$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134728.roa File: AS134728.roa (raw, json) Hash identifier: ondEQmCPeKc3Yl03beyv3w+L3h1YTZTfStOdavcl3lU= Subject key identifier: 71:78:60:19:39:77:D3:B5:E4:2D:15:BF:EE:98:14:91:47:0A:A9:14 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 45E7DF8D94AFEB07AB415C7D0D7ADF79490DA3DD Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134728.roa Signing time: Tue 03 Mar 2026 02:19:59 +0000 ROA not before: Tue 03 Mar 2026 02:14:59 +0000 ROA not after: Tue 02 Mar 2027 02:19:59 +0000 asID: 134728 IP address blocks: 2001:df6:abc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 22:43:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:e7:df:8d:94:af:eb:07:ab:41:5c:7d:0d:7a:df:79:49:0d:a3:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 3 02:14:59 2026 GMT Not After : Mar 2 02:19:59 2027 GMT Subject: CN=717860193977D3B5E42D15BFEE981491470AA914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b7:be:42:79:05:c6:dd:39:5e:b4:ed:cb:e9: 96:99:27:59:c3:46:88:b4:f3:f4:de:32:5f:b5:0b: c1:f3:cc:cb:7b:9f:b3:99:e8:d9:6b:0a:6e:7a:26: f7:d9:fa:94:88:d1:bf:d1:26:16:f3:7a:66:e2:92: 37:d1:3d:97:50:b3:35:43:69:3a:53:ab:b9:08:c8: d8:a5:fc:c6:d4:48:20:66:9a:ea:8b:c4:35:c6:da: 04:10:4c:f2:41:7f:2a:75:1f:11:fe:dd:92:87:73: 73:47:02:bb:16:2c:98:88:51:a1:89:73:88:f7:ae: d3:dd:39:b5:54:97:03:33:9c:d4:fa:34:d6:f6:1f: 7f:5e:60:ff:17:20:fb:a6:0b:be:89:9c:d1:ab:60: da:a8:ce:3b:78:fe:2d:c8:66:d5:06:21:e9:a6:b7: 78:18:45:4f:fe:e9:3d:4f:df:9b:3f:32:85:39:b4: 1e:fa:cb:9a:22:77:30:1a:a9:42:49:18:dc:b5:eb: 0d:a1:fb:90:73:e4:a5:d1:04:61:ad:c6:66:2a:fe: b7:f6:49:1f:86:e7:03:07:d6:d5:82:9d:09:22:5f: 34:99:f1:e7:73:c3:6a:16:e8:26:5f:c1:41:4f:40: 60:2c:c6:15:9e:a2:ac:38:f6:48:f0:01:92:60:b9: 4d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:78:60:19:39:77:D3:B5:E4:2D:15:BF:EE:98:14:91:47:0A:A9:14 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134728.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:abc0::/48 Signature Algorithm: sha256WithRSAEncryption 7a:9e:54:05:5c:4c:2c:fb:d0:98:e9:e6:f5:37:cb:11:df:96: 5b:88:a4:c1:50:a3:b1:02:53:a7:58:53:82:83:e4:b4:63:c2: c5:2f:96:f9:f7:e8:96:a3:5e:75:d5:96:80:ed:c3:50:15:ee: ac:49:6f:24:38:8a:c6:87:f6:16:08:ce:8e:de:d6:e4:07:90: ec:64:95:5a:a4:bc:89:f2:bd:3b:95:a9:f5:22:ca:93:3b:30: 09:bf:0b:5e:65:e3:88:ac:4b:98:c4:62:a6:7c:9c:a0:40:aa: bd:79:f8:54:13:aa:5a:e2:fc:30:24:80:71:be:b5:30:e8:3e: 74:0c:64:42:7d:03:5c:08:65:47:20:be:36:12:f7:24:01:e1: 50:77:23:17:db:1f:dc:cc:7f:62:ac:5e:d8:43:99:fb:53:7d: d3:19:59:e3:d6:84:de:35:5e:10:ea:bd:68:6d:83:97:67:14: 93:d2:b6:03:0b:68:17:a8:3d:67:d7:bd:8b:35:5e:88:f1:3f: 3f:c4:96:96:c8:52:11:be:e7:a0:a9:63:d1:53:3f:1c:58:6a: d9:24:81:aa:b5:d9:bb:1b:7e:f4:a4:f5:bb:aa:b5:d6:87:61: 39:85:4b:1a:65:8c:73:5c:07:ca:15:87:43:67:0b:a6:ad:60: 81:e0:19:6d -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUReffjZSv6werQVx9DXrfeUkNo90wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwMzAyMTQ1OVoX DTI3MDMwMjAyMTk1OVowMzExMC8GA1UEAxMoNzE3ODYwMTkzOTc3RDNCNUU0MkQx NUJGRUU5ODE0OTE0NzBBQTkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALy3vkJ5BcbdOV607cvplpknWcNGiLTz9N4yX7ULwfPMy3ufs5no2WsKbnom 99n6lIjRv9EmFvN6ZuKSN9E9l1CzNUNpOlOruQjI2KX8xtRIIGaa6ovENcbaBBBM 8kF/KnUfEf7dkodzc0cCuxYsmIhRoYlziPeu0905tVSXAzOc1Po01vYff15g/xcg +6YLvomc0atg2qjOO3j+Lchm1QYh6aa3eBhFT/7pPU/fmz8yhTm0HvrLmiJ3MBqp QkkY3LXrDaH7kHPkpdEEYa3GZir+t/ZJH4bnAwfW1YKdCSJfNJnx53PDahboJl/B QU9AYCzGFZ6irDj2SPABkmC5TQ8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRxeGAZ OXfTteQtFb/umBSRRwqpFDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNDcyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfarwDANBgkqhkiG9w0BAQsFAAOCAQEAep5UBVxMLPvQmOnm 9TfLEd+WW4ikwVCjsQJTp1hTgoPktGPCxS+W+ffolqNeddWWgO3DUBXurElvJDiK xof2FgjOjt7W5AeQ7GSVWqS8ifK9O5Wp9SLKkzswCb8LXmXjiKxLmMRipnycoECq vXn4VBOqWuL8MCSAcb61MOg+dAxkQn0DXAhlRyC+NhL3JAHhUHcjF9sf3Mx/Yqxe 2EOZ+1N90xlZ49aE3jVeEOq9aG2Dl2cUk9K2AwtoF6g9Z9e9izVeiPE/P8SWlshS Eb7noKlj0VM/HFhq2SSBqrXZuxt+9KT1u6q11odhOYVLGmWMc1wHyhWHQ2cLpq1g geAZbQ== -----END CERTIFICATE-----Generated at Sat Mar 7 19:14:09 2026 by rpki-client