$ rpki-client -vvf repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa File: 323430333a393063303a3a2f33322d3430203d3e20313430343037.roa (raw, json) Hash identifier: /AD55gQuIXqmhT7jl8XXbRiu7aeneAmR5bk7jupkCNk= Subject key identifier: A2:15:86:79:23:EB:BB:FC:98:DA:DA:D7:3B:83:41:C6:3C:9E:78:E9 Certificate issuer: /CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95 Certificate serial: 6ECB6B77A1C5305B9CC734E0B16B62CABF6D38E7 Authority key identifier: 49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer Subject info access: rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa Signing time: Wed 21 May 2025 16:00:00 +0000 ROA not before: Wed 21 May 2025 15:55:00 +0000 ROA not after: Wed 20 May 2026 16:00:00 +0000 asID: 140407 IP address blocks: 2403:90c0::/32 maxlen: 40 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.crl rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 22:55:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:cb:6b:77:a1:c5:30:5b:9c:c7:34:e0:b1:6b:62:ca:bf:6d:38:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95 Validity Not Before: May 21 15:55:00 2025 GMT Not After : May 20 16:00:00 2026 GMT Subject: CN=A215867923EBBBFC98DADAD73B8341C63C9E78E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:60:37:c3:74:5e:16:17:74:4c:64:90:2e:ab: d1:bb:8e:9d:3b:a0:1b:be:25:2b:a5:76:3d:51:cb: 88:9b:4f:f2:ea:88:03:96:3e:c1:da:3c:73:22:9c: 98:3b:6c:49:9e:4f:53:b4:74:4a:18:3e:85:c0:d1: 23:a4:35:6b:8a:d4:6b:a7:2d:4b:57:71:24:36:6d: 74:1d:63:be:5a:8c:68:61:fe:97:dd:bc:7f:f5:fa: 5a:a5:0d:ec:da:a1:97:5e:44:ad:60:73:e0:28:28: 7f:0e:b1:cf:c5:a7:7a:39:3e:67:de:56:c7:60:e6: 9c:56:27:ee:5b:e0:3f:da:05:ee:b6:3a:32:69:ca: 90:0f:42:67:f8:a6:72:76:e8:a1:9a:35:49:c6:d9: d8:06:c6:cf:5e:97:11:eb:13:bb:9a:47:4d:cc:da: d1:67:44:a4:47:3e:a7:8f:14:b0:ca:0e:8a:e6:e0: b4:05:9c:20:a7:df:10:7f:25:8f:7d:67:36:ea:89: f9:f9:b8:ca:a1:ab:23:d5:4f:3e:a6:7f:68:61:cd: 06:1d:7e:e8:4c:e7:7c:e2:f7:65:83:92:c9:4e:a5: 37:bf:b6:01:73:a6:93:e6:36:0c:65:95:c0:c9:c0: 1f:21:a2:4f:a2:79:75:0a:75:3a:80:07:3c:e5:d3: f1:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:15:86:79:23:EB:BB:FC:98:DA:DA:D7:3B:83:41:C6:3C:9E:78:E9 X509v3 Authority Key Identifier: keyid:49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/323430333a393063303a3a2f33322d3430203d3e20313430343037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:90c0::/32 Signature Algorithm: sha256WithRSAEncryption 18:e2:53:67:64:52:a0:27:fa:a0:82:d4:76:f2:54:66:62:b1: f9:d5:69:44:fd:43:63:22:ce:46:5e:19:7b:2d:31:90:fb:2f: ae:95:63:31:50:85:76:07:be:a4:d4:01:72:f3:2d:02:0a:87: e4:a6:19:71:b7:16:38:87:8c:e5:d3:0c:6b:77:34:e2:d0:ae: 4c:36:74:b5:83:9a:f8:6c:72:b3:10:8e:63:db:68:95:91:43: d7:d5:94:87:ab:bd:4e:ed:ca:67:7b:87:59:df:5d:fb:3d:93: 51:ba:da:36:e3:c0:ed:b3:86:cd:08:ae:08:d7:fc:ca:9b:e9: 32:ad:78:2c:40:44:88:ef:0c:37:7f:4a:d1:0a:d1:df:c6:dc: 27:b3:c5:76:8e:6b:4f:b0:12:72:68:ca:cf:5a:cf:9a:91:5d: b8:aa:38:fb:bd:58:5a:6a:a8:e0:b7:70:e4:cd:a0:64:b6:52: 62:f3:cd:19:cd:c3:96:34:9b:ed:c3:9e:eb:6e:a0:84:78:e9: 67:46:c3:bc:51:71:94:47:c2:0a:c1:e1:93:15:9a:06:b5:09: 6a:86:83:5b:65:37:38:eb:02:40:b8:ce:8d:3c:d1:49:25:92: cd:ef:40:26:5c:d0:a8:c9:44:2e:9b:72:57:18:57:4c:94:30: 8f:4c:3c:ab -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUbstrd6HFMFucxzTgsWtiyr9tOOcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1 QTlEMkY5NTAeFw0yNTA1MjExNTU1MDBaFw0yNjA1MjAxNjAwMDBaMDMxMTAvBgNV BAMTKEEyMTU4Njc5MjNFQkJCRkM5OERBREFENzNCODM0MUM2M0M5RTc4RTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7YDfDdF4WF3RMZJAuq9G7jp07 oBu+JSuldj1Ry4ibT/LqiAOWPsHaPHMinJg7bEmeT1O0dEoYPoXA0SOkNWuK1Gun LUtXcSQ2bXQdY75ajGhh/pfdvH/1+lqlDezaoZdeRK1gc+AoKH8Osc/Fp3o5Pmfe Vsdg5pxWJ+5b4D/aBe62OjJpypAPQmf4pnJ26KGaNUnG2dgGxs9elxHrE7uaR03M 2tFnRKRHPqePFLDKDorm4LQFnCCn3xB/JY99Zzbqifn5uMqhqyPVTz6mf2hhzQYd fuhM53zi92WDkslOpTe/tgFzppPmNgxllcDJwB8hok+ieXUKdTqABzzl0/HVAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUohWGeSPru/yY2trXO4NBxjyeeOkwHwYDVR0j BBgwFoAUSRsOpUQFY76bDxZ9p2wF6FqdL5UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 MjI5NzgxYS04YWM5LTQ0NTItYjI1Zi01NGU3ZWRmN2Q0YTQvMC80OTFCMEVBNTQ0 MDU2M0JFOUIwRjE2N0RBNzZDMDVFODVBOUQyRjk1LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNDkxQjBFQTU0NDA1NjNCRTlCMEYxNjdEQTc2QzA1RTg1QTlE MkY5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyMjk3ODFhLThhYzktNDQ1Mi1i MjVmLTU0ZTdlZGY3ZDRhNC8wLzMyMzQzMDMzM2EzOTMwNjMzMDNhM2EyZjMzMzIy ZDM0MzAyMDNkM2UyMDMxMzQzMDM0MzAzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQDkMAwDQYJKoZI hvcNAQELBQADggEBABjiU2dkUqAn+qCC1HbyVGZisfnVaUT9Q2MizkZeGXstMZD7 L66VYzFQhXYHvqTUAXLzLQIKh+SmGXG3FjiHjOXTDGt3NOLQrkw2dLWDmvhscrMQ jmPbaJWRQ9fVlIervU7tymd7h1nfXfs9k1G62jbjwO2zhs0IrgjX/Mqb6TKteCxA RIjvDDd/StEK0d/G3CezxXaOa0+wEnJoys9az5qRXbiqOPu9WFpqqOC3cOTNoGS2 UmLzzRnNw5Y0m+3DnutuoIR46WdGw7xRcZRHwgrB4ZMVmga1CWqGg1tlNzjrAkC4 zo080Uklks3vQCZc0KjJRC6bclcYV0yUMI9MPKs= -----END CERTIFICATE-----Generated at Sun Jun 8 07:32:22 2025 by rpki-client