$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS58821.roa File: AS58821.roa (raw, json) Hash identifier: l31iHjUG3VVm9RF0JFla96JZ+T62RuH9lCq3JLvlQzM= Subject key identifier: 0E:EE:B2:EC:BC:9B:5D:29:06:5D:09:EB:76:58:F2:E2:91:A7:B3:32 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 4965E6903BC4B747F38A827CA9CD256272CE578C Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS58821.roa Signing time: Sat 02 May 2026 09:25:11 +0000 ROA not before: Sat 02 May 2026 09:20:11 +0000 ROA not after: Sat 01 May 2027 09:25:11 +0000 asID: 58821 IP address blocks: 165.101.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:65:e6:90:3b:c4:b7:47:f3:8a:82:7c:a9:cd:25:62:72:ce:57:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:11 2026 GMT Not After : May 1 09:25:11 2027 GMT Subject: CN=0EEEB2ECBC9B5D29065D09EB7658F2E291A7B332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:14:e7:57:73:83:42:b0:d3:c1:28:45:3e:b5: 04:62:ef:ca:14:ec:a5:d6:59:14:36:26:dd:10:96: a0:e3:7a:e8:8a:30:eb:69:33:af:12:81:88:65:8c: 4c:46:ce:6f:a0:ef:d4:71:4a:69:11:81:2b:dc:bb: 6a:36:0c:0f:a1:e9:b5:bf:ea:9b:3c:1b:a3:39:ae: 37:08:75:f5:b1:cb:2b:11:2b:05:3b:e2:00:b8:b3: 78:bd:36:85:48:13:45:fc:92:f5:37:6a:3b:fe:30: 27:c2:b3:89:1a:d0:29:fd:c7:94:c3:68:18:03:10: cb:75:1b:e3:60:6a:d9:d5:40:31:a8:3c:bb:ea:cd: 1a:e4:38:2d:78:3d:c2:fc:9c:69:e2:08:d5:48:fc: 91:05:b6:16:a5:d3:cd:0c:53:84:1a:f6:53:59:45: de:d7:8c:f6:c3:89:e6:c0:6d:79:49:25:3d:ee:69: 02:b8:67:cd:ba:f2:b8:23:9b:af:a3:82:1b:5f:3d: 56:c0:49:b9:14:66:9d:26:d2:55:e9:ab:b3:15:e8: 26:cf:01:0d:f0:32:2a:88:3f:77:c7:0b:05:4d:32: 96:7b:fd:0f:48:f9:b6:9f:f4:4e:67:66:0c:dd:b8: 79:3a:ec:dd:16:62:01:72:48:37:96:7d:55:58:1b: 80:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:EE:B2:EC:BC:9B:5D:29:06:5D:09:EB:76:58:F2:E2:91:A7:B3:32 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS58821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.42.0/23 Signature Algorithm: sha256WithRSAEncryption 62:02:79:f1:6a:dd:a3:68:7a:1c:b8:a0:0c:95:0f:93:f0:3a: 78:fa:31:44:57:6a:3b:8a:5c:b6:1e:53:9f:35:1d:5f:55:53: 60:3a:b0:07:21:46:16:ec:fc:b9:61:35:da:e3:45:4b:89:aa: 1a:44:cc:43:4f:ce:38:69:0e:84:32:9e:e6:6c:ea:dd:8c:d5: d8:5d:36:67:82:9b:cb:a9:2f:bb:a9:f1:57:9d:4f:f1:9b:02: a2:db:79:64:da:a3:3a:5f:9a:b6:af:9d:fe:73:f3:5d:1e:87: d1:1c:2c:d8:92:7a:93:49:41:1e:5f:b6:84:51:75:04:a1:ee: 0d:03:92:c3:ef:60:a3:f3:f1:25:21:7b:94:5b:69:fa:37:f5: 77:11:69:88:ad:0d:e8:b2:b2:1c:4c:8c:f2:68:61:8c:af:5f: 3e:6e:81:af:68:8f:b7:8a:31:be:c3:21:b5:93:57:d5:25:c5: 79:0c:1a:52:8c:d0:d6:91:2d:76:32:8a:66:f2:a8:6f:6c:3d: 3b:a7:27:2d:c5:5f:8a:18:a3:06:f4:98:2d:72:55:39:e0:2b: 3e:82:70:da:bc:85:94:f0:e5:0e:6d:a6:95:12:18:2f:5a:64: a4:f7:af:23:40:93:64:46:ae:00:eb:11:dc:83:56:b3:72:1c: 0a:be:64:46 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUSWXmkDvEt0fzioJ8qc0lYnLOV4wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAxMVoX DTI3MDUwMTA5MjUxMVowMzExMC8GA1UEAxMoMEVFRUIyRUNCQzlCNUQyOTA2NUQw OUVCNzY1OEYyRTI5MUE3QjMzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANcU51dzg0Kw08EoRT61BGLvyhTspdZZFDYm3RCWoON66Iow62kzrxKBiGWM TEbOb6Dv1HFKaRGBK9y7ajYMD6Hptb/qmzwbozmuNwh19bHLKxErBTviALizeL02 hUgTRfyS9TdqO/4wJ8KziRrQKf3HlMNoGAMQy3Ub42Bq2dVAMag8u+rNGuQ4LXg9 wvycaeII1Uj8kQW2FqXTzQxThBr2U1lF3teM9sOJ5sBteUklPe5pArhnzbryuCOb r6OCG189VsBJuRRmnSbSVemrsxXoJs8BDfAyKog/d8cLBU0ylnv9D0j5tp/0Tmdm DN24eTrs3RZiAXJIN5Z9VVgbgMsCAwEAAaOCAcswggHHMB0GA1UdDgQWBBQO7rLs vJtdKQZdCet2WPLikaezMjAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTNTg4MjEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAGlZSowDQYJKoZIhvcNAQELBQADggEBAGICefFq3aNoehy4oAyVD5PwOnj6 MURXajuKXLYeU581HV9VU2A6sAchRhbs/LlhNdrjRUuJqhpEzENPzjhpDoQynuZs 6t2M1dhdNmeCm8upL7up8VedT/GbAqLbeWTaozpfmravnf5z810eh9EcLNiSepNJ QR5ftoRRdQSh7g0DksPvYKPz8SUhe5Rbafo39XcRaYitDeiyshxMjPJoYYyvXz5u ga9oj7eKMb7DIbWTV9UlxXkMGlKM0NaRLXYyimbyqG9sPTunJy3FX4oYowb0mC1y VTngKz6CcNq8hZTw5Q5tppUSGC9aZKT3ryNAk2RGrgDrEdyDVrNyHAq+ZEY= -----END CERTIFICATE-----Generated at Sat May 2 21:05:30 2026 by rpki-client