$ rpki-client -vvf repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/323430323a326134303a3a2f33322d3438203d3e20313336383733.roa File: 323430323a326134303a3a2f33322d3438203d3e20313336383733.roa (raw, json) Hash identifier: /62nOK71rLN/rA80+Xk3S/HgS8HMB1l9OOKuRpOZFP0= Subject key identifier: BF:54:2D:53:91:DE:3B:99:C7:94:EA:83:AA:4D:AC:63:23:7D:3E:35 Certificate issuer: /CN=69D341364BC344B4ED6B3A65031AACB403AB3222 Certificate serial: 60883B221F4FBC8A941DA78C6AA4386A225D5108 Authority key identifier: 69:D3:41:36:4B:C3:44:B4:ED:6B:3A:65:03:1A:AC:B4:03:AB:32:22 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer Subject info access: rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/323430323a326134303a3a2f33322d3438203d3e20313336383733.roa Signing time: Tue 11 Feb 2025 06:00:02 +0000 ROA not before: Tue 11 Feb 2025 05:55:02 +0000 ROA not after: Tue 10 Feb 2026 06:00:02 +0000 asID: 136873 IP address blocks: 2402:2a40::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.crl rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 11:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:88:3b:22:1f:4f:bc:8a:94:1d:a7:8c:6a:a4:38:6a:22:5d:51:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69D341364BC344B4ED6B3A65031AACB403AB3222 Validity Not Before: Feb 11 05:55:02 2025 GMT Not After : Feb 10 06:00:02 2026 GMT Subject: CN=BF542D5391DE3B99C794EA83AA4DAC63237D3E35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a7:6e:65:37:81:27:08:e8:01:0c:ae:93:de: 0a:7f:5f:85:96:88:f4:6c:d9:98:a8:85:a7:7a:32: 98:8d:cf:dc:11:35:ef:95:cb:56:29:68:c1:bb:c4: 73:60:35:23:b1:59:35:33:53:0b:1d:48:3a:98:c6: a6:55:d5:b2:7d:7c:7e:54:ed:af:ef:bb:55:c1:39: 15:21:97:f7:c2:f8:fc:51:09:c0:68:49:ea:37:82: 35:33:f8:0a:10:2d:8e:5c:50:bc:10:08:92:90:57: 3c:96:df:ad:72:9c:24:f1:7b:8f:b0:0b:61:bb:dd: 66:47:bd:a5:a6:08:0e:ac:43:05:33:0c:eb:2f:69: 6b:fd:8f:8b:73:28:e9:16:6f:e4:db:da:23:97:7b: 66:c3:20:80:45:3f:70:6a:96:89:bd:ba:cc:d0:3c: d3:4a:56:da:fc:a5:8c:a1:11:8e:43:37:f7:f3:31: ba:40:11:0e:f6:20:42:13:10:60:17:db:68:95:cb: 25:b2:c7:3b:4a:29:ce:8d:e3:78:40:e4:70:ae:b5: 0b:6d:22:ef:08:e4:8f:6b:fd:03:79:4b:1c:f1:04: 31:c5:21:5a:0b:48:94:4b:e7:9e:c5:19:e0:d6:b4: 6f:a7:2d:97:48:5c:38:87:62:83:f7:6a:54:cb:04: 69:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:54:2D:53:91:DE:3B:99:C7:94:EA:83:AA:4D:AC:63:23:7D:3E:35 X509v3 Authority Key Identifier: keyid:69:D3:41:36:4B:C3:44:B4:ED:6B:3A:65:03:1A:AC:B4:03:AB:32:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/323430323a326134303a3a2f33322d3438203d3e20313336383733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:2a40::/32 Signature Algorithm: sha256WithRSAEncryption 7f:13:b9:8f:ed:db:c2:27:a7:8a:8a:c8:a9:18:9c:af:f1:a3: 74:65:51:bc:85:24:d8:9a:72:bd:49:fb:5c:a4:e7:e2:ec:4b: bd:ed:da:a6:a4:54:7b:a4:f4:92:e6:26:40:e8:ca:3a:13:f7: ef:e1:b0:32:68:f9:fc:af:23:f8:17:61:fb:d9:00:88:11:dd: 6d:a2:a1:71:63:8a:a9:bc:89:7b:17:30:ef:e4:2c:94:05:c4: 4d:de:de:eb:1c:b9:b0:77:f3:57:e1:5e:46:b5:bb:bb:18:3e: 9b:ff:80:94:3c:c8:ae:c5:73:86:c3:75:90:98:91:23:3d:c7: 12:04:82:22:d8:63:f3:74:f8:21:58:c3:5c:6f:b2:3e:8c:24: ac:7d:4b:b7:09:12:59:71:dc:0c:bd:1b:0c:31:22:32:3f:dc: ad:e6:af:6c:dd:cd:80:30:ec:24:92:96:e6:84:9f:f0:31:fc: 85:10:2d:45:43:33:a1:28:28:3f:7d:5d:28:9d:f1:f3:99:c2: 6f:55:03:6f:4c:af:82:7a:a1:06:d8:76:eb:d5:07:18:78:61: 4a:cd:11:9d:ba:05:f3:56:e9:31:23:55:b6:56:e1:49:2d:ce: cd:33:17:ac:b0:81:3f:30:37:92:a8:c9:81:e4:31:50:63:90: 8e:b7:ae:21 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUYIg7Ih9PvIqUHaeMaqQ4aiJdUQgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjlEMzQxMzY0QkMzNDRCNEVENkIzQTY1MDMxQUFDQjQw M0FCMzIyMjAeFw0yNTAyMTEwNTU1MDJaFw0yNjAyMTAwNjAwMDJaMDMxMTAvBgNV BAMTKEJGNTQyRDUzOTFERTNCOTlDNzk0RUE4M0FBNERBQzYzMjM3RDNFMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8p25lN4EnCOgBDK6T3gp/X4WW iPRs2Ziohad6MpiNz9wRNe+Vy1YpaMG7xHNgNSOxWTUzUwsdSDqYxqZV1bJ9fH5U 7a/vu1XBORUhl/fC+PxRCcBoSeo3gjUz+AoQLY5cULwQCJKQVzyW361ynCTxe4+w C2G73WZHvaWmCA6sQwUzDOsvaWv9j4tzKOkWb+Tb2iOXe2bDIIBFP3Bqlom9uszQ PNNKVtr8pYyhEY5DN/fzMbpAEQ72IEITEGAX22iVyyWyxztKKc6N43hA5HCutQtt Iu8I5I9r/QN5SxzxBDHFIVoLSJRL557FGeDWtG+nLZdIXDiHYoP3alTLBGnzAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUv1QtU5HeO5nHlOqDqk2sYyN9PjUwHwYDVR0j BBgwFoAUadNBNkvDRLTtazplAxqstAOrMiIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82 NTdhNmJjYi05ZWI2LTQ5ZGUtYjk5OC0wYmVkM2M1YzEyNzgvMC82OUQzNDEzNjRC QzM0NEI0RUQ2QjNBNjUwMzFBQUNCNDAzQUIzMjIyLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNjlEMzQxMzY0QkMzNDRCNEVENkIzQTY1MDMxQUFDQjQwM0FC MzIyMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY1N2E2YmNiLTllYjYtNDlkZS1i OTk4LTBiZWQzYzVjMTI3OC8wLzMyMzQzMDMyM2EzMjYxMzQzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzNjM4MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQCKkAwDQYJKoZI hvcNAQELBQADggEBAH8TuY/t28Inp4qKyKkYnK/xo3RlUbyFJNiacr1J+1yk5+Ls S73t2qakVHuk9JLmJkDoyjoT9+/hsDJo+fyvI/gXYfvZAIgR3W2ioXFjiqm8iXsX MO/kLJQFxE3e3uscubB381fhXka1u7sYPpv/gJQ8yK7Fc4bDdZCYkSM9xxIEgiLY Y/N0+CFYw1xvsj6MJKx9S7cJEllx3Ay9GwwxIjI/3K3mr2zdzYAw7CSSluaEn/Ax /IUQLUVDM6EoKD99XSid8fOZwm9VA29Mr4J6oQbYduvVBxh4YUrNEZ26BfNW6TEj VbZW4Uktzs0zF6ywgT8wN5KoyYHkMVBjkI63riE= -----END CERTIFICATE-----Generated at Sun Apr 6 11:10:44 2025 by rpki-client