$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS139433.roa File: AS139433.roa (raw, json) Hash identifier: f1vFFesQu2JekHX8QvtOtKFTZ7F3awQi75WIbuLALYQ= Subject key identifier: 21:F9:92:63:6C:DA:8B:26:CF:78:39:AA:EB:9A:47:BB:A4:8F:22:C1 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 32638E5C6131BDC7B90A1D41F99EFE58E9465D59 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139433.roa Signing time: Sat 02 May 2026 21:35:37 +0000 ROA not before: Sat 02 May 2026 21:30:37 +0000 ROA not after: Sat 01 May 2027 21:35:37 +0000 asID: 139433 IP address blocks: 2406:6d40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:63:8e:5c:61:31:bd:c7:b9:0a:1d:41:f9:9e:fe:58:e9:46:5d:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:30:37 2026 GMT Not After : May 1 21:35:37 2027 GMT Subject: CN=21F992636CDA8B26CF7839AAEB9A47BBA48F22C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:85:54:f4:e3:7c:29:e5:e7:b6:3c:8d:73:89: a4:c6:c5:52:bd:3b:6f:d1:bb:bb:db:f1:1d:d8:0d: 89:17:8d:41:2f:7e:7d:1c:21:00:86:97:64:0e:d0: 20:00:9b:9a:7d:23:67:7a:8e:21:1c:9f:8c:4d:fc: 68:1c:46:c3:10:44:dd:38:a4:20:b4:59:f3:5b:21: 9c:c6:70:6c:3d:36:c6:a9:b6:a6:e5:5a:90:8c:69: 1c:12:a2:44:94:ae:7c:11:0b:c1:f1:7a:76:50:f6: 8b:79:72:0e:0d:e7:84:6d:0e:75:64:01:9c:b8:ea: 35:e7:eb:c1:5f:a5:12:4c:26:05:a9:95:c7:7c:75: bb:3b:e9:28:91:cb:64:f6:f0:d0:38:09:30:f4:fa: e1:2c:f1:2f:ae:6a:91:8f:56:f7:07:8d:55:a8:13: 64:b4:2c:9b:3b:e0:50:fb:0e:66:c0:48:47:d3:bf: 12:48:32:95:99:8c:f8:2a:27:d3:fe:5d:3d:9f:3f: 21:fa:67:c2:a4:c1:b1:e2:0d:0c:30:94:29:be:fd: 9f:af:39:92:7f:7d:f5:f8:d2:24:1d:d8:17:9e:4f: b3:f3:cd:2a:31:b8:54:51:98:9a:e3:74:92:ad:33: b3:df:4c:1f:e2:97:ab:ef:01:e3:0f:0b:b1:ea:69: 07:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F9:92:63:6C:DA:8B:26:CF:78:39:AA:EB:9A:47:BB:A4:8F:22:C1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139433.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:6d40::/32 Signature Algorithm: sha256WithRSAEncryption 66:be:fc:ea:8b:91:12:93:fc:fb:9c:a5:3a:47:d5:15:f9:6f: 33:21:c8:00:0d:9b:28:9b:c8:f5:dc:ed:89:65:5d:d1:ec:4c: f7:16:a6:eb:96:df:70:9d:c0:5c:7c:1e:87:2a:3e:7c:a4:17: ca:6b:b1:54:c1:23:e9:ad:2e:ed:28:c4:0b:7c:59:6d:50:ce: 17:25:41:1f:a2:4f:fd:e1:ec:2c:dc:df:43:b5:ef:87:3f:8f: 76:c4:ca:c6:d7:58:c7:55:d1:8b:f4:23:0a:c0:a7:73:2a:79: df:a7:08:dc:c9:10:ed:c7:00:a4:be:44:73:81:6e:79:10:88: c8:f6:9e:92:a4:43:a5:70:40:42:6b:89:32:56:ca:ed:a0:96: 84:6a:f1:09:07:00:24:7d:e4:17:5c:78:df:d1:fe:39:e3:87: c0:ed:32:2b:fb:45:ac:86:36:d8:7e:f1:de:15:29:0d:a4:2d: 98:3b:a4:3c:94:12:70:00:b3:0a:92:06:d1:d0:b8:f8:b0:94: fa:6a:22:3d:5b:8a:a7:a9:cb:d3:49:88:7b:ac:d8:a6:6f:17: 0e:d3:91:96:8b:4c:7f:b6:07:6a:d9:79:32:27:a5:93:db:2c: e3:9a:4e:af:21:9e:83:85:88:bd:76:c1:2f:0f:25:7b:72:e6: 15:55:cb:ce -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgIUMmOOXGExvce5Ch1B+Z7+WOlGXVkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMzAzN1oX DTI3MDUwMTIxMzUzN1owMzExMC8GA1UEAxMoMjFGOTkyNjM2Q0RBOEIyNkNGNzgz OUFBRUI5QTQ3QkJBNDhGMjJDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANqFVPTjfCnl57Y8jXOJpMbFUr07b9G7u9vxHdgNiReNQS9+fRwhAIaXZA7Q IACbmn0jZ3qOIRyfjE38aBxGwxBE3TikILRZ81shnMZwbD02xqm2puVakIxpHBKi RJSufBELwfF6dlD2i3lyDg3nhG0OdWQBnLjqNefrwV+lEkwmBamVx3x1uzvpKJHL ZPbw0DgJMPT64SzxL65qkY9W9weNVagTZLQsmzvgUPsOZsBIR9O/EkgylZmM+Con 0/5dPZ8/IfpnwqTBseINDDCUKb79n685kn999fjSJB3YF55Ps/PNKjG4VFGYmuN0 kq0zs99MH+KXq+8B4w8LseppB/kCAwEAAaOCAc0wggHJMB0GA1UdDgQWBBQh+ZJj bNqLJs94Oarrmke7pI8iwTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM5NDMzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIA AjAHAwUAJAZtQDANBgkqhkiG9w0BAQsFAAOCAQEAZr786ouREpP8+5ylOkfVFflv MyHIAA2bKJvI9dztiWVd0exM9xam65bfcJ3AXHwehyo+fKQXymuxVMEj6a0u7SjE C3xZbVDOFyVBH6JP/eHsLNzfQ7Xvhz+PdsTKxtdYx1XRi/QjCsCncyp536cI3MkQ 7ccApL5Ec4FueRCIyPaekqRDpXBAQmuJMlbK7aCWhGrxCQcAJH3kF1x439H+OeOH wO0yK/tFrIY22H7x3hUpDaQtmDukPJQScACzCpIG0dC4+LCU+moiPVuKp6nL00mI e6zYpm8XDtORlotMf7YHatl5Mielk9ss45pOryGeg4WIvXbBLw8le3LmFVXLzg== -----END CERTIFICATE-----Generated at Sun May 3 01:44:01 2026 by rpki-client