$ rpki-client -vvf repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a31303a3a2f34382d3438203d3e203338353030.roa File: 323430333a323730303a31303a3a2f34382d3438203d3e203338353030.roa (raw, json) Hash identifier: 3E5JAaPCnmY7zISSQ4gI8lzsfCOHDli32AP+3Nlaqx8= Subject key identifier: DC:D6:E8:C9:B4:2D:90:AD:C9:7B:DC:4C:84:2C:BC:1A:E2:E7:54:14 Certificate issuer: /CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Certificate serial: 20F76E2D0CA2320AC872761DCE2280F8584324D3 Authority key identifier: BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a31303a3a2f34382d3438203d3e203338353030.roa Signing time: Mon 02 Jun 2025 02:03:49 +0000 ROA not before: Mon 02 Jun 2025 01:58:49 +0000 ROA not after: Mon 01 Jun 2026 02:03:49 +0000 asID: 38500 IP address blocks: 2403:2700:10::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 16:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:f7:6e:2d:0c:a2:32:0a:c8:72:76:1d:ce:22:80:f8:58:43:24:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Validity Not Before: Jun 2 01:58:49 2025 GMT Not After : Jun 1 02:03:49 2026 GMT Subject: CN=DCD6E8C9B42D90ADC97BDC4C842CBC1AE2E75414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:52:70:d3:15:dc:de:44:2f:78:8f:40:4c:12: 42:e1:0f:90:6e:83:5b:9a:b3:fe:90:bd:49:6e:ba: da:85:9c:66:14:88:b3:c7:8d:97:52:51:6f:4b:ad: 49:f8:dc:1b:ce:65:4c:49:b7:54:65:2a:51:0e:e3: ba:f2:7c:35:04:ab:97:34:bc:f5:a8:78:dd:c2:96: f8:e6:fe:e5:84:fc:f7:6c:55:b7:0c:3d:6f:d1:15: 13:b4:d8:35:ce:ae:e2:0a:69:29:f2:8d:a9:8c:58: d7:c0:1e:50:86:bc:71:8f:32:f6:97:e4:7a:81:05: 55:03:49:75:12:b3:63:24:3d:ed:70:f8:75:3e:1d: 50:d5:c9:03:4e:e3:ef:1e:dd:0a:f9:c8:cc:13:3d: 3c:41:79:68:44:70:14:13:38:a4:c2:41:4d:10:92: d2:d8:47:23:55:48:f9:48:03:91:be:5a:e7:d6:00: 0d:a7:64:79:a6:e6:d3:52:36:2e:08:16:aa:8b:fa: 21:9a:66:95:b5:7e:1a:4f:1b:af:14:9b:df:52:34: 8f:de:93:e4:38:96:38:89:66:f6:c4:62:3f:50:6b: 14:57:b9:49:d6:4c:98:3a:2f:09:87:af:41:1d:0f: e6:98:cb:48:15:2d:f6:5d:2e:63:8e:61:3e:0c:e2: a7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:D6:E8:C9:B4:2D:90:AD:C9:7B:DC:4C:84:2C:BC:1A:E2:E7:54:14 X509v3 Authority Key Identifier: keyid:BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a31303a3a2f34382d3438203d3e203338353030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2700:10::/48 Signature Algorithm: sha256WithRSAEncryption b6:90:e8:fd:f2:b9:4c:1f:aa:70:20:f9:28:b2:83:2f:e5:28: ab:9b:28:f8:7e:99:41:07:46:c4:94:a3:32:81:60:0a:60:83: 04:15:d6:e4:4a:1b:b6:2e:37:af:e3:ad:81:ef:16:e7:8d:ba: a7:d5:f6:15:4f:eb:e6:55:09:8d:f7:3c:2b:d9:b2:dc:50:41: 49:d3:ba:41:2c:4e:ae:46:6a:4a:9b:b3:7b:b9:26:05:7b:e7: 76:7b:1f:5b:a1:9b:a4:fd:93:04:b1:21:4b:a1:b8:81:bc:82: 61:06:92:a1:50:ee:40:1d:c1:2d:69:51:a9:c6:f1:25:c0:a4: 67:44:be:7a:77:2c:50:48:a1:14:a2:e1:47:d8:f2:3d:30:f6: c1:ce:1e:b5:5c:f5:74:dd:df:53:dd:2d:ed:56:f5:de:3a:f4: 25:84:8e:b7:03:76:cc:8d:fc:60:da:f2:49:7c:f2:80:33:a8: c4:7f:f6:28:b5:14:01:6c:3d:f1:af:a2:10:05:b6:33:9d:83: 9f:66:62:00:1b:5c:7f:d7:d5:78:45:54:b9:57:9a:3d:03:52: 71:6e:22:dc:9b:9d:72:59:12:3b:27:2a:36:f3:25:f6:cb:87: de:75:51:04:e8:b1:75:3f:75:d0:93:08:b5:fd:5f:02:d8:a5: c8:ca:d6:0f -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUIPduLQyiMgrIcnYdziKA+FhDJNMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVD RTFEQjFEMDAeFw0yNTA2MDIwMTU4NDlaFw0yNjA2MDEwMjAzNDlaMDMxMTAvBgNV BAMTKERDRDZFOEM5QjQyRDkwQURDOTdCREM0Qzg0MkNCQzFBRTJFNzU0MTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGUnDTFdzeRC94j0BMEkLhD5Bu g1uas/6QvUluutqFnGYUiLPHjZdSUW9LrUn43BvOZUxJt1RlKlEO47ryfDUEq5c0 vPWoeN3Clvjm/uWE/PdsVbcMPW/RFRO02DXOruIKaSnyjamMWNfAHlCGvHGPMvaX 5HqBBVUDSXUSs2MkPe1w+HU+HVDVyQNO4+8e3Qr5yMwTPTxBeWhEcBQTOKTCQU0Q ktLYRyNVSPlIA5G+WufWAA2nZHmm5tNSNi4IFqqL+iGaZpW1fhpPG68Um99SNI/e k+Q4ljiJZvbEYj9QaxRXuUnWTJg6LwmHr0EdD+aYy0gVLfZdLmOOYT4M4qdbAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU3NboybQtkK3Je9xMhCy8GuLnVBQwHwYDVR0j BBgwFoAUuwUpPT6dzQ9K2SYQDBkYhc4dsdAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDQwNjhmMy1hNzViLTQ3NjQtOWU4MC0xZmE1NzI5MjA3ZmMvMC9CQjA1MjkzRDNF OURDRDBGNEFEOTI2MTAwQzE5MTg4NUNFMURCMUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVDRTFE QjFEMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IwNDA2OGYzLWE3NWItNDc2NC05 ZTgwLTFmYTU3MjkyMDdmYy8wLzMyMzQzMDMzM2EzMjM3MzAzMDNhMzEzMDNhM2Ey ZjM0MzgyZDM0MzgyMDNkM2UyMDMzMzgzNTMwMzAucm9hMBgGA1UdIAEB/wQOMAww CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAycAABAw DQYJKoZIhvcNAQELBQADggEBALaQ6P3yuUwfqnAg+Siygy/lKKubKPh+mUEHRsSU ozKBYApggwQV1uRKG7YuN6/jrYHvFueNuqfV9hVP6+ZVCY33PCvZstxQQUnTukEs Tq5Gakqbs3u5JgV753Z7H1uhm6T9kwSxIUuhuIG8gmEGkqFQ7kAdwS1pUanG8SXA pGdEvnp3LFBIoRSi4UfY8j0w9sHOHrVc9XTd31PdLe1W9d469CWEjrcDdsyN/GDa 8kl88oAzqMR/9ii1FAFsPfGvohAFtjOdg59mYgAbXH/X1XhFVLlXmj0DUnFuItyb nXJZEjsnKjbzJfbLh951UQTosXU/ddCTCLX9XwLYpcjK1g8= -----END CERTIFICATE-----Generated at Sat Jun 7 14:02:20 2025 by rpki-client