$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS139428.roa File: AS139428.roa (raw, json) Hash identifier: 6TD0FDvfeQsNGhZoJPxWt7kFEehRytRfyWZ/G7Oiy7c= Subject key identifier: 86:A6:B6:B6:3F:DC:64:49:3C:5E:F0:CA:52:CF:78:7D:20:DD:78:00 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 15F1222B8CAB7546812639C5232392342C86B389 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139428.roa Signing time: Sat 02 May 2026 17:28:11 +0000 ROA not before: Sat 02 May 2026 17:23:11 +0000 ROA not after: Sat 01 May 2027 17:28:11 +0000 asID: 139428 IP address blocks: 157.20.176.0/23 maxlen: 24 157.20.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:f1:22:2b:8c:ab:75:46:81:26:39:c5:23:23:92:34:2c:86:b3:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 17:23:11 2026 GMT Not After : May 1 17:28:11 2027 GMT Subject: CN=86A6B6B63FDC64493C5EF0CA52CF787D20DD7800 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:dd:d4:d4:70:e8:2c:3a:68:9b:cd:0e:91:d1: ec:19:52:59:41:7a:bb:0d:79:9e:1c:ca:cc:7c:02: 99:23:e2:62:1e:a3:36:7a:e0:f4:a4:e1:22:e2:ec: 5d:17:72:fc:a8:e5:a2:c8:64:12:55:e2:57:ae:de: 19:39:a6:95:6d:f4:a2:c7:35:4c:57:82:2a:07:32: be:bd:4d:35:d0:85:55:85:5e:77:c3:d0:03:f1:90: 4f:bf:d5:08:79:c0:64:e6:84:7f:ce:15:6f:fc:31: 6c:0d:d4:6e:f0:1a:2c:dc:77:92:4a:5b:14:bb:11: 26:22:73:11:a5:29:fa:53:ea:87:f8:54:41:4d:12: 7c:f2:83:d4:79:7c:44:8e:05:8a:12:11:64:6a:c4: 1e:31:7c:1d:50:d2:48:e7:c5:bf:6c:cd:09:5d:13: fa:d0:1b:67:b9:af:16:d3:a5:9a:d2:09:1c:c7:55: 0c:ee:d4:80:1d:8d:48:98:97:4f:e5:ea:18:22:95: cf:b5:d7:d6:60:e4:8c:0c:03:b9:36:2b:05:8f:c0: af:57:b3:3c:50:fd:fc:38:94:1a:fc:2e:4b:93:a2: 2e:4e:30:ef:1a:69:92:0f:ad:ce:40:d6:66:e4:5c: af:6d:f0:7d:a3:e7:cf:8d:8f:ab:8e:08:c4:6f:c1: 5c:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:A6:B6:B6:3F:DC:64:49:3C:5E:F0:CA:52:CF:78:7D:20:DD:78:00 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.176.0/23 Signature Algorithm: sha256WithRSAEncryption b0:f6:b9:0a:f9:89:f7:72:fa:f7:a6:7d:bb:3a:bd:50:08:e1: 09:31:12:2a:54:05:2b:29:cc:c0:69:bc:e9:ef:6c:69:cf:4d: 54:57:ee:f3:08:55:8f:c8:69:65:fc:6e:26:7b:2b:a8:e2:c3: 72:8f:63:eb:62:b2:a8:ad:ba:fa:21:80:2c:79:d6:cd:02:f5: 95:2a:66:17:54:59:27:3b:af:45:5f:7d:6c:f7:66:29:99:b1: 6d:e6:3a:20:8e:58:81:05:ba:a6:01:f5:22:84:f3:d4:95:f9: 4b:8c:0f:29:d6:fe:d1:94:9a:35:5c:e0:8e:00:74:b7:6c:54: c2:ed:92:0e:e6:f5:b3:e2:9f:bc:37:78:bf:8d:9d:c0:bb:15: 6b:5b:6b:3b:0d:c9:b9:75:02:7e:80:f0:6c:77:35:c1:61:b7: 9b:ac:e4:f4:d9:58:c8:9a:be:05:2a:93:82:06:e0:02:fb:c1: d4:80:53:a0:0e:36:29:a6:53:a8:93:f9:48:76:74:89:e7:f6: 62:1a:73:2c:10:04:89:a8:2e:cc:b9:ce:9d:74:5b:d6:45:aa: fc:f1:74:88:de:d8:c4:6e:1d:97:92:27:77:04:b6:b6:72:57: d6:e2:c1:97:58:42:32:0a:bf:c0:9b:5d:8f:af:c8:31:8d:3f: 01:c4:c9:8b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUFfEiK4yrdUaBJjnFIyOSNCyGs4kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjE3MjMxMVoX DTI3MDUwMTE3MjgxMVowMzExMC8GA1UEAxMoODZBNkI2QjYzRkRDNjQ0OTNDNUVG MENBNTJDRjc4N0QyMERENzgwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7d1NRw6Cw6aJvNDpHR7BlSWUF6uw15nhzKzHwCmSPiYh6jNnrg9KThIuLs XRdy/KjloshkElXiV67eGTmmlW30osc1TFeCKgcyvr1NNdCFVYVed8PQA/GQT7/V CHnAZOaEf84Vb/wxbA3UbvAaLNx3kkpbFLsRJiJzEaUp+lPqh/hUQU0SfPKD1Hl8 RI4FihIRZGrEHjF8HVDSSOfFv2zNCV0T+tAbZ7mvFtOlmtIJHMdVDO7UgB2NSJiX T+XqGCKVz7XX1mDkjAwDuTYrBY/Ar1ezPFD9/DiUGvwuS5OiLk4w7xppkg+tzkDW ZuRcr23wfaPnz42Pq44IxG/BXAUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSGpra2 P9xkSTxe8MpSz3h9IN14ADAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTM5NDI4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnRSwMA0GCSqGSIb3DQEBCwUAA4IBAQCw9rkK+Yn3cvr3pn27Or1QCOEJ MRIqVAUrKczAabzp72xpz01UV+7zCFWPyGll/G4meyuo4sNyj2PrYrKorbr6IYAs edbNAvWVKmYXVFknO69FX31s92YpmbFt5jogjliBBbqmAfUihPPUlflLjA8p1v7R lJo1XOCOAHS3bFTC7ZIO5vWz4p+8N3i/jZ3AuxVrW2s7Dcm5dQJ+gPBsdzXBYbeb rOT02VjImr4FKpOCBuAC+8HUgFOgDjYpplOok/lIdnSJ5/ZiGnMsEASJqC7Muc6d dFvWRar88XSI3tjEbh2Xkid3BLa2clfW4sGXWEIyCr/Am12Pr8gxjT8BxMmL -----END CERTIFICATE-----Generated at Sat May 2 21:05:06 2026 by rpki-client