$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS132402.roa File: AS132402.roa (raw, json) Hash identifier: oaslRPbakFFaMpPc3VgJeQA3eqYhSyNjpIszyueYq1c= Subject key identifier: AF:62:98:B9:CC:16:90:9C:CA:23:9A:D1:DC:8D:72:2E:1F:3F:73:FC Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4C5DE0039915DD3498810D1B1E8EEC73D8A89D57 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS132402.roa Signing time: Thu 18 Jun 2026 04:20:15 +0000 ROA not before: Thu 18 Jun 2026 04:15:15 +0000 ROA not after: Thu 17 Jun 2027 04:20:15 +0000 asID: 132402 IP address blocks: 163.128.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 07:28:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:5d:e0:03:99:15:dd:34:98:81:0d:1b:1e:8e:ec:73:d8:a8:9d:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: Jun 18 04:15:15 2026 GMT Not After : Jun 17 04:20:15 2027 GMT Subject: CN=AF6298B9CC16909CCA239AD1DC8D722E1F3F73FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:00:ad:e5:0c:fc:19:af:53:a1:2a:22:70:a7: 8d:2f:fc:df:7e:d9:81:e7:ef:14:d5:40:31:9e:f8: c2:8a:fa:94:a8:25:4a:51:53:2a:89:59:2b:d4:2e: 7a:b6:73:65:5f:f2:eb:c3:0b:65:00:10:b7:31:f1: cf:02:b0:39:4f:7e:ca:37:98:dd:c5:b8:b0:72:37: 1a:e5:c6:99:5a:9e:7e:9d:ca:bf:dc:49:10:b8:99: 75:69:22:09:d2:69:54:98:89:be:bd:97:7c:d8:7d: 45:78:5a:f3:2f:5a:f7:9c:e5:82:c1:fe:c5:59:bf: 60:10:e7:b6:a8:80:3b:b2:5f:c6:2d:9a:ff:a0:d1: 4e:bc:39:69:d8:14:e9:4c:5c:b4:e8:3b:da:62:73: e4:e1:42:41:ca:ef:44:36:4b:7b:ae:52:a9:32:0a: ed:5f:ef:d9:d3:1c:33:8d:17:5e:1e:c9:64:fd:83: c3:f3:83:f6:de:8b:84:0c:41:2c:68:40:a9:f1:fc: c8:e9:8c:ba:5a:e0:15:c6:82:49:93:b5:31:d6:a0: ec:6b:dc:1c:ef:e7:d4:37:d4:99:d0:2d:1c:ef:ea: f0:0f:0f:46:d6:e9:ff:45:c8:6a:25:8c:a7:c6:63: 76:8c:3b:21:46:49:11:4f:34:77:e1:ab:e7:0e:df: 1d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:62:98:B9:CC:16:90:9C:CA:23:9A:D1:DC:8D:72:2E:1F:3F:73:FC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS132402.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.128.235.0/24 Signature Algorithm: sha256WithRSAEncryption 42:2b:1c:af:2f:f0:58:b4:28:5b:11:91:33:d7:6c:3c:5c:b8: 97:5d:ae:be:31:13:5e:8c:0d:9c:b5:d1:90:b5:be:e4:50:8c: e3:cb:45:fd:72:3a:e1:2f:5f:6a:50:1e:70:cf:a9:27:92:0d: 32:2b:e3:51:95:d1:a8:32:9e:06:66:e2:2d:31:6a:c9:b7:b4: 31:58:a8:5e:e1:8c:e8:02:be:c7:0f:7b:9a:87:d5:ec:07:0b: f7:2b:c4:a0:94:c4:39:31:17:ed:55:73:64:93:46:9c:26:2f: 00:20:9e:58:67:a0:9d:d6:f6:d3:ff:20:ca:b5:1b:18:81:ca: 6c:e1:1a:6a:c6:72:ee:cc:50:04:2d:d4:c5:78:65:9f:1b:05: c7:89:3e:10:05:1c:ea:89:87:14:a4:31:06:54:e3:dc:bb:33: d3:03:cf:5b:9b:97:11:be:7c:d6:db:3e:4c:63:af:e4:0c:fa: 53:34:20:b7:5b:bc:b9:dd:2f:45:d1:ce:80:dc:14:5c:e9:d6: 7f:0b:fa:c5:29:5d:c4:48:32:71:99:3b:09:8b:fd:0e:5b:f6: d9:da:8e:58:b3:5a:aa:1f:a7:25:4b:8b:8b:08:38:b1:be:16: ab:b5:7f:e2:5c:92:c1:7c:1e:87:e1:7f:9e:b8:35:6b:99:f0: dd:e2:01:82 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUTF3gA5kV3TSYgQ0bHo7sc9ionVcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDYxODA0MTUxNVoX DTI3MDYxNzA0MjAxNVowMzExMC8GA1UEAxMoQUY2Mjk4QjlDQzE2OTA5Q0NBMjM5 QUQxREM4RDcyMkUxRjNGNzNGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMAreUM/BmvU6EqInCnjS/8337ZgefvFNVAMZ74wor6lKglSlFTKolZK9Qu erZzZV/y68MLZQAQtzHxzwKwOU9+yjeY3cW4sHI3GuXGmVqefp3Kv9xJELiZdWki CdJpVJiJvr2XfNh9RXha8y9a95zlgsH+xVm/YBDntqiAO7Jfxi2a/6DRTrw5adgU 6UxctOg72mJz5OFCQcrvRDZLe65SqTIK7V/v2dMcM40XXh7JZP2Dw/OD9t6LhAxB LGhAqfH8yOmMulrgFcaCSZO1Mdag7GvcHO/n1DfUmdAtHO/q8A8PRtbp/0XIaiWM p8Zjdow7IUZJEU80d+Gr5w7fHXsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSvYpi5 zBaQnMojmtHcjXIuHz9z/DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMyNDAyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAo4DrMA0GCSqGSIb3DQEBCwUAA4IBAQBCKxyvL/BYtChbEZEz12w8XLiX Xa6+MRNejA2ctdGQtb7kUIzjy0X9cjrhL19qUB5wz6knkg0yK+NRldGoMp4GZuIt MWrJt7QxWKhe4YzoAr7HD3uah9XsBwv3K8SglMQ5MRftVXNkk0acJi8AIJ5YZ6Cd 1vbT/yDKtRsYgcps4RpqxnLuzFAELdTFeGWfGwXHiT4QBRzqiYcUpDEGVOPcuzPT A89bm5cRvnzW2z5MY6/kDPpTNCC3W7y53S9F0c6A3BRc6dZ/C/rFKV3ESDJxmTsJ i/0OW/bZ2o5Ys1qqH6clS4uLCDixvhartX/iXJLBfB6H4X+euDVrmfDd4gGC -----END CERTIFICATE-----Generated at Sat Jun 20 07:58:17 2026 by rpki-client