$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140304.roa File: AS140304.roa (raw, json) Hash identifier: ofUsZfPDIwhQg3cyrqA8Xok+RIrIPQx6QQqAK66Nlw4= Subject key identifier: A2:26:8E:2A:25:70:54:68:AC:FE:21:25:FE:E3:BC:30:50:A2:BF:14 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 49D081315BE8319B498FFF98A49A29AFF4AC2D0C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140304.roa Signing time: Sat 02 May 2026 08:35:55 +0000 ROA not before: Sat 02 May 2026 08:30:55 +0000 ROA not after: Sat 01 May 2027 08:35:55 +0000 asID: 140304 IP address blocks: 2001:df6:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:d0:81:31:5b:e8:31:9b:49:8f:ff:98:a4:9a:29:af:f4:ac:2d:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:55 2026 GMT Not After : May 1 08:35:55 2027 GMT Subject: CN=A2268E2A25705468ACFE2125FEE3BC3050A2BF14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:e1:24:27:d8:c9:94:3c:27:7a:be:af:71:9c: d2:f3:9e:ee:33:b0:93:c0:df:76:68:c6:e6:b4:cb: c7:40:0d:39:46:70:57:5d:85:7b:f7:3c:e3:3a:6a: f0:bb:32:a7:ae:97:f9:d9:de:20:35:36:94:6d:0a: 27:81:f4:1e:03:0f:62:d9:63:f8:08:9f:30:c4:b8: 52:e5:4d:e8:8a:5b:0e:92:9c:80:27:21:a7:64:7b: c5:e6:71:fb:f2:f0:0f:78:ab:68:dd:0f:ce:02:d8: 97:08:18:51:fd:f9:b7:b2:01:25:14:37:02:5b:d9: 91:8f:b1:95:31:b1:a8:7e:50:28:42:ff:66:3a:ed: e4:ff:bb:d4:c8:c2:51:41:e4:b3:84:18:c0:24:87: b2:e7:11:b0:db:6b:cb:a6:40:ba:0f:0e:40:ac:35: 97:46:04:bb:e6:fc:c6:41:98:41:2a:87:ce:21:19: 04:9f:a3:b8:06:2e:8a:88:6c:72:19:6a:10:56:57: d8:6c:81:28:3f:eb:ff:6b:39:e6:79:29:8e:55:ce: 7a:d7:08:86:84:0e:4d:44:c4:77:7e:8e:e6:2f:ba: 94:f3:6e:4c:08:a5:ca:88:39:d3:a0:8e:ec:ab:8a: e4:0d:24:10:89:c9:7d:aa:52:0b:83:e9:86:cf:72: b7:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:26:8E:2A:25:70:54:68:AC:FE:21:25:FE:E3:BC:30:50:A2:BF:14 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:b040::/48 Signature Algorithm: sha256WithRSAEncryption 00:a1:f7:59:71:3d:20:63:6f:12:b2:a7:21:12:25:82:fe:4d: bf:15:da:04:53:58:fc:cb:c4:5d:ae:cf:51:0c:19:d2:52:8b: d8:48:b4:54:37:1a:63:1f:35:f2:5e:19:4e:f2:39:32:2f:a2: 6b:f3:71:28:5f:f7:83:97:f0:87:b6:a3:b6:14:2f:8e:e1:a7: 31:5a:44:b6:23:b2:73:18:e6:19:48:01:25:b7:cc:27:48:f9: 2c:4d:7d:bb:4d:43:0f:44:1f:3f:56:0e:0f:8a:18:4f:8c:f9: 38:f5:3a:e0:9c:a6:76:c6:29:e2:81:03:fc:69:ea:e4:80:a5: 50:67:05:2c:c1:3b:5a:fe:88:c2:c6:34:4e:ee:3d:0e:32:ca: d9:02:9a:48:cd:1a:aa:c8:36:3f:3f:f3:d0:8f:73:93:3c:ef: c9:76:73:a8:95:5b:50:3b:6a:30:63:7d:35:32:ea:09:e9:32: e3:9d:ed:5d:49:96:69:89:9e:98:01:3f:ea:61:a9:05:49:33: da:ed:a2:78:f3:84:ec:6c:06:2f:5c:60:b4:dd:79:1c:53:38: 61:e9:60:5c:5b:45:4c:52:fc:b3:bd:10:a7:5b:66:56:e6:a8: 2c:f1:24:ae:4d:b5:8f:89:b8:6b:ad:0b:76:e4:18:93:00:08: 28:9f:48:c3 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUSdCBMVvoMZtJj/+YpJopr/SsLQwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzA1NVoX DTI3MDUwMTA4MzU1NVowMzExMC8GA1UEAxMoQTIyNjhFMkEyNTcwNTQ2OEFDRkUy MTI1RkVFM0JDMzA1MEEyQkYxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJXhJCfYyZQ8J3q+r3Gc0vOe7jOwk8DfdmjG5rTLx0ANOUZwV12Fe/c84zpq 8Lsyp66X+dneIDU2lG0KJ4H0HgMPYtlj+AifMMS4UuVN6IpbDpKcgCchp2R7xeZx +/LwD3iraN0PzgLYlwgYUf35t7IBJRQ3AlvZkY+xlTGxqH5QKEL/Zjrt5P+71MjC UUHks4QYwCSHsucRsNtry6ZAug8OQKw1l0YEu+b8xkGYQSqHziEZBJ+juAYuiohs chlqEFZX2GyBKD/r/2s55nkpjlXOetcIhoQOTUTEd36O5i+6lPNuTAilyog506CO 7KuK5A0kEInJfapSC4Pphs9yt2cCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSiJo4q JXBUaKz+ISX+47wwUKK/FDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMzA0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9rBAMA0GCSqGSIb3DQEBCwUAA4IBAQAAofdZcT0gY28SsqchEiWC /k2/FdoEU1j8y8Rdrs9RDBnSUovYSLRUNxpjHzXyXhlO8jkyL6Jr83EoX/eDl/CH tqO2FC+O4acxWkS2I7JzGOYZSAElt8wnSPksTX27TUMPRB8/Vg4PihhPjPk49Trg nKZ2xinigQP8aerkgKVQZwUswTta/ojCxjRO7j0OMsrZAppIzRqqyDY/P/PQj3OT PO/JdnOolVtQO2owY301MuoJ6TLjne1dSZZpiZ6YAT/qYakFSTPa7aJ484TsbAYv XGC03XkcUzhh6WBcW0VMUvyzvRCnW2ZW5qgs8SSuTbWPibhrrQt25BiTAAgon0jD -----END CERTIFICATE-----Generated at Sun May 3 00:40:41 2026 by rpki-client