$ rpki-client -vvf repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a313a3a2f34382d3438203d3e203338353030.roa File: 323430333a323730303a313a3a2f34382d3438203d3e203338353030.roa (raw, json) Hash identifier: e98j/GnS4Qx/kvETXwDsBan3judrk6fv46l57y5vEAg= Subject key identifier: 04:3D:EB:5B:E8:63:F6:F9:C9:4C:A1:43:BD:0C:EE:47:DE:1E:0D:67 Certificate issuer: /CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Certificate serial: 3FB374134E4D1338BE79FC076EF1542390750FD9 Authority key identifier: BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a313a3a2f34382d3438203d3e203338353030.roa Signing time: Mon 02 Jun 2025 02:03:47 +0000 ROA not before: Mon 02 Jun 2025 01:58:47 +0000 ROA not after: Mon 01 Jun 2026 02:03:47 +0000 asID: 38500 IP address blocks: 2403:2700:1::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 16:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:b3:74:13:4e:4d:13:38:be:79:fc:07:6e:f1:54:23:90:75:0f:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Validity Not Before: Jun 2 01:58:47 2025 GMT Not After : Jun 1 02:03:47 2026 GMT Subject: CN=043DEB5BE863F6F9C94CA143BD0CEE47DE1E0D67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:18:e7:fa:f5:7a:66:67:c6:dd:ab:05:dc:0a: e1:35:40:31:0c:cf:6c:b7:33:62:21:49:f7:02:58: 8b:25:e9:85:1e:3b:27:a5:d5:5e:40:cd:de:c9:39: 09:54:22:f5:6d:78:24:22:2a:ea:46:98:73:8b:93: eb:ec:0f:67:b4:45:df:19:ba:91:9d:ee:2a:cc:2d: fb:8a:bf:6a:76:66:58:4e:b8:d0:e5:97:42:7c:35: c2:d1:4e:79:f5:7f:0e:7c:a8:a9:e2:2a:16:31:6d: fb:5d:ed:07:66:b4:5a:34:7e:43:bb:58:0d:59:4a: 85:45:0b:1a:2d:2b:97:8a:ed:e1:2b:ae:8e:be:65: 05:a2:50:66:95:40:ae:fd:ac:10:22:8d:d8:f1:e6: d6:66:9c:15:f6:70:38:d3:6e:92:a7:a6:ac:5b:0f: 33:db:a4:da:0c:a4:58:91:cd:60:ee:c2:ce:45:da: 46:1e:01:40:8f:aa:41:91:77:b2:3c:4c:81:6b:1a: f9:50:52:64:68:be:bb:ff:e2:18:3c:3e:7a:b3:7a: 1c:5b:62:d2:94:68:ea:66:7b:59:4f:f1:3d:c6:77: ac:47:23:59:24:db:31:e8:71:2a:d1:7f:d0:ac:4f: b5:48:e4:89:49:65:06:22:e6:75:cc:b4:50:cb:2d: 69:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:3D:EB:5B:E8:63:F6:F9:C9:4C:A1:43:BD:0C:EE:47:DE:1E:0D:67 X509v3 Authority Key Identifier: keyid:BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a313a3a2f34382d3438203d3e203338353030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2700:1::/48 Signature Algorithm: sha256WithRSAEncryption 34:9a:7c:30:bb:6b:22:b3:f7:e7:ba:e6:0f:83:be:6f:18:41: 32:6c:37:84:23:22:a9:33:9c:db:8e:23:39:74:30:b9:0c:2c: a7:54:dc:80:4b:95:47:0f:35:e9:cd:cc:09:55:2d:82:c6:52: 7f:50:10:d4:2d:38:2f:a7:55:03:97:e6:03:70:63:83:cb:c6: 72:2c:5a:d2:51:44:8f:55:fe:c1:61:9b:92:9a:8a:24:61:23: b2:5e:96:04:c8:ba:4a:f9:f5:b4:75:83:4d:4e:b5:17:9d:82: cc:51:65:04:da:9e:9d:1c:84:c2:9a:bb:cc:b3:8d:d3:14:4e: 59:a9:6f:9f:7a:6c:d2:00:c5:73:cb:5c:b1:0f:6c:8a:6c:c0: db:98:c9:74:09:a6:ff:24:db:83:29:d3:75:b6:34:31:95:8c: e5:76:50:88:2a:7f:7b:a2:de:d8:d1:82:c7:a9:0a:86:ee:6f: df:de:00:44:b0:f9:de:27:35:d0:5f:4d:53:ef:df:a5:45:21: 05:b7:67:f5:59:e6:01:c0:69:f7:d3:b7:fd:b6:f9:f9:aa:4d: 24:99:c9:dd:76:99:b4:67:d7:15:0a:c5:a0:b6:a3:51:04:32: 84:e1:8b:64:e0:0e:45:20:4b:1b:84:9b:02:11:67:89:f3:10: be:1e:af:48 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUP7N0E05NEzi+efwHbvFUI5B1D9kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVD RTFEQjFEMDAeFw0yNTA2MDIwMTU4NDdaFw0yNjA2MDEwMjAzNDdaMDMxMTAvBgNV BAMTKDA0M0RFQjVCRTg2M0Y2RjlDOTRDQTE0M0JEMENFRTQ3REUxRTBENjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbGOf69XpmZ8bdqwXcCuE1QDEM z2y3M2IhSfcCWIsl6YUeOyel1V5Azd7JOQlUIvVteCQiKupGmHOLk+vsD2e0Rd8Z upGd7irMLfuKv2p2ZlhOuNDll0J8NcLRTnn1fw58qKniKhYxbftd7QdmtFo0fkO7 WA1ZSoVFCxotK5eK7eErro6+ZQWiUGaVQK79rBAijdjx5tZmnBX2cDjTbpKnpqxb DzPbpNoMpFiRzWDuws5F2kYeAUCPqkGRd7I8TIFrGvlQUmRovrv/4hg8Pnqzehxb YtKUaOpme1lP8T3Gd6xHI1kk2zHocSrRf9CsT7VI5IlJZQYi5nXMtFDLLWnDAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUBD3rW+hj9vnJTKFDvQzuR94eDWcwHwYDVR0j BBgwFoAUuwUpPT6dzQ9K2SYQDBkYhc4dsdAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDQwNjhmMy1hNzViLTQ3NjQtOWU4MC0xZmE1NzI5MjA3ZmMvMC9CQjA1MjkzRDNF OURDRDBGNEFEOTI2MTAwQzE5MTg4NUNFMURCMUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVDRTFE QjFEMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IwNDA2OGYzLWE3NWItNDc2NC05 ZTgwLTFmYTU3MjkyMDdmYy8wLzMyMzQzMDMzM2EzMjM3MzAzMDNhMzEzYTNhMmYz NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzUzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAMnAAABMA0G CSqGSIb3DQEBCwUAA4IBAQA0mnwwu2sis/fnuuYPg75vGEEybDeEIyKpM5zbjiM5 dDC5DCynVNyAS5VHDzXpzcwJVS2CxlJ/UBDULTgvp1UDl+YDcGODy8ZyLFrSUUSP Vf7BYZuSmookYSOyXpYEyLpK+fW0dYNNTrUXnYLMUWUE2p6dHITCmrvMs43TFE5Z qW+femzSAMVzy1yxD2yKbMDbmMl0Cab/JNuDKdN1tjQxlYzldlCIKn97ot7Y0YLH qQqG7m/f3gBEsPneJzXQX01T79+lRSEFt2f1WeYBwGn307f9tvn5qk0kmcnddpm0 Z9cVCsWgtqNRBDKE4Ytk4A5FIEsbhJsCEWeJ8xC+Hq9I -----END CERTIFICATE-----Generated at Sat Jun 7 13:50:33 2025 by rpki-client