$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS133798.roa File: AS133798.roa (raw, json) Hash identifier: DjayVOwXeCNJzAQ64oZrm3ySkIxTVQrBeA2ery+Phk8= Subject key identifier: 3E:F4:20:8A:EE:E6:CA:7E:6A:D7:50:FC:6B:3A:E1:B4:57:0D:69:C8 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 5F4D75C43F0F19D3E453FD38CE5B03AB3C7D51AC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS133798.roa Signing time: Sat 02 May 2026 09:27:31 +0000 ROA not before: Sat 02 May 2026 09:22:31 +0000 ROA not after: Sat 01 May 2027 09:27:31 +0000 asID: 133798 IP address blocks: 66.96.240.0/20 maxlen: 24 158.140.188.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:4d:75:c4:3f:0f:19:d3:e4:53:fd:38:ce:5b:03:ab:3c:7d:51:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:22:31 2026 GMT Not After : May 1 09:27:31 2027 GMT Subject: CN=3EF4208AEEE6CA7E6AD750FC6B3AE1B4570D69C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:06:30:b1:80:12:f2:fb:38:79:3d:f1:8c:21: c7:da:de:ac:7d:cc:b5:f9:fe:b7:a1:85:27:10:0a: 80:b7:01:d6:8b:c0:ed:ca:fb:a0:77:8f:98:94:1f: 40:9a:de:d8:db:b2:e6:3d:5c:c5:00:51:0b:3b:00: 9a:50:22:2e:ed:a1:83:00:04:6a:35:49:52:e9:23: 19:8c:de:4d:c6:03:8f:f3:c4:0e:d2:16:9b:e2:f6: 40:d5:bc:9f:bf:7e:5e:45:9e:ce:96:f5:76:a7:0b: 72:81:f9:20:19:40:b4:f6:b8:d4:16:98:d0:b2:b1: cb:be:ca:93:71:a3:e0:9b:56:32:30:f8:e4:58:15: b9:c5:7c:17:d2:33:c6:c9:61:f3:74:10:24:d1:ae: 0e:dc:5a:13:8f:a2:80:93:b3:8c:e9:7f:9c:bc:07: 26:ce:f7:fc:f1:37:a0:2c:51:42:63:fc:a7:8d:f2: 77:00:e8:04:d0:98:3c:50:50:ae:44:13:12:73:63: 3b:95:e9:88:03:f7:d0:b1:e9:cf:2d:c1:32:2b:ac: 96:71:24:ca:dc:42:fb:a2:2a:3c:9c:b6:03:a4:18: 87:85:05:c9:7b:7d:ae:d4:1a:44:7f:99:92:50:64: 78:2d:28:0e:6f:ef:b1:d6:4a:11:83:95:94:86:3d: 1d:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:F4:20:8A:EE:E6:CA:7E:6A:D7:50:FC:6B:3A:E1:B4:57:0D:69:C8 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS133798.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.96.240.0/20 158.140.188.0/23 Signature Algorithm: sha256WithRSAEncryption 51:80:60:6f:d8:d2:d7:45:c1:54:22:6d:50:9d:b0:cd:9b:44: 5b:90:9f:04:25:17:6b:38:72:36:66:fc:54:d3:c3:52:e7:2c: cd:61:a2:a9:0d:71:25:f9:10:3a:ab:37:37:21:4c:88:a6:ed: 75:6e:13:6e:e1:9e:32:dd:7c:a7:19:8d:95:f3:fd:13:ca:11: ab:27:ab:51:18:20:27:a1:db:eb:0b:64:a8:5e:6a:ca:88:a8: a4:63:4d:bd:de:4d:58:ef:e5:9d:ae:b8:ff:25:81:c4:77:3d: 04:c6:bc:d6:1b:02:4a:ce:3b:66:58:aa:1f:8f:22:a2:43:4a: 97:25:87:95:b9:42:c7:46:fd:26:33:7f:3e:cd:f3:39:45:96: e6:33:ac:f6:f6:12:de:dc:e2:1a:a6:e4:09:2d:b1:1b:09:14: 4b:34:04:c2:16:9b:6f:bf:c6:40:2b:94:0b:59:6f:fc:8b:25: b0:9c:ac:1d:43:20:56:97:09:da:e8:0a:cf:eb:08:00:ef:3e: c7:92:1e:3e:9b:ee:21:f3:a0:bc:75:53:b9:1b:08:97:ae:39: a9:81:62:4a:84:61:4b:89:8f:98:5b:f3:d0:17:41:c9:54:3d: e8:ae:dd:68:ab:56:57:96:2c:b5:46:84:8d:cd:d9:9b:87:a9: 81:09:16:fc -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUX011xD8PGdPkU/04zlsDqzx9UawwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjIzMVoX DTI3MDUwMTA5MjczMVowMzExMC8GA1UEAxMoM0VGNDIwOEFFRUU2Q0E3RTZBRDc1 MEZDNkIzQUUxQjQ1NzBENjlDODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAGMLGAEvL7OHk98Ywhx9rerH3Mtfn+t6GFJxAKgLcB1ovA7cr7oHePmJQf QJre2Nuy5j1cxQBRCzsAmlAiLu2hgwAEajVJUukjGYzeTcYDj/PEDtIWm+L2QNW8 n79+XkWezpb1dqcLcoH5IBlAtPa41BaY0LKxy77Kk3Gj4JtWMjD45FgVucV8F9Iz xslh83QQJNGuDtxaE4+igJOzjOl/nLwHJs73/PE3oCxRQmP8p43ydwDoBNCYPFBQ rkQTEnNjO5XpiAP30LHpzy3BMiuslnEkytxC+6IqPJy2A6QYh4UFyXt9rtQaRH+Z klBkeC0oDm/vsdZKEYOVlIY9Hb8CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQ+9CCK 7ubKfmrXUPxrOuG0Vw1pyDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTMzNzk4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQEQmDwAwQBnoy8MA0GCSqGSIb3DQEBCwUAA4IBAQBRgGBv2NLXRcFUIm1Q nbDNm0RbkJ8EJRdrOHI2ZvxU08NS5yzNYaKpDXEl+RA6qzc3IUyIpu11bhNu4Z4y 3XynGY2V8/0TyhGrJ6tRGCAnodvrC2SoXmrKiKikY0293k1Y7+Wdrrj/JYHEdz0E xrzWGwJKzjtmWKofjyKiQ0qXJYeVuULHRv0mM38+zfM5RZbmM6z29hLe3OIapuQJ LbEbCRRLNATCFptvv8ZAK5QLWW/8iyWwnKwdQyBWlwna6ArP6wgA7z7Hkh4+m+4h 86C8dVO5GwiXrjmpgWJKhGFLiY+YW/PQF0HJVD3ort1oq1ZXliy1RoSNzdmbh6mB CRb8 -----END CERTIFICATE-----Generated at Sat May 2 21:05:06 2026 by rpki-client