$ rpki-client -vvf repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa File: 323430343a326338303a3a2f33322d3438203d3e20313334363433.roa (raw, json) Hash identifier: 5SkHB/Kz3ud3kzZYvQ/j1QLOIE2ORuolpv99BxFmP4E= Subject key identifier: D2:CC:E9:B7:72:97:72:C9:A2:84:27:2F:7C:E6:46:8C:0A:C6:29:14 Certificate issuer: /CN=3BB7346C991B689223BADC6F82DD19BE3B017704 Certificate serial: 310B1D90A05AAC543903AA90AE78A8F46B0836A7 Authority key identifier: 3B:B7:34:6C:99:1B:68:92:23:BA:DC:6F:82:DD:19:BE:3B:01:77:04 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer Subject info access: rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa Signing time: Sat 25 Jan 2025 11:00:00 +0000 ROA not before: Sat 25 Jan 2025 10:55:00 +0000 ROA not after: Sat 24 Jan 2026 11:00:00 +0000 asID: 134643 IP address blocks: 2404:2c80::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.crl rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Apr 2025 08:33:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:0b:1d:90:a0:5a:ac:54:39:03:aa:90:ae:78:a8:f4:6b:08:36:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3BB7346C991B689223BADC6F82DD19BE3B017704 Validity Not Before: Jan 25 10:55:00 2025 GMT Not After : Jan 24 11:00:00 2026 GMT Subject: CN=D2CCE9B7729772C9A284272F7CE6468C0AC62914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e0:79:9a:e2:2a:3e:dd:69:db:a2:2c:b5:c1: 0b:9d:83:53:28:cd:d9:f4:0a:be:5b:f5:dd:9d:94: 83:1a:c5:db:5c:38:12:20:80:42:1b:57:bf:81:c8: 23:ee:3d:23:2a:b9:db:cb:20:54:e3:08:50:fe:89: 44:84:57:e9:2e:db:de:49:d1:53:1b:07:ce:d9:65: 78:54:83:5d:40:a4:1e:8e:dc:d9:70:84:09:74:ff: 3c:e1:2f:64:91:52:e8:d4:54:ad:63:47:f2:ca:1f: b4:51:09:06:08:31:ab:af:3c:1f:d4:c1:8e:76:45: 8e:cb:c7:45:4c:ce:65:ee:33:9a:3b:be:eb:e6:b2: 88:3f:81:ed:77:2e:e6:a2:10:e8:cf:d9:89:a0:c8: 27:f8:26:d3:5e:28:b7:eb:39:21:2e:95:92:33:00: 41:1b:e6:e6:62:28:18:8b:27:17:de:52:64:63:32: 25:ac:b5:3f:2b:05:e0:c5:0f:e7:5f:8a:a9:16:1e: f5:37:99:33:42:f2:9c:08:fd:63:13:94:ba:26:5e: 91:bc:6b:a5:06:11:33:42:01:56:58:71:60:6e:29: db:b4:52:a2:5c:d8:f4:39:91:41:60:73:9d:df:30: d8:04:5d:41:cf:19:86:2b:af:68:f8:03:e8:4f:bc: b8:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:CC:E9:B7:72:97:72:C9:A2:84:27:2F:7C:E6:46:8C:0A:C6:29:14 X509v3 Authority Key Identifier: keyid:3B:B7:34:6C:99:1B:68:92:23:BA:DC:6F:82:DD:19:BE:3B:01:77:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/3BB7346C991B689223BADC6F82DD19BE3B017704.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3BB7346C991B689223BADC6F82DD19BE3B017704.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f26e4564-48f2-43b5-8505-93b498e7d8ab/0/323430343a326338303a3a2f33322d3438203d3e20313334363433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:2c80::/32 Signature Algorithm: sha256WithRSAEncryption 45:d6:1c:ab:31:6c:db:f8:b7:1c:2b:82:77:5b:6c:ab:67:5e: 42:28:25:78:bd:2c:50:33:7e:cb:60:a4:3f:d8:ef:a5:04:c6: 3a:c0:d6:8a:54:30:2f:b6:96:e7:b4:f4:4e:06:f2:d2:b4:8c: 28:30:a9:8f:62:fa:d6:e2:eb:51:18:5f:d8:e9:6f:5e:96:c4: 88:f6:0c:e0:0a:7e:34:05:3a:d5:a4:b8:9e:d1:30:7c:0e:09: 81:12:9e:f7:a3:b1:9a:11:b2:de:65:05:a3:9b:4b:84:b5:25: ed:a7:1c:bc:2e:05:63:60:9d:72:78:dd:c1:ce:b6:3e:25:66: 76:28:d4:65:9f:a8:21:28:f3:59:80:83:c1:e4:c3:4f:3f:3c: 61:79:14:4d:5c:86:f6:9c:4c:57:d4:5f:44:38:6d:0a:91:ee: 66:f6:d6:06:31:18:82:04:8c:76:b7:ab:b3:4f:40:94:49:c8: 5e:f4:4a:6d:a0:78:80:b6:ab:ce:2e:e8:e1:fe:2f:01:c7:43: 93:2a:42:30:4e:eb:cc:36:c8:8e:7e:65:08:82:15:9b:08:20: 4b:60:a9:13:b8:96:83:28:af:77:03:a6:9e:3f:ff:dd:7c:13: fc:b5:f8:57:ba:b7:be:2e:1b:c7:bf:3c:a2:a3:cb:e7:65:5e: 1c:98:44:00 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUMQsdkKBarFQ5A6qQrnio9GsINqcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0JCNzM0NkM5OTFCNjg5MjIzQkFEQzZGODJERDE5QkUz QjAxNzcwNDAeFw0yNTAxMjUxMDU1MDBaFw0yNjAxMjQxMTAwMDBaMDMxMTAvBgNV BAMTKEQyQ0NFOUI3NzI5NzcyQzlBMjg0MjcyRjdDRTY0NjhDMEFDNjI5MTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX4Hma4io+3Wnboiy1wQudg1Mo zdn0Cr5b9d2dlIMaxdtcOBIggEIbV7+ByCPuPSMqudvLIFTjCFD+iUSEV+ku295J 0VMbB87ZZXhUg11ApB6O3NlwhAl0/zzhL2SRUujUVK1jR/LKH7RRCQYIMauvPB/U wY52RY7Lx0VMzmXuM5o7vuvmsog/ge13LuaiEOjP2YmgyCf4JtNeKLfrOSEulZIz AEEb5uZiKBiLJxfeUmRjMiWstT8rBeDFD+dfiqkWHvU3mTNC8pwI/WMTlLomXpG8 a6UGETNCAVZYcWBuKdu0UqJc2PQ5kUFgc53fMNgEXUHPGYYrr2j4A+hPvLjjAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU0szpt3KXcsmihCcvfOZGjArGKRQwHwYDVR0j BBgwFoAUO7c0bJkbaJIjutxvgt0ZvjsBdwQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m MjZlNDU2NC00OGYyLTQzYjUtODUwNS05M2I0OThlN2Q4YWIvMC8zQkI3MzQ2Qzk5 MUI2ODkyMjNCQURDNkY4MkREMTlCRTNCMDE3NzA0LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0JCNzM0NkM5OTFCNjg5MjIzQkFEQzZGODJERDE5QkUzQjAx NzcwNC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YyNmU0NTY0LTQ4ZjItNDNiNS04 NTA1LTkzYjQ5OGU3ZDhhYi8wLzMyMzQzMDM0M2EzMjYzMzgzMDNhM2EyZjMzMzIy ZDM0MzgyMDNkM2UyMDMxMzMzNDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQELIAwDQYJKoZI hvcNAQELBQADggEBAEXWHKsxbNv4txwrgndbbKtnXkIoJXi9LFAzfstgpD/Y76UE xjrA1opUMC+2lue09E4G8tK0jCgwqY9i+tbi61EYX9jpb16WxIj2DOAKfjQFOtWk uJ7RMHwOCYESnvejsZoRst5lBaObS4S1Je2nHLwuBWNgnXJ43cHOtj4lZnYo1GWf qCEo81mAg8Hkw08/PGF5FE1chvacTFfUX0Q4bQqR7mb21gYxGIIEjHa3q7NPQJRJ yF70Sm2geIC2q84u6OH+LwHHQ5MqQjBO68w2yI5+ZQiCFZsIIEtgqRO4loMor3cD pp4//918E/y1+Fe6t74uG8e/PKKjy+dlXhyYRAA= -----END CERTIFICATE-----Generated at Sun Apr 6 20:24:50 2025 by rpki-client