$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS136873.roa File: AS136873.roa (raw, json) Hash identifier: GjGIgLQhgwanjJFtWYmIiuMtuytQ7AJrbfKGPSwC0mQ= Subject key identifier: 22:5A:20:10:61:CB:F1:35:BD:E6:FA:20:73:04:AA:3E:E8:02:6F:8D Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 32C047EBE95C10150CEDBF1FFCCADB4D8104352C Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS136873.roa Signing time: Sat 02 May 2026 09:23:29 +0000 ROA not before: Sat 02 May 2026 09:18:29 +0000 ROA not after: Sat 01 May 2027 09:23:29 +0000 asID: 136873 IP address blocks: 160.22.8.0/24 maxlen: 24 160.22.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:c0:47:eb:e9:5c:10:15:0c:ed:bf:1f:fc:ca:db:4d:81:04:35:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:29 2026 GMT Not After : May 1 09:23:29 2027 GMT Subject: CN=225A201061CBF135BDE6FA207304AA3EE8026F8D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:53:55:22:62:46:16:22:32:ff:7c:f3:80:94: 07:65:42:f5:06:5d:0a:fb:de:d9:f8:e6:14:b3:eb: d6:bf:15:e2:2f:c4:96:a8:66:28:ca:bb:f9:17:2e: a8:1e:5f:cf:2b:30:83:bd:3c:9f:21:a0:d6:89:d0: d2:80:60:67:47:b3:03:cd:83:2d:85:3b:fe:d5:e7: 9d:37:8c:72:0d:c0:3c:1b:a8:ea:05:03:b4:e3:5c: 9c:13:3d:d4:96:91:da:53:02:c0:cc:34:49:a4:33: e3:20:0c:92:0b:92:77:05:fc:1c:85:f2:e0:bf:96: 58:f5:88:47:80:cd:5d:0e:a3:af:75:4c:47:99:b9: c6:c9:e1:83:15:a9:20:20:76:5b:e6:8b:8e:70:c3: f4:17:45:54:5d:b1:3e:0d:f7:78:57:8a:09:0c:de: bb:a0:f0:a4:bd:63:b9:9c:3c:e2:1c:48:c4:c6:65: 15:3e:6a:5e:9f:0d:94:e4:51:aa:0c:d7:22:14:34: e5:89:8f:d0:9a:62:a2:36:31:88:3c:7d:ce:56:75: 02:23:26:44:6c:13:65:56:8b:6d:39:8d:dd:c3:33: 74:5b:49:20:dc:b2:10:a3:10:42:63:3c:75:2c:6f: b1:f7:e5:93:24:52:f6:96:f9:38:52:1d:c9:af:19: 49:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:5A:20:10:61:CB:F1:35:BD:E6:FA:20:73:04:AA:3E:E8:02:6F:8D X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS136873.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.8.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:08:a0:0e:1e:6e:7c:4f:18:94:ab:8f:ee:53:b6:f4:ac:fa: 61:59:4d:d4:fc:48:c2:80:31:62:6a:f5:ff:0d:4a:bb:b1:d5: 25:2c:a2:a8:8c:1f:ea:93:61:cd:6d:61:07:26:cc:e6:5a:a1: ea:44:ca:25:5c:70:13:0b:ca:76:26:93:26:b8:cf:48:32:f8: ae:c9:d0:7c:b1:09:67:f9:bb:cd:4a:16:b0:0a:15:52:b5:52: 87:9a:12:98:c3:df:65:7f:52:81:ab:d7:45:c2:1c:dd:e8:f2: 0e:9f:32:99:60:8c:cd:b6:b3:e8:6f:b9:04:02:ba:33:d9:6c: 0d:54:7c:af:97:84:3e:be:4d:21:40:34:bc:27:0f:e2:27:38: ec:b5:f0:b1:eb:88:d6:d5:f4:96:c2:d6:d3:87:7a:ae:2b:bd: cd:bc:38:2a:0d:8d:f7:79:d3:d3:50:92:6c:19:65:ad:9b:d6: 88:bd:71:76:9f:df:7c:4d:5e:d1:4e:12:76:5b:04:f6:4e:0c: e3:ea:bc:b0:df:6d:60:a6:ba:fb:cc:4f:27:30:e1:34:cc:9e: d3:99:5b:99:04:99:ab:ab:75:bd:e2:8a:e3:7d:f4:35:94:3a: ef:47:60:1a:c8:7a:c3:be:f1:2d:38:46:79:a0:83:f6:e8:8c: a1:b1:3f:e8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUMsBH6+lcEBUM7b8f/MrbTYEENSwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgyOVoX DTI3MDUwMTA5MjMyOVowMzExMC8GA1UEAxMoMjI1QTIwMTA2MUNCRjEzNUJERTZG QTIwNzMwNEFBM0VFODAyNkY4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPJTVSJiRhYiMv9884CUB2VC9QZdCvve2fjmFLPr1r8V4i/ElqhmKMq7+Rcu qB5fzyswg708nyGg1onQ0oBgZ0ezA82DLYU7/tXnnTeMcg3APBuo6gUDtONcnBM9 1JaR2lMCwMw0SaQz4yAMkguSdwX8HIXy4L+WWPWIR4DNXQ6jr3VMR5m5xsnhgxWp ICB2W+aLjnDD9BdFVF2xPg33eFeKCQzeu6DwpL1juZw84hxIxMZlFT5qXp8NlORR qgzXIhQ05YmP0JpiojYxiDx9zlZ1AiMmRGwTZVaLbTmN3cMzdFtJINyyEKMQQmM8 dSxvsfflkyRS9pb5OFIdya8ZSQECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQiWiAQ YcvxNb3m+iBzBKo+6AJvjTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTM2ODczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBoBYIMA0GCSqGSIb3DQEBCwUAA4IBAQBMCKAOHm58TxiUq4/uU7b0rPph WU3U/EjCgDFiavX/DUq7sdUlLKKojB/qk2HNbWEHJszmWqHqRMolXHATC8p2JpMm uM9IMviuydB8sQln+bvNShawChVStVKHmhKYw99lf1KBq9dFwhzd6PIOnzKZYIzN trPob7kEAroz2WwNVHyvl4Q+vk0hQDS8Jw/iJzjstfCx64jW1fSWwtbTh3quK73N vDgqDY33edPTUJJsGWWtm9aIvXF2n998TV7RThJ2WwT2Tgzj6ryw321gprr7zE8n MOE0zJ7TmVuZBJmrq3W94orjffQ1lDrvR2AayHrDvvEtOEZ5oIP26IyhsT/o -----END CERTIFICATE-----Generated at Sat May 2 21:06:05 2026 by rpki-client