$ rpki-client -vvf repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a343030303a3a2f34382d3438203d3e203338353030.roa File: 323430333a323730303a343030303a3a2f34382d3438203d3e203338353030.roa (raw, json) Hash identifier: j8bdRIZx+6qyB9G1jeoDSrbJdadjDRQ67ND37zYlpko= Subject key identifier: DA:6C:C6:34:6A:58:15:5B:35:A0:62:75:8B:14:BF:A1:95:6B:C9:CE Certificate issuer: /CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Certificate serial: 01CA3B30C6F3540817672C2A05439ED6B4F6D0FD Authority key identifier: BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject info access: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a343030303a3a2f34382d3438203d3e203338353030.roa Signing time: Mon 02 Jun 2025 02:03:50 +0000 ROA not before: Mon 02 Jun 2025 01:58:50 +0000 ROA not after: Mon 01 Jun 2026 02:03:50 +0000 asID: 38500 IP address blocks: 2403:2700:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 16:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ca:3b:30:c6:f3:54:08:17:67:2c:2a:05:43:9e:d6:b4:f6:d0:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BB05293D3E9DCD0F4AD926100C191885CE1DB1D0 Validity Not Before: Jun 2 01:58:50 2025 GMT Not After : Jun 1 02:03:50 2026 GMT Subject: CN=DA6CC6346A58155B35A062758B14BFA1956BC9CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:67:c5:c8:93:b6:8a:38:96:21:c6:98:68:01: 1f:c8:ab:3d:18:d7:f8:2e:7f:c8:0f:69:b4:cb:92: 84:24:70:93:4d:f1:ab:9b:af:05:1f:d1:57:8f:c1: 02:98:8b:96:0c:d1:01:95:c8:8f:54:f2:30:b8:11: 06:01:87:20:89:e1:4c:13:9f:f7:5d:70:21:6a:e3: c4:2c:5a:6a:68:db:7e:83:7f:77:e2:37:b3:98:ec: f4:93:fd:63:9f:20:70:58:dd:4b:d1:95:9d:76:db: a5:3f:9e:ca:72:84:37:1b:fb:34:84:2e:be:16:1b: f9:ea:0f:81:94:91:ca:a9:c9:c9:e9:eb:24:3f:d5: 65:8b:9a:06:29:89:aa:02:81:1f:d3:6b:32:22:fb: 5e:02:a4:fe:0a:72:bb:f1:ff:17:e1:d6:7c:74:7a: 34:e2:f1:9c:cc:8c:4b:88:cd:01:a4:ff:fb:b8:83: dd:0c:ae:19:60:d3:40:83:45:cd:7f:e8:64:80:05: d0:82:7a:59:52:9d:73:d4:dd:37:e4:27:03:14:55: 27:52:5c:c2:59:91:84:48:74:22:a1:3f:92:80:17: 3a:94:48:d5:16:da:1f:ab:8a:e1:19:05:5e:90:01: 99:19:d5:d9:57:2c:73:94:72:43:72:14:63:e0:db: 2f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:6C:C6:34:6A:58:15:5B:35:A0:62:75:8B:14:BF:A1:95:6B:C9:CE X509v3 Authority Key Identifier: keyid:BB:05:29:3D:3E:9D:CD:0F:4A:D9:26:10:0C:19:18:85:CE:1D:B1:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BB05293D3E9DCD0F4AD926100C191885CE1DB1D0.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b04068f3-a75b-4764-9e80-1fa5729207fc/0/323430333a323730303a343030303a3a2f34382d3438203d3e203338353030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:2700:4000::/48 Signature Algorithm: sha256WithRSAEncryption 4c:14:28:3e:69:59:46:1a:1a:b2:49:d7:72:d6:81:b9:4c:7f: 1e:18:49:92:1b:a9:3c:59:b5:c8:da:1d:b5:41:d8:54:e4:79: cd:a1:25:e3:bf:01:40:49:f7:22:90:4b:f3:00:ad:0b:97:de: ad:e4:9e:fc:4f:b1:99:5a:44:9d:e8:cd:8e:c4:da:f0:13:3d: 1c:c0:e9:46:56:f2:10:03:89:be:10:3f:89:6e:82:c5:86:6b: 99:b6:0f:12:ec:78:c9:e0:c3:68:28:e6:e1:53:5d:d5:bb:6a: 87:92:a7:02:af:9d:8d:82:c8:bd:ee:a6:8d:df:ce:61:da:5a: fc:1b:cf:0a:2e:35:01:29:34:64:4a:fc:4b:43:3e:41:27:1e: 45:9e:3b:27:03:f7:29:bb:b6:5a:e4:79:68:6c:7a:0b:85:69: 7e:ca:84:02:07:5b:18:40:32:ab:1e:33:7d:ae:90:44:34:9c: 43:4c:74:80:94:a6:95:be:b0:21:4d:9e:55:91:2b:d7:63:c2: 83:37:56:a4:03:d6:14:1b:1d:fe:97:83:17:97:68:3c:c1:bb: 3d:18:a1:02:53:8f:96:87:b0:3b:08:5c:59:83:10:b4:42:bf: 48:7c:0e:82:c6:a0:d4:70:a7:b7:e9:19:6a:7f:9a:64:42:89: 26:90:f0:85 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUAco7MMbzVAgXZywqBUOe1rT20P0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVD RTFEQjFEMDAeFw0yNTA2MDIwMTU4NTBaFw0yNjA2MDEwMjAzNTBaMDMxMTAvBgNV BAMTKERBNkNDNjM0NkE1ODE1NUIzNUEwNjI3NThCMTRCRkExOTU2QkM5Q0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Z8XIk7aKOJYhxphoAR/Iqz0Y 1/guf8gPabTLkoQkcJNN8aubrwUf0VePwQKYi5YM0QGVyI9U8jC4EQYBhyCJ4UwT n/ddcCFq48QsWmpo236Df3fiN7OY7PST/WOfIHBY3UvRlZ1226U/nspyhDcb+zSE Lr4WG/nqD4GUkcqpycnp6yQ/1WWLmgYpiaoCgR/TazIi+14CpP4Kcrvx/xfh1nx0 ejTi8ZzMjEuIzQGk//u4g90Mrhlg00CDRc1/6GSABdCCellSnXPU3TfkJwMUVSdS XMJZkYRIdCKhP5KAFzqUSNUW2h+riuEZBV6QAZkZ1dlXLHOUckNyFGPg2y+hAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU2mzGNGpYFVs1oGJ1ixS/oZVryc4wHwYDVR0j BBgwFoAUuwUpPT6dzQ9K2SYQDBkYhc4dsdAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i MDQwNjhmMy1hNzViLTQ3NjQtOWU4MC0xZmE1NzI5MjA3ZmMvMC9CQjA1MjkzRDNF OURDRDBGNEFEOTI2MTAwQzE5MTg4NUNFMURCMUQwLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQkIwNTI5M0QzRTlEQ0QwRjRBRDkyNjEwMEMxOTE4ODVDRTFE QjFEMC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IwNDA2OGYzLWE3NWItNDc2NC05 ZTgwLTFmYTU3MjkyMDdmYy8wLzMyMzQzMDMzM2EzMjM3MzAzMDNhMzQzMDMwMzAz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMzM4MzUzMDMwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAMn AEAAMA0GCSqGSIb3DQEBCwUAA4IBAQBMFCg+aVlGGhqySddy1oG5TH8eGEmSG6k8 WbXI2h21QdhU5HnNoSXjvwFASfcikEvzAK0Ll96t5J78T7GZWkSd6M2OxNrwEz0c wOlGVvIQA4m+ED+JboLFhmuZtg8S7HjJ4MNoKObhU13Vu2qHkqcCr52Ngsi97qaN 385h2lr8G88KLjUBKTRkSvxLQz5BJx5FnjsnA/cpu7Za5HlobHoLhWl+yoQCB1sY QDKrHjN9rpBENJxDTHSAlKaVvrAhTZ5VkSvXY8KDN1akA9YUGx3+l4MXl2g8wbs9 GKECU4+Wh7A7CFxZgxC0Qr9IfA6CxqDUcKe36Rlqf5pkQokmkPCF -----END CERTIFICATE-----Generated at Sat Jun 7 14:12:18 2025 by rpki-client