$ rpki-client -vvf repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a343030303a3a2f34372d3437203d3e203435313437.roa File: 323430343a633030303a343030303a3a2f34372d3437203d3e203435313437.roa (raw, json) Hash identifier: EDQ5D2FSgG7zQR/HdzAaWxxXA0RXQQ8L/3rdBJCIgsA= Subject key identifier: B0:17:EA:72:F0:86:75:D1:D7:36:26:56:DC:45:84:8E:67:13:7F:1C Certificate issuer: /CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Certificate serial: 0288B97173F1C8F9A66ACB83D434A9717D299083 Authority key identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject info access: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a343030303a3a2f34372d3437203d3e203435313437.roa Signing time: Sun 31 Aug 2025 17:00:00 +0000 ROA not before: Sun 31 Aug 2025 16:55:00 +0000 ROA not after: Sun 30 Aug 2026 17:00:00 +0000 asID: 45147 IP address blocks: 2404:c000:4000::/47 maxlen: 47 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 05:31:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:88:b9:71:73:f1:c8:f9:a6:6a:cb:83:d4:34:a9:71:7d:29:90:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Validity Not Before: Aug 31 16:55:00 2025 GMT Not After : Aug 30 17:00:00 2026 GMT Subject: CN=B017EA72F08675D1D7362656DC45848E67137F1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:0a:f5:a9:4f:5a:b3:07:49:f8:d0:b0:01:24: 33:3e:b3:02:6f:91:f4:0d:be:98:7a:1b:d4:20:b3: 9c:35:98:23:a1:d6:7a:e5:92:81:3d:64:e6:93:92: 6f:c7:8b:97:5d:47:8f:6e:ea:d7:58:74:c0:3e:ba: 19:1a:ec:e2:36:19:68:23:87:c5:3e:25:ea:cd:b5: a3:1d:a7:f1:0e:c6:80:15:81:15:81:e1:34:1e:b7: e3:aa:60:10:7a:18:d0:45:2a:81:50:d8:67:55:42: 6d:7a:d5:5a:c5:00:8b:d1:8c:c7:41:72:23:bf:7e: 5b:ba:13:52:4a:70:ab:bd:3f:95:8e:48:44:1f:0e: ea:27:16:96:e5:8f:36:cd:79:47:87:d4:34:6a:7e: c3:05:08:ca:49:3f:d5:64:00:18:81:29:81:8c:58: f5:f4:72:bf:f7:a0:3c:04:96:c1:a1:a5:71:2e:65: a0:07:db:89:d2:23:8e:1b:12:8d:c1:b0:d9:a5:f7: e8:ea:2d:56:46:e2:5b:43:e2:64:8a:a5:8e:d8:0b: 5a:0c:d3:07:a3:74:3d:04:7d:31:8d:92:17:bb:06: 63:29:a0:08:05:62:59:7a:8b:25:93:2a:4b:47:9d: 7b:a6:95:54:39:1f:e0:af:c8:ae:0b:04:f4:ce:4c: e8:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:17:EA:72:F0:86:75:D1:D7:36:26:56:DC:45:84:8E:67:13:7F:1C X509v3 Authority Key Identifier: keyid:F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/323430343a633030303a343030303a3a2f34372d3437203d3e203435313437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:c000:4000::/47 Signature Algorithm: sha256WithRSAEncryption c4:63:fb:ba:4b:fc:03:a9:34:8c:5e:b6:bb:bd:a4:44:fe:1e: e3:4f:f3:9a:2a:f9:c2:01:4f:52:fb:61:61:a3:42:67:82:d5: 46:95:76:0d:37:72:c3:24:93:bb:51:f0:43:65:6b:16:78:91: 80:bf:26:e4:34:94:0a:fe:68:e8:70:14:77:cb:af:7a:14:32: 62:03:c8:8b:12:72:3b:76:c9:71:9f:cb:ce:aa:b5:54:eb:24: 67:b8:62:2b:bb:d6:0b:6a:63:13:4e:df:0a:99:71:72:98:77: 0f:ba:43:63:da:a8:23:b6:64:fe:49:f6:40:78:73:42:0a:e9: 7b:85:f0:f9:23:a3:ac:e8:a4:36:12:09:c6:95:aa:e8:4b:ae: 5e:59:e2:92:60:90:36:81:17:56:4d:d6:5f:5a:55:ef:7e:06: cf:b5:3e:5c:a8:d8:cf:a5:c0:0b:2c:e7:67:0a:75:06:a7:37: 36:98:5a:92:7c:59:87:70:fa:22:8d:11:14:71:58:06:54:0d: e1:e4:a3:44:86:0c:d4:56:c9:83:65:11:3f:a5:7b:74:f9:00: c7:de:ff:09:84:a8:99:a9:7d:17:3e:05:6e:5e:74:6f:b0:4c: 7e:54:8f:d5:1b:09:e6:06:a4:5f:48:06:c3:ad:c9:76:e6:92: 7c:64:52:fc -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUAoi5cXPxyPmmasuD1DSpcX0pkIMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNE NjdENjUxMTAeFw0yNTA4MzExNjU1MDBaFw0yNjA4MzAxNzAwMDBaMDMxMTAvBgNV BAMTKEIwMTdFQTcyRjA4Njc1RDFENzM2MjY1NkRDNDU4NDhFNjcxMzdGMUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgCvWpT1qzB0n40LABJDM+swJv kfQNvph6G9Qgs5w1mCOh1nrlkoE9ZOaTkm/Hi5ddR49u6tdYdMA+uhka7OI2GWgj h8U+JerNtaMdp/EOxoAVgRWB4TQet+OqYBB6GNBFKoFQ2GdVQm161VrFAIvRjMdB ciO/flu6E1JKcKu9P5WOSEQfDuonFpbljzbNeUeH1DRqfsMFCMpJP9VkABiBKYGM WPX0cr/3oDwElsGhpXEuZaAH24nSI44bEo3BsNml9+jqLVZG4ltD4mSKpY7YC1oM 0wejdD0EfTGNkhe7BmMpoAgFYll6iyWTKktHnXumlVQ5H+CvyK4LBPTOTOjJAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUsBfqcvCGddHXNiZW3EWEjmcTfxwwHwYDVR0j BBgwFoAU85mhoMGP6NvaI84hdeDLI9Z9ZREwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 MzVmN2EyZi03MjVlLTQzOTktODY5YS00YjFmY2YyYzZhMGMvMC9GMzk5QTFBMEMx OEZFOERCREEyM0NFMjE3NUUwQ0IyM0Q2N0Q2NTExLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjM5OUExQTBDMThGRThEQkRBMjNDRTIxNzVFMENCMjNENjdE NjUxMS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNWY3YTJmLTcyNWUtNDM5OS04 NjlhLTRiMWZjZjJjNmEwYy8wLzMyMzQzMDM0M2E2MzMwMzAzMDNhMzQzMDMwMzAz YTNhMmYzNDM3MmQzNDM3MjAzZDNlMjAzNDM1MzEzNDM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBJATA AEAAMA0GCSqGSIb3DQEBCwUAA4IBAQDEY/u6S/wDqTSMXra7vaRE/h7jT/OaKvnC AU9S+2Fho0JngtVGlXYNN3LDJJO7UfBDZWsWeJGAvybkNJQK/mjocBR3y696FDJi A8iLEnI7dslxn8vOqrVU6yRnuGIru9YLamMTTt8KmXFymHcPukNj2qgjtmT+SfZA eHNCCul7hfD5I6Os6KQ2EgnGlaroS65eWeKSYJA2gRdWTdZfWlXvfgbPtT5cqNjP pcALLOdnCnUGpzc2mFqSfFmHcPoijREUcVgGVA3h5KNEhgzUVsmDZRE/pXt0+QDH 3v8JhKiZqX0XPgVuXnRvsEx+VI/VGwnmBqRfSAbDrcl25pJ8ZFL8 -----END CERTIFICATE-----Generated at Mon Sep 8 09:33:24 2025 by rpki-client