$ rpki-client -vvf repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a666163653a3a2f34382d3438203d3e20313336303838.roa File: 323430303a643934303a666163653a3a2f34382d3438203d3e20313336303838.roa (raw, json) Hash identifier: yS1IVsiEnwbOnSqpJEXN10El0v2hiAqhJMpyuNOQA9k= Subject key identifier: 1B:D4:DC:0C:7D:A7:04:7C:D7:41:78:49:FC:3E:D0:11:78:5A:04:11 Certificate issuer: /CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F Certificate serial: 5FD3E314AECBC9C89E1C71015FCE841209D4764F Authority key identifier: D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer Subject info access: rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a666163653a3a2f34382d3438203d3e20313336303838.roa Signing time: Sat 17 May 2025 04:00:02 +0000 ROA not before: Sat 17 May 2025 03:55:02 +0000 ROA not after: Sat 16 May 2026 04:00:02 +0000 asID: 136088 IP address blocks: 2400:d940:face::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 05:47:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:d3:e3:14:ae:cb:c9:c8:9e:1c:71:01:5f:ce:84:12:09:d4:76:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F Validity Not Before: May 17 03:55:02 2025 GMT Not After : May 16 04:00:02 2026 GMT Subject: CN=1BD4DC0C7DA7047CD7417849FC3ED011785A0411 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:08:5b:90:0c:71:b7:d5:91:82:1d:19:2b:7e: df:35:22:df:1e:a3:fb:67:77:40:91:37:c7:61:a4: e0:b4:78:13:7f:4c:98:b2:e6:28:5c:a0:71:d9:68: fd:26:86:df:b2:f1:af:0e:2c:58:b9:ee:9a:a2:8e: 24:9d:dc:45:18:02:4e:2d:79:01:86:b8:b4:99:10: 76:bc:f1:2f:9c:a0:35:a6:62:a6:b6:d0:8c:8e:dd: 86:0d:21:92:7c:5b:0d:ff:42:7c:3a:32:27:c3:4f: 30:0e:f3:c2:d5:1b:1e:a9:b0:b3:43:e0:84:73:9d: 61:87:87:3f:3a:c8:92:41:b6:f7:dc:25:97:b6:5e: bf:c3:3c:3c:5d:94:98:2f:58:5e:ea:a0:bb:aa:25: fd:ba:04:3d:26:f0:2b:ae:fd:62:eb:ee:4e:45:c3: 42:29:b5:51:88:f6:c4:9d:c6:2a:0d:9d:44:15:27: 65:02:23:00:ca:5b:20:76:3d:bf:a0:a6:88:ac:60: 35:ff:24:62:df:20:83:6a:12:6f:b4:79:31:a0:df: ed:f3:52:8a:86:05:cc:1f:7a:0e:36:f5:4a:51:15: 4a:85:39:46:f8:c3:46:27:40:52:f4:d2:26:91:64: 43:ff:e1:f7:e0:67:97:48:ca:6e:75:28:af:be:e6: 10:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:D4:DC:0C:7D:A7:04:7C:D7:41:78:49:FC:3E:D0:11:78:5A:04:11 X509v3 Authority Key Identifier: keyid:D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a666163653a3a2f34382d3438203d3e20313336303838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:d940:face::/48 Signature Algorithm: sha256WithRSAEncryption 8a:0c:4a:d3:45:d6:c1:dc:b4:f9:09:1b:62:47:82:cb:bf:4f: 3f:00:97:59:0d:65:23:d2:a9:c6:f5:39:45:c2:f2:d7:9a:ed: 14:12:18:97:9a:7a:f3:aa:a2:4b:f0:67:12:0a:31:ca:9c:0e: a6:3e:03:43:e8:5f:3e:71:50:b8:f5:b1:3e:02:fc:3e:29:55: b0:89:37:06:59:a2:fa:5d:8a:fc:2e:e9:9e:95:c5:00:59:39: 60:ec:5a:51:53:71:58:13:12:de:a6:9c:95:cb:43:01:fd:c1: 4e:b1:1b:46:50:65:49:22:db:0f:82:19:9d:b2:60:22:03:1d: 2a:c0:64:63:93:ca:47:1f:fd:9c:2c:7a:10:ed:a6:b2:92:ae: 82:6f:4b:9f:83:0b:e0:13:6f:67:78:83:41:31:f3:1f:79:d7: 67:3a:50:d9:dd:f3:3c:33:55:ea:43:c9:0d:3c:4b:78:14:6e: bc:a5:38:36:dd:9c:a4:bc:ca:ed:82:83:da:18:9b:e8:6a:74: d6:94:c5:30:7e:fd:82:f4:21:ff:79:77:4e:4e:20:32:da:c3: e8:d8:06:f0:df:87:fb:a2:3f:6a:a3:1d:be:d6:bf:53:df:91: a1:df:53:5a:aa:a0:f9:08:38:48:bd:80:f3:5b:68:d6:dd:90: 13:38:de:e5 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUX9PjFK7LycieHHEBX86EEgnUdk8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhE MEJFOTIzRjAeFw0yNTA1MTcwMzU1MDJaFw0yNjA1MTYwNDAwMDJaMDMxMTAvBgNV BAMTKDFCRDREQzBDN0RBNzA0N0NENzQxNzg0OUZDM0VEMDExNzg1QTA0MTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/CFuQDHG31ZGCHRkrft81It8e o/tnd0CRN8dhpOC0eBN/TJiy5ihcoHHZaP0mht+y8a8OLFi57pqijiSd3EUYAk4t eQGGuLSZEHa88S+coDWmYqa20IyO3YYNIZJ8Ww3/Qnw6MifDTzAO88LVGx6psLND 4IRznWGHhz86yJJBtvfcJZe2Xr/DPDxdlJgvWF7qoLuqJf26BD0m8Cuu/WLr7k5F w0IptVGI9sSdxioNnUQVJ2UCIwDKWyB2Pb+gpoisYDX/JGLfIINqEm+0eTGg3+3z UoqGBcwfeg429UpRFUqFOUb4w0YnQFL00iaRZEP/4ffgZ5dIym51KK++5hBlAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUG9TcDH2nBHzXQXhJ/D7QEXhaBBEwHwYDVR0j BBgwFoAU0/th10akR2fUUY1un9H72NC+kj8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83 M2Y0ZWMxYy05NTM1LTRjYmYtOWM3YS1mZDMyYzgzMGVkYmEvMC9EM0ZCNjFENzQ2 QTQ0NzY3RDQ1MThENkU5RkQxRkJEOEQwQkU5MjNGLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhEMEJF OTIzRi5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05 YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhNjY2MTYzNjUz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM4Mzgucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk ANlA+s4wDQYJKoZIhvcNAQELBQADggEBAIoMStNF1sHctPkJG2JHgsu/Tz8Al1kN ZSPSqcb1OUXC8tea7RQSGJeaevOqokvwZxIKMcqcDqY+A0PoXz5xULj1sT4C/D4p VbCJNwZZovpdivwu6Z6VxQBZOWDsWlFTcVgTEt6mnJXLQwH9wU6xG0ZQZUki2w+C GZ2yYCIDHSrAZGOTykcf/ZwsehDtprKSroJvS5+DC+ATb2d4g0Ex8x9512c6UNnd 8zwzVepDyQ08S3gUbrylODbdnKS8yu2Cg9oYm+hqdNaUxTB+/YL0If95d05OIDLa w+jYBvDfh/uiP2qjHb7Wv1PfkaHfU1qqoPkIOEi9gPNbaNbdkBM43uU= -----END CERTIFICATE-----Generated at Sun Jun 8 07:30:43 2025 by rpki-client