$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138804.roa File: AS138804.roa (raw, json) Hash identifier: ZeQshtdLwqB2b8CSCZg4efPKpXTPJcSnzbRlfnY5gkE= Subject key identifier: 45:07:54:07:56:EB:0F:69:D6:25:DC:6C:EB:0E:4F:CD:70:0D:F0:5E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3C053CC5C1510A20F444879BBE86E799F6F78074 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138804.roa Signing time: Sat 02 May 2026 09:25:42 +0000 ROA not before: Sat 02 May 2026 09:20:42 +0000 ROA not after: Sat 01 May 2027 09:25:42 +0000 asID: 138804 IP address blocks: 163.61.87.0/24 maxlen: 24 2001:df4:5fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:05:3c:c5:c1:51:0a:20:f4:44:87:9b:be:86:e7:99:f6:f7:80:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:42 2026 GMT Not After : May 1 09:25:42 2027 GMT Subject: CN=4507540756EB0F69D625DC6CEB0E4FCD700DF05E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:9c:78:84:62:ec:4d:cd:8a:94:89:f4:7e:c0: 04:78:d4:1b:ca:88:dc:99:c8:7a:5a:fe:c7:16:dd: df:16:1a:ad:1b:06:40:c2:f6:d4:b3:55:19:2f:ad: 84:79:ff:14:d3:5a:8b:21:66:62:21:5d:34:36:fe: f8:d3:15:5f:9e:58:04:aa:f2:87:f7:b8:45:20:fb: 65:c7:15:4a:c3:1f:67:19:61:92:8d:82:0e:6d:1d: a9:61:f7:42:dc:11:e1:5a:a0:69:db:87:55:d1:f1: 0f:c6:af:55:5d:d6:b2:1c:e2:88:86:83:1a:45:76: fb:73:7c:f3:ec:34:54:09:85:d4:4b:2f:1f:6d:71: 1d:99:81:20:46:34:a3:98:a4:29:aa:23:7e:e8:83: ab:33:c6:74:a8:15:8f:e8:1a:2f:5f:06:bd:b6:64: ea:20:12:ea:fd:e4:d1:15:2d:34:b6:02:10:98:04: eb:1b:f5:f2:df:7e:ab:34:e7:e4:14:d6:05:cd:35: b8:03:5b:3b:35:72:9c:7f:26:f4:de:96:0e:e3:29: 27:5c:67:ef:d0:5a:c6:34:32:6e:29:fa:7e:8d:21: d8:4f:e6:1b:98:a5:fb:00:97:0c:83:f3:60:9d:2a: 75:f6:bf:9e:0f:f3:be:9f:b1:5e:ce:01:e9:8e:8e: 58:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:07:54:07:56:EB:0F:69:D6:25:DC:6C:EB:0E:4F:CD:70:0D:F0:5E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138804.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.87.0/24 IPv6: 2001:df4:5fc0::/48 Signature Algorithm: sha256WithRSAEncryption 51:4e:61:24:9a:40:f3:da:35:8a:3e:04:1f:a8:ba:f2:20:a5: 0f:bc:83:b4:2a:6d:9b:ef:7b:2d:e0:d1:c3:dc:4e:df:60:19: e3:e5:e4:70:04:2d:ec:ad:3b:e8:af:b8:0a:3c:b1:aa:c7:11: 31:b3:4f:a1:52:ef:70:31:69:3a:86:30:f2:4d:3a:d6:dd:4a: 29:0f:29:8a:4a:87:fb:08:03:3c:e7:c8:0a:3d:33:e9:c7:2c: 2f:c8:87:2f:56:59:b4:b9:d1:be:36:2f:61:69:05:00:a5:12: d2:cd:72:ff:74:9c:d1:40:d0:bf:7b:fa:b0:12:da:48:b6:42: 09:eb:c0:7e:9f:f4:5d:7f:84:77:54:24:2a:57:31:da:34:7d: 31:95:d3:55:6f:78:04:93:1c:37:88:aa:84:de:4e:ff:1b:88: 5a:0d:f8:cf:32:4e:55:c3:59:f9:4e:6d:81:2b:17:b8:62:6f: 44:7c:11:b5:6a:1f:0f:b0:07:54:82:24:1e:b3:a9:77:cf:6f: 3c:ef:33:55:fa:0d:c4:c3:5f:74:81:89:4c:e0:99:ae:c0:1b: d9:a2:5c:d2:01:53:ef:df:f2:b3:f6:bb:8c:03:5a:d5:1e:62: 8a:69:54:66:33:f1:f7:e8:1c:90:f1:92:75:4c:52:0a:6f:1e: ff:5b:49:0a -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUPAU8xcFRCiD0RIebvobnmfb3gHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA0MloX DTI3MDUwMTA5MjU0MlowMzExMC8GA1UEAxMoNDUwNzU0MDc1NkVCMEY2OUQ2MjVE QzZDRUIwRTRGQ0Q3MDBERjA1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2ceIRi7E3NipSJ9H7ABHjUG8qI3JnIelr+xxbd3xYarRsGQML21LNVGS+t hHn/FNNaiyFmYiFdNDb++NMVX55YBKryh/e4RSD7ZccVSsMfZxlhko2CDm0dqWH3 QtwR4VqgaduHVdHxD8avVV3WshziiIaDGkV2+3N88+w0VAmF1EsvH21xHZmBIEY0 o5ikKaojfuiDqzPGdKgVj+gaL18GvbZk6iAS6v3k0RUtNLYCEJgE6xv18t9+qzTn 5BTWBc01uANbOzVynH8m9N6WDuMpJ1xn79BaxjQybin6fo0h2E/mG5il+wCXDIPz YJ0qdfa/ng/zvp+xXs4B6Y6OWDUCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBRFB1QH VusPadYl3GzrDk/NcA3wXjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODA0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQAoz1XMA8EAgACMAkDBwAgAQ30X8AwDQYJKoZIhvcNAQELBQADggEBAFFO YSSaQPPaNYo+BB+ouvIgpQ+8g7QqbZvvey3g0cPcTt9gGePl5HAELeytO+ivuAo8 sarHETGzT6FS73AxaTqGMPJNOtbdSikPKYpKh/sIAzznyAo9M+nHLC/Ihy9WWbS5 0b42L2FpBQClEtLNcv90nNFA0L97+rAS2ki2QgnrwH6f9F1/hHdUJCpXMdo0fTGV 01VveASTHDeIqoTeTv8biFoN+M8yTlXDWflObYErF7hib0R8EbVqHw+wB1SCJB6z qXfPbzzvM1X6DcTDX3SBiUzgma7AG9miXNIBU+/f8rP2u4wDWtUeYoppVGYz8ffo HJDxknVMUgpvHv9bSQo= -----END CERTIFICATE-----Generated at Sun May 3 00:40:32 2026 by rpki-client