$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS55688.roa File: AS55688.roa (raw, json) Hash identifier: 4Dwpf2Swhlbf0z2eAE49I6x8a7INRyjmJm9GrLWT27I= Subject key identifier: 68:FD:27:50:7E:29:95:A0:39:79:7D:D6:31:03:32:0E:4C:69:10:D3 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 1AA12B8025BB939044EE49A2A61B6CA5A52EC0DC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS55688.roa Signing time: Sat 02 May 2026 16:56:07 +0000 ROA not before: Sat 02 May 2026 16:51:07 +0000 ROA not after: Sat 01 May 2027 16:56:07 +0000 asID: 55688 IP address blocks: 157.66.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a1:2b:80:25:bb:93:90:44:ee:49:a2:a6:1b:6c:a5:a5:2e:c0:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 16:51:07 2026 GMT Not After : May 1 16:56:07 2027 GMT Subject: CN=68FD27507E2995A039797DD63103320E4C6910D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:fe:4d:ef:45:99:b5:77:32:99:f2:93:12:f3: 7c:c9:d0:5b:7e:71:3e:03:f3:ce:fe:2d:be:03:d5: f2:df:30:ce:cf:ac:e7:a2:b9:ff:93:d9:64:7e:3d: 24:23:e7:c7:44:9c:72:24:8e:f7:ab:71:5c:a3:34: f3:bd:ea:9e:46:ba:70:90:3c:31:65:67:7d:45:c3: 3d:36:ae:a7:7f:69:d4:29:80:31:c4:91:da:37:16: 0b:17:20:d3:d8:5b:e4:5f:82:b3:cf:a3:1e:56:d9: 9f:10:09:dd:cc:42:73:db:98:55:36:52:9a:15:d9: 95:5d:09:e0:ec:5c:63:c4:d4:d7:63:9f:8d:c0:9d: 46:16:d3:cc:5c:51:8c:fa:30:6f:d1:ed:eb:f1:06: 35:c9:d4:08:ef:2f:21:f8:4d:3e:00:49:92:09:00: 47:17:4c:1b:c2:a5:04:bb:81:e7:03:9f:a2:9d:ae: f3:2e:88:b7:a3:6d:e0:2e:31:28:41:c0:97:88:73: 55:e4:5b:ec:f2:e7:4e:06:0d:4b:b3:31:c2:d6:9e: 42:0b:c1:11:c7:9e:fc:90:ee:04:25:3a:95:26:65: 81:ed:2f:bb:ff:b9:c2:3e:19:87:93:b5:6d:df:63: 0b:a5:c2:46:b3:28:4d:74:74:81:bd:62:03:2e:fe: da:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:FD:27:50:7E:29:95:A0:39:79:7D:D6:31:03:32:0E:4C:69:10:D3 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS55688.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.34.0/23 Signature Algorithm: sha256WithRSAEncryption 25:2b:53:55:ab:c6:e9:6c:2d:ef:53:64:be:46:06:4d:30:d8: 59:7b:87:fe:2e:1a:ea:3c:8b:c3:af:45:90:e4:00:60:42:79: 6b:ce:2c:3d:b5:2b:ff:22:74:24:f6:98:bc:79:c9:3c:92:24: d3:57:02:d8:36:cb:1c:73:c4:32:6f:e1:a2:3e:6f:c8:f1:4b: 82:5c:87:46:02:f2:10:fb:77:2f:6f:e8:19:98:93:cb:e1:0f: 99:61:b7:a0:00:59:a4:c0:07:da:7d:37:6e:5f:ba:d5:af:fa: 63:bc:c0:9e:79:c5:f1:4e:f3:85:76:59:7e:25:50:70:9f:fd: 5e:15:3b:03:05:86:f3:0b:bd:52:86:ba:a3:eb:4f:04:a1:75: 6d:3c:85:cc:d6:81:df:28:6e:d9:5e:ef:6d:2d:25:ff:d0:a9: 35:63:b8:76:20:06:f5:1e:27:0f:05:f6:d3:59:7d:79:ad:85: f6:65:1e:b1:7b:32:88:ac:82:e2:8b:8d:5c:32:2f:a2:a6:7a: fc:78:dd:7f:be:dc:ee:0e:38:57:c0:a3:4a:6a:f2:24:87:28: 3a:5c:68:7e:09:76:c1:d8:9a:22:98:15:cd:36:67:e3:d5:ce: 84:92:56:94:ee:c8:c2:c3:70:29:81:19:17:b4:70:b5:51:08: d9:a2:49:e8 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUGqErgCW7k5BE7kmiphtspaUuwNwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjE2NTEwN1oX DTI3MDUwMTE2NTYwN1owMzExMC8GA1UEAxMoNjhGRDI3NTA3RTI5OTVBMDM5Nzk3 REQ2MzEwMzMyMEU0QzY5MTBEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALn+Te9FmbV3MpnykxLzfMnQW35xPgPzzv4tvgPV8t8wzs+s56K5/5PZZH49 JCPnx0ScciSO96txXKM0873qnka6cJA8MWVnfUXDPTaup39p1CmAMcSR2jcWCxcg 09hb5F+Cs8+jHlbZnxAJ3cxCc9uYVTZSmhXZlV0J4OxcY8TU12OfjcCdRhbTzFxR jPowb9Ht6/EGNcnUCO8vIfhNPgBJkgkARxdMG8KlBLuB5wOfop2u8y6It6Nt4C4x KEHAl4hzVeRb7PLnTgYNS7MxwtaeQgvBEcee/JDuBCU6lSZlge0vu/+5wj4Zh5O1 bd9jC6XCRrMoTXR0gb1iAy7+2hUCAwEAAaOCAcswggHHMB0GA1UdDgQWBBRo/SdQ fimVoDl5fdYxAzIOTGkQ0zAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTNTU2ODgucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAGdQiIwDQYJKoZIhvcNAQELBQADggEBACUrU1WrxulsLe9TZL5GBk0w2Fl7 h/4uGuo8i8OvRZDkAGBCeWvOLD21K/8idCT2mLx5yTySJNNXAtg2yxxzxDJv4aI+ b8jxS4Jch0YC8hD7dy9v6BmYk8vhD5lht6AAWaTAB9p9N25futWv+mO8wJ55xfFO 84V2WX4lUHCf/V4VOwMFhvMLvVKGuqPrTwShdW08hczWgd8obtle720tJf/QqTVj uHYgBvUeJw8F9tNZfXmthfZlHrF7MoisguKLjVwyL6Kmevx43X++3O4OOFfAo0pq 8iSHKDpcaH4JdsHYmiKYFc02Z+PVzoSSVpTuyMLDcCmBGRe0cLVRCNmiSeg= -----END CERTIFICATE-----Generated at Sat May 2 21:05:02 2026 by rpki-client