$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS131715.roa File: AS131715.roa (raw, json) Hash identifier: 4KfEMrWPD3d52bOyCrEjEwKcjr7Lw09qWs8DPA5E5ek= Subject key identifier: 19:7C:BE:52:D2:88:DA:CA:63:85:97:DA:C1:21:CD:A0:55:A0:8A:58 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0F0AC46C70BA10C9E9F279F468CFEC64152477BA Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS131715.roa Signing time: Sat 02 May 2026 21:21:18 +0000 ROA not before: Sat 02 May 2026 21:16:18 +0000 ROA not after: Sat 01 May 2027 21:21:18 +0000 asID: 131715 IP address blocks: 103.8.228.0/24 maxlen: 24 103.209.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:0a:c4:6c:70:ba:10:c9:e9:f2:79:f4:68:cf:ec:64:15:24:77:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:16:18 2026 GMT Not After : May 1 21:21:18 2027 GMT Subject: CN=197CBE52D288DACA638597DAC121CDA055A08A58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:6f:02:ba:75:85:74:cb:2f:ee:c1:6b:23:24: 2b:d0:df:05:ea:da:64:6f:6b:4d:84:b7:cb:99:34: 48:04:25:b5:89:e3:5b:99:7a:ff:55:fc:3d:61:b4: c3:fa:81:80:58:ca:45:67:1d:ec:37:f8:11:2c:c2: 9b:e6:2b:ce:8e:3f:14:75:bd:ea:e0:06:09:30:bd: 8d:08:c1:ac:cd:2f:9c:c5:be:cd:0d:fd:87:e8:e3: 04:90:c0:cd:ec:26:4f:61:82:4e:0a:3d:5c:93:1d: 20:7b:e6:59:4c:24:73:8c:76:de:21:15:42:57:b3: d6:75:13:ee:74:73:80:b9:08:b8:b5:1f:f9:4a:4e: 20:91:75:18:87:3f:91:98:80:85:cf:ee:d6:a2:e9: f9:e5:a0:1f:86:94:fd:9e:54:ec:6d:fb:97:6d:9b: e6:66:fc:5a:2e:e4:4e:87:5c:a1:50:84:7b:35:6a: d0:de:9e:3a:09:53:59:f2:e5:a0:d0:6d:91:f8:74: 83:ab:f3:ac:9d:64:ab:c7:3a:ab:f0:2f:24:c5:d9: 77:e7:c0:9a:09:d8:80:de:00:f3:c8:cb:28:92:8b: 5f:7d:b0:4e:62:af:2e:ba:79:55:b3:12:ad:10:91: 08:ac:9a:dc:2b:20:d6:0a:59:f7:42:b3:76:21:79: 86:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:7C:BE:52:D2:88:DA:CA:63:85:97:DA:C1:21:CD:A0:55:A0:8A:58 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS131715.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.228.0/24 103.209.130.0/24 Signature Algorithm: sha256WithRSAEncryption 49:56:2c:ef:ea:ec:76:bc:84:5c:8b:19:03:e2:37:0e:10:6e: 83:01:25:be:c6:73:91:ab:96:bf:8d:ed:cc:28:04:32:6c:30: 93:6e:83:0a:6f:e6:63:ef:4f:ad:a2:71:51:da:98:47:6f:d5: 67:45:02:74:2d:ef:7d:7a:eb:80:fe:ee:b7:48:48:f4:57:8a: 15:24:20:12:11:68:d9:d0:3a:ef:2c:29:9b:12:11:91:c3:c2: dd:ec:85:3a:1a:4b:c8:41:40:70:a3:9a:1c:1d:c8:8f:f8:2a: 1b:47:bf:16:3b:61:e6:4e:a0:25:31:06:4e:f1:df:71:22:09: 93:c4:25:a1:3c:78:2c:0f:0d:30:fd:2a:d6:65:19:40:8e:b8: 78:c6:36:fb:20:89:1b:bb:29:d5:36:41:6d:d9:4e:ca:85:5c: a6:ae:d6:73:f7:7f:fb:94:73:e0:33:04:d6:04:b0:8f:7b:70: f2:fe:38:49:47:5c:36:36:08:ff:cc:ce:9f:b9:b8:ba:e5:35: c6:f0:f5:17:cf:f6:be:1e:75:a0:07:13:06:7b:99:ba:d4:5f: 51:26:e7:98:88:6c:e9:88:67:dc:65:a3:80:b4:40:03:2d:42: 07:73:62:4e:b2:f0:db:3d:c9:ce:8d:f5:6a:b6:9f:b9:a6:59: c1:5d:2c:37 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUDwrEbHC6EMnp8nn0aM/sZBUkd7owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTYxOFoX DTI3MDUwMTIxMjExOFowMzExMC8GA1UEAxMoMTk3Q0JFNTJEMjg4REFDQTYzODU5 N0RBQzEyMUNEQTA1NUEwOEE1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFvArp1hXTLL+7BayMkK9DfBeraZG9rTYS3y5k0SAQltYnjW5l6/1X8PWG0 w/qBgFjKRWcd7Df4ESzCm+Yrzo4/FHW96uAGCTC9jQjBrM0vnMW+zQ39h+jjBJDA zewmT2GCTgo9XJMdIHvmWUwkc4x23iEVQlez1nUT7nRzgLkIuLUf+UpOIJF1GIc/ kZiAhc/u1qLp+eWgH4aU/Z5U7G37l22b5mb8Wi7kTodcoVCEezVq0N6eOglTWfLl oNBtkfh0g6vzrJ1kq8c6q/AvJMXZd+fAmgnYgN4A88jLKJKLX32wTmKvLrp5VbMS rRCRCKya3Csg1gpZ90KzdiF5hlkCAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQZfL5S 0ojaymOFl9rBIc2gVaCKWDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMxNzE1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAZwjkAwQAZ9GCMA0GCSqGSIb3DQEBCwUAA4IBAQBJVizv6ux2vIRcixkD 4jcOEG6DASW+xnORq5a/je3MKAQybDCTboMKb+Zj70+tonFR2phHb9VnRQJ0Le99 euuA/u63SEj0V4oVJCASEWjZ0DrvLCmbEhGRw8Ld7IU6GkvIQUBwo5ocHciP+Cob R78WO2HmTqAlMQZO8d9xIgmTxCWhPHgsDw0w/SrWZRlAjrh4xjb7IIkbuynVNkFt 2U7KhVymrtZz93/7lHPgMwTWBLCPe3Dy/jhJR1w2Ngj/zM6fubi65TXG8PUXz/a+ HnWgBxMGe5m61F9RJueYiGzpiGfcZaOAtEADLUIHc2JOsvDbPcnOjfVqtp+5plnB XSw3 -----END CERTIFICATE-----Generated at Sun May 3 00:42:20 2026 by rpki-client