$ rpki-client -vvf repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a32373a3a2f34382d3438203d3e203536323436.roa File: 323430343a666430303a32373a3a2f34382d3438203d3e203536323436.roa (raw, json) Hash identifier: PpV4p7DD61W0QJBMj8DrGd+dL0c4IHxoGvV1jAsWWl4= Subject key identifier: 66:8A:C7:2B:41:BA:72:5B:5F:C0:66:1E:A3:CA:73:32:48:92:6E:F7 Certificate issuer: /CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Certificate serial: 203D96E7AADEB09B5171D6B1C8F63E07899ECB95 Authority key identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject info access: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a32373a3a2f34382d3438203d3e203536323436.roa Signing time: Mon 08 Sep 2025 04:00:00 +0000 ROA not before: Mon 08 Sep 2025 03:55:00 +0000 ROA not after: Mon 07 Sep 2026 04:00:00 +0000 asID: 56246 IP address blocks: 2404:fd00:27::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 11 Sep 2025 12:12:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:3d:96:e7:aa:de:b0:9b:51:71:d6:b1:c8:f6:3e:07:89:9e:cb:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Validity Not Before: Sep 8 03:55:00 2025 GMT Not After : Sep 7 04:00:00 2026 GMT Subject: CN=668AC72B41BA725B5FC0661EA3CA733248926EF7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:d1:07:20:71:d9:53:cf:64:33:e4:32:2d:4d: bf:20:01:c2:c1:16:98:b2:61:dc:6f:43:6e:30:65: 85:4f:a4:d0:80:c3:2a:77:0d:18:d2:d5:d8:aa:6a: de:59:a1:d5:ff:d4:cf:2d:f0:23:69:0a:7b:52:3a: c7:f5:23:4e:a6:51:2d:14:1d:fc:fe:3f:bc:62:4c: d7:7a:63:3b:c9:57:c6:6b:af:93:a1:c7:05:aa:dc: 1c:97:75:b7:b4:68:e7:04:30:43:57:11:95:9e:2c: dc:14:00:34:13:24:5e:81:bd:03:2e:e0:25:0f:84: 85:4c:11:bb:81:cc:fa:dd:5d:4b:f7:de:ee:c7:75: 29:32:b0:fb:8e:cd:c7:db:6a:94:09:5f:bf:e2:e0: de:57:5f:dc:c2:2c:d2:95:6e:06:19:33:14:84:c9: 40:b1:5b:8b:bc:c1:b6:4d:20:a7:69:29:29:01:99: 64:bc:d6:69:f0:a7:b1:c2:5e:a8:5c:66:c1:7a:54: 4d:f0:d0:72:fa:57:2e:16:d3:4f:2c:b3:e6:94:34: 88:2d:64:55:f3:37:ba:6b:9c:61:e5:18:27:54:09: 10:ba:55:90:97:80:cd:d0:66:ad:8d:66:0b:1f:83: 4e:44:e9:be:00:49:0e:6f:33:92:95:47:83:4e:75: 0e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:8A:C7:2B:41:BA:72:5B:5F:C0:66:1E:A3:CA:73:32:48:92:6E:F7 X509v3 Authority Key Identifier: keyid:AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/323430343a666430303a32373a3a2f34382d3438203d3e203536323436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:fd00:27::/48 Signature Algorithm: sha256WithRSAEncryption 09:7c:62:d1:30:82:2b:fa:1a:9b:a7:b8:d9:9e:45:98:73:6f: e3:b4:43:d5:39:1c:e5:9b:d5:27:84:81:b8:f7:13:1f:54:b3: a9:c6:d2:e8:08:e7:12:b0:11:94:8b:66:44:07:57:e0:6d:6d: 2b:2e:95:32:e8:17:91:25:83:c9:8e:09:e6:19:98:07:e3:97: c0:3d:0c:65:2f:c0:99:0c:6a:4a:cf:bc:b4:96:d7:c1:81:92: 66:6e:90:bb:d9:01:71:16:60:3b:e6:36:10:9a:04:20:92:18: 1c:80:90:a6:4a:e4:2b:65:99:fa:b7:3f:fe:23:fc:ef:e7:86: 7b:19:08:41:17:4c:07:2f:8b:2e:56:9c:88:d4:13:a8:a5:87: ce:ce:9d:a7:01:6c:ac:22:6f:55:8d:b5:e0:8a:de:fc:03:2a: 1f:ca:25:94:55:ce:33:bb:21:0c:42:23:cf:d7:c1:06:91:c0: 97:9f:b1:08:75:30:26:12:dc:56:21:d0:d4:2b:bf:56:f0:6c: d5:dd:df:08:dd:42:03:8a:d1:0e:13:8b:90:52:36:8f:0f:89: 90:d3:2f:29:e9:76:93:8d:35:3e:35:d7:c7:63:de:60:97:45: 1a:f2:3f:1d:97:35:b6:12:7e:ec:49:2f:a4:73:a5:ca:15:63: f8:4f:fa:1c -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUID2W56resJtRcdaxyPY+B4mey5UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FF NEQ1RkRFNjAeFw0yNTA5MDgwMzU1MDBaFw0yNjA5MDcwNDAwMDBaMDMxMTAvBgNV BAMTKDY2OEFDNzJCNDFCQTcyNUI1RkMwNjYxRUEzQ0E3MzMyNDg5MjZFRjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp0QcgcdlTz2Qz5DItTb8gAcLB FpiyYdxvQ24wZYVPpNCAwyp3DRjS1diqat5ZodX/1M8t8CNpCntSOsf1I06mUS0U Hfz+P7xiTNd6YzvJV8Zrr5OhxwWq3ByXdbe0aOcEMENXEZWeLNwUADQTJF6BvQMu 4CUPhIVMEbuBzPrdXUv33u7HdSkysPuOzcfbapQJX7/i4N5XX9zCLNKVbgYZMxSE yUCxW4u8wbZNIKdpKSkBmWS81mnwp7HCXqhcZsF6VE3w0HL6Vy4W008ss+aUNIgt ZFXzN7prnGHlGCdUCRC6VZCXgM3QZq2NZgsfg05E6b4ASQ5vM5KVR4NOdQ7fAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUZorHK0G6cltfwGYeo8pzMkiSbvcwHwYDVR0j BBgwFoAUr0tY1LFlMLn2kZ2/T1PcOuTV/eYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81 ZDIyN2RiZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMC9BRjRCNThENEIx NjUzMEI5RjY5MTlEQkY0RjUzREMzQUU0RDVGREU2LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQUY0QjU4RDRCMTY1MzBCOUY2OTE5REJGNEY1M0RDM0FFNEQ1 RkRFNi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkMjI3ZGJlLTRhMWMtNDBiMC05 NGE2LTc5M2JkYmRhMzc3Ny8wLzMyMzQzMDM0M2E2NjY0MzAzMDNhMzIzNzNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzYzMjM0MzYucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBP0AACcw DQYJKoZIhvcNAQELBQADggEBAAl8YtEwgiv6GpunuNmeRZhzb+O0Q9U5HOWb1SeE gbj3Ex9Us6nG0ugI5xKwEZSLZkQHV+BtbSsulTLoF5Elg8mOCeYZmAfjl8A9DGUv wJkMakrPvLSW18GBkmZukLvZAXEWYDvmNhCaBCCSGByAkKZK5Ctlmfq3P/4j/O/n hnsZCEEXTAcviy5WnIjUE6ilh87OnacBbKwib1WNteCK3vwDKh/KJZRVzjO7IQxC I8/XwQaRwJefsQh1MCYS3FYh0NQrv1bwbNXd3wjdQgOK0Q4Ti5BSNo8PiZDTLynp dpONNT4118dj3mCXRRryPx2XNbYSfuxJL6RzpcoVY/hP+hw= -----END CERTIFICATE-----Generated at Mon Sep 8 09:35:57 2025 by rpki-client