$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138554.roa File: AS138554.roa (raw, json) Hash identifier: Gc9qLRhPMOzE+JbJ0djtTNEiLFHaz8TiGwo314XyqJ4= Subject key identifier: 4A:0B:6E:C7:C0:67:CE:AB:BE:17:67:90:35:AC:94:3D:7F:A0:9C:C4 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5F78F101010055454540F065EC851418E3129BAB Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138554.roa Signing time: Sat 02 May 2026 09:27:06 +0000 ROA not before: Sat 02 May 2026 09:22:06 +0000 ROA not after: Sat 01 May 2027 09:27:06 +0000 asID: 138554 IP address blocks: 2001:df6:3d40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:78:f1:01:01:00:55:45:45:40:f0:65:ec:85:14:18:e3:12:9b:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:06 2026 GMT Not After : May 1 09:27:06 2027 GMT Subject: CN=4A0B6EC7C067CEABBE17679035AC943D7FA09CC4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ee:2d:7e:8e:34:93:30:5d:d9:23:ef:75:7a: 69:bf:46:d5:d4:a6:15:5c:e2:dc:c5:ae:d5:3e:d0: 7e:71:18:4e:82:5f:c4:a2:91:13:a5:81:58:ea:69: fd:aa:6d:9a:ba:23:b0:b9:00:65:02:85:28:52:82: 49:34:a5:63:c8:0a:27:a3:12:b2:2d:61:1b:a8:2d: 8f:f6:5e:5f:18:81:82:6a:06:35:46:00:7e:81:0d: 85:2b:e6:84:ea:6a:27:78:40:95:6e:61:f5:8e:a1: c0:5b:6d:a5:97:24:ba:85:e1:24:5a:a3:6d:bf:b7: eb:a7:c6:8a:9c:0f:be:92:89:40:4c:75:71:d8:af: 58:80:a5:c2:c1:30:69:45:40:17:6b:a3:6c:06:a6: 4a:51:c8:31:27:0c:0e:28:d6:74:4e:e8:f4:ed:89: 95:ee:74:96:30:cb:1b:da:a1:4f:a6:1d:bc:f8:e8: a0:8d:75:7a:41:a4:22:06:a1:6a:84:11:2f:e9:d5: b4:4d:b0:ee:c3:c7:09:63:1c:34:99:a2:72:74:2a: 70:27:0e:f0:d7:0a:d6:4e:31:4d:4a:a0:87:b8:91: df:cc:94:da:82:49:71:39:30:71:bd:95:6c:6a:bd: 18:cb:44:74:b4:c6:f0:01:81:43:c8:7d:03:c6:75: be:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:0B:6E:C7:C0:67:CE:AB:BE:17:67:90:35:AC:94:3D:7F:A0:9C:C4 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138554.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:3d40::/48 Signature Algorithm: sha256WithRSAEncryption 48:f1:9e:d3:00:24:98:f5:00:8d:46:25:3b:6f:01:48:7a:2d: a1:14:6b:2e:3e:19:c9:52:e8:44:8c:43:63:33:41:69:43:80: 94:23:bf:b9:22:ea:3d:d1:4a:bc:4b:b2:4e:24:e7:62:87:da: 4b:c2:e9:a0:06:79:e7:db:8c:d9:b7:63:88:50:e8:bb:1d:38: cb:e9:fa:5a:aa:bf:67:80:fa:b3:b4:e6:68:fc:9f:d7:14:e4: 36:64:d4:09:5d:61:f2:1e:e5:43:06:2c:39:b6:2b:a8:9c:ce: ac:1e:ec:d3:d6:3f:0e:ea:f0:18:5d:a7:1c:bd:b8:fe:ce:d4: 2e:f1:3c:ce:b3:ef:ee:cc:1c:b1:9f:99:46:f4:4b:fe:0f:6c: b4:33:7f:23:d3:84:34:4c:fd:fc:dd:a1:a1:c1:e9:8c:49:f7: 1b:26:b8:27:01:3f:0a:de:93:85:61:86:04:2f:69:f5:7d:c2: a8:95:4e:25:90:5e:44:97:a0:c3:03:50:d1:5d:ac:da:fd:de: 21:94:65:56:a0:4c:32:f1:41:3f:46:cf:a0:39:ad:60:9b:3c: 43:8d:15:a6:a0:0b:ea:db:1b:22:31:fc:4c:14:2a:53:bb:3e: 25:cf:95:ad:48:31:61:52:41:58:14:7b:0f:ac:2f:65:56:4d: e4:37:e6:16 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUX3jxAQEAVUVFQPBl7IUUGOMSm6swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwNloX DTI3MDUwMTA5MjcwNlowMzExMC8GA1UEAxMoNEEwQjZFQzdDMDY3Q0VBQkJFMTc2 NzkwMzVBQzk0M0Q3RkEwOUNDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALnuLX6ONJMwXdkj73V6ab9G1dSmFVzi3MWu1T7QfnEYToJfxKKRE6WBWOpp /aptmrojsLkAZQKFKFKCSTSlY8gKJ6MSsi1hG6gtj/ZeXxiBgmoGNUYAfoENhSvm hOpqJ3hAlW5h9Y6hwFttpZckuoXhJFqjbb+366fGipwPvpKJQEx1cdivWIClwsEw aUVAF2ujbAamSlHIMScMDijWdE7o9O2Jle50ljDLG9qhT6YdvPjooI11ekGkIgah aoQRL+nVtE2w7sPHCWMcNJmicnQqcCcO8NcK1k4xTUqgh7iR38yU2oJJcTkwcb2V bGq9GMtEdLTG8AGBQ8h9A8Z1vnECAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRKC27H wGfOq74XZ5A1rJQ9f6CcxDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4NTU0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9j1AMA0GCSqGSIb3DQEBCwUAA4IBAQBI8Z7TACSY9QCNRiU7bwFI ei2hFGsuPhnJUuhEjENjM0FpQ4CUI7+5Iuo90Uq8S7JOJOdih9pLwumgBnnn24zZ t2OIUOi7HTjL6fpaqr9ngPqztOZo/J/XFOQ2ZNQJXWHyHuVDBiw5tiuonM6sHuzT 1j8O6vAYXaccvbj+ztQu8TzOs+/uzByxn5lG9Ev+D2y0M38j04Q0TP383aGhwemM SfcbJrgnAT8K3pOFYYYEL2n1fcKolU4lkF5El6DDA1DRXaza/d4hlGVWoEwy8UE/ Rs+gOa1gmzxDjRWmoAvq2xsiMfxMFCpTuz4lz5WtSDFhUkFYFHsPrC9lVk3kN+YW -----END CERTIFICATE-----Generated at Sun May 3 00:39:48 2026 by rpki-client