$ rpki-client -vvf repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313031313a3a2f34382d3438203d3e203338313536.roa File: 323430353a613534303a313031313a3a2f34382d3438203d3e203338313536.roa (raw, json) Hash identifier: TqEWwFlOrk5l3fkQ8+zmSzxZo3hgufYaEWkW7G3NnE8= Subject key identifier: 2B:E1:EF:A6:6B:5E:63:C2:AB:4E:DF:86:9D:3C:10:99:7A:69:A0:C1 Certificate issuer: /CN=5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4 Certificate serial: 76BCF991AEBC94F4A80C5329051EAF5A561CF219 Authority key identifier: 5B:D0:FD:00:EB:8A:CC:F5:09:29:F6:B0:F5:6C:75:00:6A:4D:58:C4 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer Subject info access: rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313031313a3a2f34382d3438203d3e203338313536.roa Signing time: Sun 02 Mar 2025 00:00:02 +0000 ROA not before: Sat 01 Mar 2025 23:55:02 +0000 ROA not after: Sun 01 Mar 2026 00:00:02 +0000 asID: 38156 IP address blocks: 2405:a540:1011::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.crl rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:57:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:bc:f9:91:ae:bc:94:f4:a8:0c:53:29:05:1e:af:5a:56:1c:f2:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4 Validity Not Before: Mar 1 23:55:02 2025 GMT Not After : Mar 1 00:00:02 2026 GMT Subject: CN=2BE1EFA66B5E63C2AB4EDF869D3C10997A69A0C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:de:ae:d2:79:c6:db:32:02:9d:11:ff:b8:42: 4a:ab:81:c2:b2:7c:e8:70:44:fb:2d:18:4c:b2:59: b4:c4:9d:0b:59:2d:ba:ba:8b:39:0d:ed:6c:4d:51: 1b:1b:f7:f1:49:48:77:ee:80:a5:0c:74:4a:e6:c5: 1d:4e:b9:04:a1:85:cb:22:3a:2a:81:ab:05:89:39: 0f:e4:54:af:5c:2a:50:48:a8:b4:85:a2:7d:aa:5b: e0:76:a7:a1:77:24:29:58:8b:d3:90:95:96:1c:af: f7:14:50:a8:b7:c8:06:51:ad:ee:62:56:25:97:af: 07:dc:a2:53:40:6d:cc:c6:ba:b9:0a:fe:cb:ff:c4: 9e:0c:42:aa:9d:48:34:b2:ce:c2:b3:a6:0f:84:3b: 37:4a:89:1a:49:0e:cb:97:ab:e9:bf:8f:81:0c:60: f6:7b:37:73:e8:c3:d8:38:e7:28:14:54:e8:d6:ee: 3c:fd:2d:af:5f:98:9e:e7:44:af:94:f3:0e:9f:f2: 73:7f:f7:4f:78:35:03:2d:9a:89:aa:1a:d2:a4:9a: a6:62:c1:1e:c0:e6:e0:c0:ec:e8:00:e4:a9:ff:d7: 8a:b7:1f:ac:f4:d4:27:eb:94:2a:78:86:72:7f:c7: 39:25:e9:07:e6:c2:be:b8:9f:17:03:fa:c5:d6:b8: 05:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:E1:EF:A6:6B:5E:63:C2:AB:4E:DF:86:9D:3C:10:99:7A:69:A0:C1 X509v3 Authority Key Identifier: keyid:5B:D0:FD:00:EB:8A:CC:F5:09:29:F6:B0:F5:6C:75:00:6A:4D:58:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313031313a3a2f34382d3438203d3e203338313536.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2405:a540:1011::/48 Signature Algorithm: sha256WithRSAEncryption 59:97:db:bf:b0:93:dc:67:af:a8:9e:01:31:4d:98:13:86:d4: 76:8d:20:5c:33:fe:7e:8b:cf:bb:ab:f9:f6:eb:b8:ea:c3:e8: 86:e7:ba:22:7c:72:3f:14:d6:41:06:0f:cc:ce:f5:b7:b3:c5: f6:c1:c5:08:4b:06:94:c9:8f:f2:26:99:b9:5d:b0:c2:89:b3: 55:ec:d0:45:50:be:af:c2:19:8e:ac:a0:df:05:70:9f:f9:b1: 8a:93:27:bf:09:84:d6:21:3c:68:3c:8e:05:60:88:60:7f:49: 44:be:6f:0c:26:bd:b4:42:0f:5a:31:c2:c9:9d:3b:ed:5d:e1: ac:69:5f:4c:b8:bf:94:a0:40:ac:b9:3a:41:b8:0c:e7:c3:14: e3:55:84:ef:ec:8c:97:9e:61:6b:4c:30:f3:00:7f:01:c5:88: 30:5c:19:2f:0e:c2:fa:0a:e4:30:f6:be:54:be:35:9c:89:2e: 40:5b:44:17:04:92:a5:b4:96:4a:2a:22:b0:6d:72:90:c9:ec: 01:74:f4:0e:54:a9:b4:a5:98:56:43:e6:dc:f6:87:8f:56:e9: 10:11:2a:4d:8a:82:57:ce:55:6e:b3:6b:88:6c:c1:5d:42:2b: c4:e6:61:6c:a8:a1:3b:29:cf:22:01:ed:a8:b9:28:b1:29:bf: a6:a0:fb:c1 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUdrz5ka68lPSoDFMpBR6vWlYc8hkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNUJEMEZEMDBFQjhBQ0NGNTA5MjlGNkIwRjU2Qzc1MDA2 QTRENThDNDAeFw0yNTAzMDEyMzU1MDJaFw0yNjAzMDEwMDAwMDJaMDMxMTAvBgNV BAMTKDJCRTFFRkE2NkI1RTYzQzJBQjRFREY4NjlEM0MxMDk5N0E2OUEwQzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3q7SecbbMgKdEf+4QkqrgcKy fOhwRPstGEyyWbTEnQtZLbq6izkN7WxNURsb9/FJSHfugKUMdErmxR1OuQShhcsi OiqBqwWJOQ/kVK9cKlBIqLSFon2qW+B2p6F3JClYi9OQlZYcr/cUUKi3yAZRre5i ViWXrwfcolNAbczGurkK/sv/xJ4MQqqdSDSyzsKzpg+EOzdKiRpJDsuXq+m/j4EM YPZ7N3Pow9g45ygUVOjW7jz9La9fmJ7nRK+U8w6f8nN/9094NQMtmomqGtKkmqZi wR7A5uDA7OgA5Kn/14q3H6z01CfrlCp4hnJ/xzkl6Qfmwr64nxcD+sXWuAVJAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUK+HvpmteY8KrTt+GnTwQmXppoMEwHwYDVR0j BBgwFoAUW9D9AOuKzPUJKfaw9Wx1AGpNWMQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j NWQzZDIyYS0zMzhiLTQzMDItOTNmNC1jMDIxZWE2YWQ1NDgvMC81QkQwRkQwMEVC OEFDQ0Y1MDkyOUY2QjBGNTZDNzUwMDZBNEQ1OEM0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNUJEMEZEMDBFQjhBQ0NGNTA5MjlGNkIwRjU2Qzc1MDA2QTRE NThDNC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M1ZDNkMjJhLTMzOGItNDMwMi05 M2Y0LWMwMjFlYTZhZDU0OC8wLzMyMzQzMDM1M2E2MTM1MzQzMDNhMzEzMDMxMzEz YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMzM4MzEzNTM2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAWl QBARMA0GCSqGSIb3DQEBCwUAA4IBAQBZl9u/sJPcZ6+ongExTZgThtR2jSBcM/5+ i8+7q/n267jqw+iG57oifHI/FNZBBg/MzvW3s8X2wcUISwaUyY/yJpm5XbDCibNV 7NBFUL6vwhmOrKDfBXCf+bGKkye/CYTWITxoPI4FYIhgf0lEvm8MJr20Qg9aMcLJ nTvtXeGsaV9MuL+UoECsuTpBuAznwxTjVYTv7IyXnmFrTDDzAH8BxYgwXBkvDsL6 CuQw9r5UvjWciS5AW0QXBJKltJZKKiKwbXKQyewBdPQOVKm0pZhWQ+bc9oePVukQ ESpNioJXzlVus2uIbMFdQivE5mFsqKE7Kc8iAe2ouSixKb+moPvB -----END CERTIFICATE-----Generated at Fri Apr 18 01:58:39 2025 by rpki-client