:bd:96:2e:44:78:63:18:31:c3:17:51:f2: 4b:24:0b:2f:51:94:30:58:41:f1:e1:be:b6:46:3c: 20:22:97:53:8f:dc:95:6f:88:57:42:45:f3:ff:01: 21:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:A6:57:80:BB:E4:01:17:5F:66:43:51:DA:33:F7:70:0E:79:AD:C4 X509v3 Authority Key Identifier: keyid:AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a31353a3a2f34382d3438203d3e203538353532.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:fd00:15::/48 Signature Algorithm: sha256WithRSAEncryption 4d:8c:25:5b:9e:01:ca:db:c3:63:76:83:95:26:fe:37:2f:05: 43:82:bd:28:08:1a:15:ce:dd:3d:1d:fd:47:e9:7e:24:31:33: d1:4a:83:e5:69:89:cb:ce:f8:61:26:fd:78:9e:11:f9:89:fb: 4e:03:4f:98:50:08:aa:e3:fa:64:11:76:7a:3a:90:4f:65:3c: ef:9e:31:62:e6:7e:45:5e:67:32:05:d1:c2:63:57:48:be:94: f1:b0:19:0d:fe:b3:6c:11:9c:d8:37:3d:9b:04:52:e2:81:8c: ae:8c:fa:58:53:7d:09:85:b9:32:61:a1:a1:fc:73:f1:fd:9f: 8b:10:65:b4:42:b5:16:33:cc:ce:7a:fe:38:0b:5b:9d:8b:e7: b0:81:77:23:bb:37:d7:95:27:e9:7d:05:df:36:38:c5:58:46: 9f:5f:b5:54:c9:5d:9d:de:01:80:3d:c3:0b:2d:75:fb:a7:87: f8:fb:8b:8e:41:df:f5:91:8e:57:29:c5:24:36:45:e4:f2:35: f8:0a:0c:97:19:82:85:b8:76:7c:17:f9:94:76:c0:6d:8d:e1: 01:68:e6:ac:0a:ad:45:62:6e:03:da:77:61:12:d5:6b:84:24: e9:d9:5d:c7:7b:fd:09:19:4f:25:43:29:44:cd:20:16:8b:ee: 62:13:d8:c8 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUcIXSI5rMaLNuGafpli/HBqkDkdkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FF NEQ1RkRFNjAeFw0yNTEwMzEwNTU1MDJaFw0yNjEwMzAwNjAwMDJaMDMxMTAvBgNV BAMTKDlCQTY1NzgwQkJFNDAxMTc1RjY2NDM1MURBMzNGNzcwMEU3OUFEQzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLTvT15c7g3GABQxQiKW2lzJge vxHJHmTZ62qIcrAZpF4QOTkjo4+9lZsva9fiTTsFEqT7818sRu5eX8zP5MpCZ6C1 o3+COciqzEaxQb3up9rHiXCvAKfn488TsbQknw37eMbQNY8wNOZpQnet3yoRiTCL RrZ4EWUi1by1NVWusGz6O0fMjDZOLobRH5E9CKrcPeCB0j6XIP3nY/wWEsvauSqs VvZ69TKU+H+M0zQ3FF6AI9IS/ad6yM+uSGPJFX8XE5y49mVAqD1DLus0N8+KHfRm l72WLkR4YxgxwxdR8kskCy9RlDBYQfHhvrZGPCAil1OP3JVviFdCRfP/ASElAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUm6ZXgLvkARdfZkNR2jP3cA55rcQwHwYDVR0j BBgwFoAUr0tY1LFlMLn2kZ2/T1PcOuTV/eYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDIyN2RiZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMC9BRjRCNThENEIx NjUzMEI5RjY5MTlEQkY0RjUzREMzQUU0RDVGREU2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FFNEQ1 RkRFNi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkMjI3ZGJlLTRhMWMtNDBiMC05 NGE2LTc5M2JkYmRhMzc3Ny8wLzMyMzQzMDM0M2E2NjY0MzAzMDNhMzEzNTNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzgzNTM1MzIucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBP0AABUw DQYJKoZIhvcNAQELBQADggEBAE2MJVueAcrbw2N2g5Um/jcvBUOCvSgIGhXO3T0d /UfpfiQxM9FKg+VpicvO+GEm/XieEfmJ+04DT5hQCKrj+mQRdno6kE9lPO+eMWLm fkVeZzIF0cJjV0i+lPGwGQ3+s2wRnNg3PZsEUuKBjK6M+lhTfQmFuTJhoaH8c/H9 n4sQZbRCtRYzzM56/jgLW52L57CBdyO7N9eVJ+l9Bd82OMVYRp9ftVTJXZ3eAYA9 wwstdfunh/j7i45B3/WRjlcpxSQ2ReTyNfgKDJcZgoW4dnwX+ZR2wG2N4QFo5qwK rUVibgPad2ES1WuEJOnZXcd7/QkZTyVDKUTNIBaL7mIT2Mg= -----END CERTIFICATE-----Generated at Tue Nov 4 09:26:09 2025 by rpki-client