$ rpki-client -vvf repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/323430323a3738303a3a2f33322d3438203d3e203435373235.roa File: 323430323a3738303a3a2f33322d3438203d3e203435373235.roa (raw, json) Hash identifier: 95U2BXJDC2l18nsj8XM2nUsJ+ABvrMW9ZXaTSbsG2jU= Subject key identifier: 2B:8D:0A:00:C9:28:84:37:29:AA:C7:B5:B6:48:4D:56:47:27:FF:0E Certificate issuer: /CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Certificate serial: 3CB10944EBB707133761215F574D97098BC2056F Authority key identifier: BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject info access: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/323430323a3738303a3a2f33322d3438203d3e203435373235.roa Signing time: Fri 14 Mar 2025 10:00:00 +0000 ROA not before: Fri 14 Mar 2025 09:55:00 +0000 ROA not after: Fri 13 Mar 2026 10:00:00 +0000 asID: 45725 IP address blocks: 2402:780::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 16:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:b1:09:44:eb:b7:07:13:37:61:21:5f:57:4d:97:09:8b:c2:05:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BE7F813F3C6CA289A9CDAC5630975B7627458103 Validity Not Before: Mar 14 09:55:00 2025 GMT Not After : Mar 13 10:00:00 2026 GMT Subject: CN=2B8D0A00C928843729AAC7B5B6484D564727FF0E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c9:18:82:76:59:39:40:ff:e3:c5:83:96:70: c3:c4:fd:d7:23:26:4d:2e:c0:1b:24:b7:4f:e1:ac: 2d:2b:36:81:63:15:9e:88:4d:f8:cb:8e:1d:ef:9b: e5:d1:a9:08:ea:bb:2d:22:a4:f4:19:78:21:b0:ea: 67:47:0c:81:d1:9e:48:9a:2e:a9:71:20:e9:53:69: ac:c8:3c:7b:20:5f:33:58:6d:a2:2f:67:d5:95:34: 83:52:d6:33:cc:1f:b2:d1:c7:52:68:11:07:ae:e6: 88:b8:a0:e5:e5:a5:39:f1:f2:4a:5f:2b:11:b6:18: 63:23:98:db:62:15:f0:a2:8e:4d:33:3f:9f:c9:50: 5d:ff:85:6d:dc:5d:6e:5d:4d:49:23:7b:81:bf:1a: 4f:ba:fe:50:2b:38:0b:2a:15:dc:e8:13:56:ef:32: 89:cd:54:6e:78:46:84:85:43:ad:9f:36:26:ac:c0: 1b:72:5f:f1:9e:85:ff:b3:a1:00:2f:de:d7:62:07: a6:b9:f6:04:a6:88:00:1b:93:7f:3a:c6:64:11:ba: 18:80:7a:ab:84:00:d3:35:b0:bd:c3:2a:49:88:bc: 58:36:9b:1e:af:5a:47:e8:e6:7b:a1:9c:fa:b4:a4: 43:da:42:dc:b0:8f:8f:fe:aa:a9:66:20:c1:07:94: 77:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:8D:0A:00:C9:28:84:37:29:AA:C7:B5:B6:48:4D:56:47:27:FF:0E X509v3 Authority Key Identifier: keyid:BE:7F:81:3F:3C:6C:A2:89:A9:CD:AC:56:30:97:5B:76:27:45:81:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/BE7F813F3C6CA289A9CDAC5630975B7627458103.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BE7F813F3C6CA289A9CDAC5630975B7627458103.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/644216d8-70ce-4908-a72b-ec273f43bbc2/0/323430323a3738303a3a2f33322d3438203d3e203435373235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:780::/32 Signature Algorithm: sha256WithRSAEncryption 00:13:1e:f8:63:bf:6c:27:05:7f:eb:b3:ce:25:11:59:91:35: 7d:f4:f5:81:d3:ab:2f:4f:73:c2:e9:6f:bd:4a:14:b6:76:9e: 77:da:e7:b3:35:42:a4:20:bb:fc:a6:7e:75:fc:32:da:d5:d4: 1f:f3:2b:86:8d:6c:e9:5f:ae:83:fa:f6:39:8c:22:2f:fb:2f: 4c:a1:64:b9:1c:b3:0a:73:03:6b:35:08:35:d1:dc:26:b1:6a: 7b:6b:35:c7:56:5d:bf:4e:93:fe:c2:8f:f0:d0:b1:de:e3:0e: b3:ff:18:77:24:b7:51:ac:5e:17:0b:cc:73:4b:b4:ed:65:65: 76:a4:d9:f7:51:4b:04:18:46:17:b9:57:98:8c:41:c1:2c:c3: 77:b4:ee:94:5f:32:dd:a5:fd:1d:df:97:73:3c:d6:1c:2e:9d: a3:ae:5a:f0:4e:ce:9b:a2:c2:b0:70:ce:bc:6e:c3:a5:ba:6a: f1:a8:41:c3:75:c9:cf:21:e9:d0:28:7b:39:be:6e:b9:3d:36: 7c:ac:68:4f:b4:fe:2a:3c:13:52:c8:cb:27:fa:04:70:26:a4: 21:ab:20:32:b7:81:48:c5:88:0a:5b:48:46:1f:38:93:67:4b: 9c:42:c9:aa:f2:49:4e:58:65:80:f1:09:b2:4a:cb:34:15:db: 55:01:3a:a4 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgIUPLEJROu3BxM3YSFfV02XCYvCBW8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYy NzQ1ODEwMzAeFw0yNTAzMTQwOTU1MDBaFw0yNjAzMTMxMDAwMDBaMDMxMTAvBgNV BAMTKDJCOEQwQTAwQzkyODg0MzcyOUFBQzdCNUI2NDg0RDU2NDcyN0ZGMEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbyRiCdlk5QP/jxYOWcMPE/dcj Jk0uwBskt0/hrC0rNoFjFZ6ITfjLjh3vm+XRqQjquy0ipPQZeCGw6mdHDIHRnkia LqlxIOlTaazIPHsgXzNYbaIvZ9WVNINS1jPMH7LRx1JoEQeu5oi4oOXlpTnx8kpf KxG2GGMjmNtiFfCijk0zP5/JUF3/hW3cXW5dTUkje4G/Gk+6/lArOAsqFdzoE1bv MonNVG54RoSFQ62fNiaswBtyX/Gehf+zoQAv3tdiB6a59gSmiAAbk386xmQRuhiA equEANM1sL3DKkmIvFg2mx6vWkfo5nuhnPq0pEPaQtywj4/+qqlmIMEHlHcdAgMB AAGjggIuMIICKjAdBgNVHQ4EFgQUK40KAMkohDcpqse1tkhNVkcn/w4wHwYDVR0j BBgwFoAUvn+BPzxsoompzaxWMJdbdidFgQMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NDQyMTZkOC03MGNlLTQ5MDgtYTcyYi1lYzI3M2Y0M2JiYzIvMC9CRTdGODEzRjND NkNBMjg5QTlDREFDNTYzMDk3NUI3NjI3NDU4MTAzLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkU3RjgxM0YzQzZDQTI4OUE5Q0RBQzU2MzA5NzVCNzYyNzQ1 ODEwMy5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNjQ0MjE2ZDgtNzBjZS00OTA4LWE3 MmItZWMyNzNmNDNiYmMyLzAvMzIzNDMwMzIzYTM3MzgzMDNhM2EyZjMzMzIyZDM0 MzgyMDNkM2UyMDM0MzUzNzMyMzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH DgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAgeAMA0GCSqGSIb3DQEB CwUAA4IBAQAAEx74Y79sJwV/67POJRFZkTV99PWB06svT3PC6W+9ShS2dp532uez NUKkILv8pn51/DLa1dQf8yuGjWzpX66D+vY5jCIv+y9MoWS5HLMKcwNrNQg10dwm sWp7azXHVl2/TpP+wo/w0LHe4w6z/xh3JLdRrF4XC8xzS7TtZWV2pNn3UUsEGEYX uVeYjEHBLMN3tO6UXzLdpf0d35dzPNYcLp2jrlrwTs6bosKwcM68bsOlumrxqEHD dcnPIenQKHs5vm65PTZ8rGhPtP4qPBNSyMsn+gRwJqQhqyAyt4FIxYgKW0hGHziT Z0ucQsmq8klOWGWA8QmySss0FdtVATqk -----END CERTIFICATE-----Generated at Mon Apr 7 02:22:16 2025 by rpki-client