$ rpki-client -vvf repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/323430303a373530303a3a2f33322d3332203d3e20313431313432.roa File: 323430303a373530303a3a2f33322d3332203d3e20313431313432.roa (raw, json) Hash identifier: jAH5xZ0mM2gJ4zgC+LxXgivI18TAlcZ5CPYpBlGyxP0= Subject key identifier: 3F:1B:AD:EB:EB:D3:7B:F5:B3:4C:F2:E3:C0:A6:74:6D:BD:AA:FF:27 Certificate issuer: /CN=C16E46D556A47D2429EC847E95E7C429D38AC26D Certificate serial: 429F4DC2546938A8B87A80DE8C471ABAFDE2FA75 Authority key identifier: C1:6E:46:D5:56:A4:7D:24:29:EC:84:7E:95:E7:C4:29:D3:8A:C2:6D Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer Subject info access: rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/323430303a373530303a3a2f33322d3332203d3e20313431313432.roa Signing time: Wed 27 Aug 2025 10:05:40 +0000 ROA not before: Wed 27 Aug 2025 10:00:40 +0000 ROA not after: Wed 26 Aug 2026 10:05:40 +0000 asID: 141142 IP address blocks: 2400:7500::/32 maxlen: 32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.crl rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 10:23:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:9f:4d:c2:54:69:38:a8:b8:7a:80:de:8c:47:1a:ba:fd:e2:fa:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C16E46D556A47D2429EC847E95E7C429D38AC26D Validity Not Before: Aug 27 10:00:40 2025 GMT Not After : Aug 26 10:05:40 2026 GMT Subject: CN=3F1BADEBEBD37BF5B34CF2E3C0A6746DBDAAFF27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a9:5c:07:4e:7f:07:4e:09:73:5f:3d:9a:f2: 03:d0:9d:2c:8f:63:81:bb:78:6c:66:d8:0b:da:91: 2b:49:ed:6c:de:7c:b6:b1:d1:99:90:5d:38:89:85: ee:1a:e7:71:57:ad:e0:b8:3d:00:96:a1:fb:2a:42: 5f:0f:82:74:38:93:34:ef:1c:5f:ba:0b:f3:1e:2a: 2f:da:4a:89:97:95:09:3f:0d:85:04:19:b6:2d:4f: 85:56:47:62:85:0f:ed:ed:0d:80:22:e0:b9:9a:79: 19:75:31:dd:da:31:49:4b:34:ce:d6:d7:36:c1:90: 63:b4:f0:20:7f:bc:13:11:0d:b8:e6:6c:09:17:ef: 45:3e:7b:60:06:a2:a8:87:cb:0a:6b:71:aa:de:82: 76:a0:68:a6:96:c3:d8:ab:c7:dc:89:51:8b:f4:a8: 0a:a2:77:36:5b:2f:d7:24:31:3d:1b:c5:33:0a:d5: 57:f2:3a:da:1f:63:b7:76:19:86:1a:9d:aa:f2:b6: 18:17:e3:16:23:eb:1b:7b:b9:d4:8d:38:56:5d:19: d0:a6:77:aa:ad:94:88:15:f8:57:03:7d:35:7f:f7: cb:e1:ad:03:1c:30:f8:0e:16:9f:61:fc:40:ca:22: b6:cb:08:77:32:d7:b4:70:04:ae:6a:a3:12:18:8f: 79:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:1B:AD:EB:EB:D3:7B:F5:B3:4C:F2:E3:C0:A6:74:6D:BD:AA:FF:27 X509v3 Authority Key Identifier: keyid:C1:6E:46:D5:56:A4:7D:24:29:EC:84:7E:95:E7:C4:29:D3:8A:C2:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/C16E46D556A47D2429EC847E95E7C429D38AC26D.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C16E46D556A47D2429EC847E95E7C429D38AC26D.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/df2e7fd6-eb5e-480a-8e97-c55f68e0589a/0/323430303a373530303a3a2f33322d3332203d3e20313431313432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:7500::/32 Signature Algorithm: sha256WithRSAEncryption 33:60:91:d6:87:5b:73:03:b2:71:86:83:a9:40:f7:8e:f1:e4: 34:2e:dc:b3:f2:8e:ce:2f:ba:7a:8d:b8:a7:5c:a9:41:e6:c8: 31:1f:ff:79:d1:c5:58:7d:e9:76:7d:db:09:32:e1:20:07:b6: 3d:8c:02:8f:71:fc:5e:1f:12:a6:30:af:a5:4b:2c:90:06:c8: 62:a3:79:d1:ae:b5:39:f4:8c:17:c3:0d:ff:1a:ce:bb:d4:16: 84:d1:79:ed:71:80:d7:5f:77:fb:b0:cd:65:2a:f4:61:86:2f: 14:89:3c:3d:fe:af:6a:70:99:ea:71:f0:11:38:3e:e6:06:e1: a8:f1:32:47:4e:84:53:e1:20:2f:f6:ff:95:c5:09:71:12:28: 90:32:1d:69:3d:1f:72:ad:b9:ee:93:74:0a:d5:3b:c4:03:90: 05:78:68:1f:0c:60:27:0e:d3:85:fd:64:ae:fb:1b:a1:0f:82: f5:23:04:3b:54:7b:69:70:0e:22:5c:26:0b:ff:9c:5e:db:8d: 8f:9f:f3:e1:b7:af:f2:e8:f0:80:87:8c:4d:51:55:ef:db:30: 82:3e:a3:9d:3f:38:64:53:be:62:6a:08:2f:d8:01:3e:2d:ee: 3e:14:94:72:39:c6:92:88:25:4d:4d:fb:81:4c:1b:98:7f:44: 83:3f:1a:44 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUQp9NwlRpOKi4eoDejEcauv3i+nUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzE2RTQ2RDU1NkE0N0QyNDI5RUM4NDdFOTVFN0M0MjlE MzhBQzI2RDAeFw0yNTA4MjcxMDAwNDBaFw0yNjA4MjYxMDA1NDBaMDMxMTAvBgNV BAMTKDNGMUJBREVCRUJEMzdCRjVCMzRDRjJFM0MwQTY3NDZEQkRBQUZGMjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7qVwHTn8HTglzXz2a8gPQnSyP Y4G7eGxm2AvakStJ7WzefLax0ZmQXTiJhe4a53FXreC4PQCWofsqQl8PgnQ4kzTv HF+6C/MeKi/aSomXlQk/DYUEGbYtT4VWR2KFD+3tDYAi4LmaeRl1Md3aMUlLNM7W 1zbBkGO08CB/vBMRDbjmbAkX70U+e2AGoqiHywprcaregnagaKaWw9irx9yJUYv0 qAqidzZbL9ckMT0bxTMK1VfyOtofY7d2GYYanarythgX4xYj6xt7udSNOFZdGdCm d6qtlIgV+FcDfTV/98vhrQMcMPgOFp9h/EDKIrbLCHcy17RwBK5qoxIYj3lVAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUPxut6+vTe/WzTPLjwKZ0bb2q/ycwHwYDVR0j BBgwFoAUwW5G1VakfSQp7IR+lefEKdOKwm0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k ZjJlN2ZkNi1lYjVlLTQ4MGEtOGU5Ny1jNTVmNjhlMDU4OWEvMC9DMTZFNDZENTU2 QTQ3RDI0MjlFQzg0N0U5NUU3QzQyOUQzOEFDMjZELmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQzE2RTQ2RDU1NkE0N0QyNDI5RUM4NDdFOTVFN0M0MjlEMzhB QzI2RC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RmMmU3ZmQ2LWViNWUtNDgwYS04 ZTk3LWM1NWY2OGUwNTg5YS8wLzMyMzQzMDMwM2EzNzM1MzAzMDNhM2EyZjMzMzIy ZDMzMzIyMDNkM2UyMDMxMzQzMTMxMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQAdQAwDQYJKoZI hvcNAQELBQADggEBADNgkdaHW3MDsnGGg6lA947x5DQu3LPyjs4vunqNuKdcqUHm yDEf/3nRxVh96XZ92wky4SAHtj2MAo9x/F4fEqYwr6VLLJAGyGKjedGutTn0jBfD Df8azrvUFoTRee1xgNdfd/uwzWUq9GGGLxSJPD3+r2pwmepx8BE4PuYG4ajxMkdO hFPhIC/2/5XFCXESKJAyHWk9H3Ktue6TdArVO8QDkAV4aB8MYCcO04X9ZK77G6EP gvUjBDtUe2lwDiJcJgv/nF7bjY+f8+G3r/Lo8ICHjE1RVe/bMII+o50/OGRTvmJq CC/YAT4t7j4UlHI5xpKIJU1N+4FMG5h/RIM/GkQ= -----END CERTIFICATE-----Generated at Sun Sep 7 15:28:44 2025 by rpki-client