$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140913.roa File: AS140913.roa (raw, json) Hash identifier: rf3CIWj9Ddgj8emlLWMdrc6sPIkQoNXtVMdRzDa9QJY= Subject key identifier: 87:A5:A3:F1:C8:C5:98:24:A9:A1:AD:42:BC:B6:66:B1:12:87:AA:B6 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7984A56AC64BB4C05E9A3C6ED33781E8F38B7927 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140913.roa Signing time: Sat 02 May 2026 09:27:18 +0000 ROA not before: Sat 02 May 2026 09:22:18 +0000 ROA not after: Sat 01 May 2027 09:27:18 +0000 asID: 140913 IP address blocks: 2001:df6:42c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:84:a5:6a:c6:4b:b4:c0:5e:9a:3c:6e:d3:37:81:e8:f3:8b:79:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:18 2026 GMT Not After : May 1 09:27:18 2027 GMT Subject: CN=87A5A3F1C8C59824A9A1AD42BCB666B11287AAB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a7:b5:98:cc:ae:3c:aa:9f:67:86:c7:49:a4: 29:0a:87:a6:b0:c9:58:3e:de:74:80:c8:99:c7:4e: 67:ab:ee:9a:3e:da:10:3a:1f:f3:04:96:e8:6a:01: 84:fa:15:fa:7e:76:5e:5a:69:e6:7e:73:e5:0d:ff: a0:b4:83:cc:84:ea:9a:59:e7:ce:d2:e0:ce:86:af: 20:09:65:99:a0:a7:41:2b:8f:e9:e7:2f:c3:3d:b6: c4:bc:67:33:61:cb:79:d2:ff:c6:10:11:8c:bc:1c: c5:6b:5a:e3:9d:88:a7:c9:5b:5c:9c:a3:1b:3b:d6: cf:be:4d:78:a2:ac:90:6f:51:18:1b:c6:c1:c1:07: 43:6a:ce:8c:fa:5c:19:55:8e:99:90:c5:3f:40:53: e0:09:47:26:d2:f5:43:9a:81:fe:5f:d1:97:25:19: d1:06:54:8e:d5:19:5d:51:c1:a0:91:b1:2a:5f:d6: 1c:6c:90:83:4c:10:f1:7d:8c:e1:30:e2:d9:ea:1f: 7b:e1:eb:fe:d4:34:72:86:90:cf:6e:78:76:46:09: 70:08:12:fb:52:85:58:91:82:d2:76:1e:2b:a6:1e: d0:8b:9d:7e:27:95:65:92:8f:e8:58:e5:e9:22:60: bf:89:b6:ef:6a:06:95:11:2d:ec:aa:63:bc:fc:6b: 51:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A5:A3:F1:C8:C5:98:24:A9:A1:AD:42:BC:B6:66:B1:12:87:AA:B6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140913.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:42c0::/48 Signature Algorithm: sha256WithRSAEncryption a3:c6:81:0d:c1:21:d6:65:ff:7e:05:25:97:7a:30:0f:10:62: 81:55:30:01:58:c7:2e:e3:a9:4b:b7:57:35:9c:a1:e2:c6:d9: 31:27:c9:db:ec:21:a1:4f:66:47:4f:33:f8:e0:a1:1f:13:28: a9:a9:4c:08:6d:65:f0:f7:30:ce:b1:b1:9a:3d:f7:b0:02:3c: 1c:66:5d:bd:c3:cc:64:da:19:31:ed:02:2f:e5:d4:31:9f:e2: ac:bd:6a:fd:e9:fa:f5:d6:46:52:19:47:2c:57:6f:2d:71:ff: 4f:0f:90:48:1d:4c:62:43:e5:d4:ab:53:08:d3:e3:cb:91:da: eb:90:6f:c0:3e:f4:00:d4:b4:17:c3:e7:2c:6a:c1:89:18:c0: 9c:78:6b:59:6e:84:70:cc:36:d5:98:74:f5:00:64:4d:bf:ee: 80:88:42:c5:05:1a:89:d0:19:c4:94:15:ce:66:35:33:a7:12: 9a:70:cd:08:e5:65:ac:c9:43:19:55:c7:91:f1:48:27:e0:37: d8:34:24:bc:bb:57:c7:d9:3d:24:65:48:a5:3f:8a:a3:a0:20: ea:02:58:93:0b:c4:44:a9:86:89:ea:1f:7c:63:77:e4:03:2a: 92:7c:49:e1:96:ad:4b:5b:f6:6f:ea:4b:2a:10:2a:b1:ef:a5: 78:73:43:02 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUeYSlasZLtMBemjxu0zeB6POLeScwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIxOFoX DTI3MDUwMTA5MjcxOFowMzExMC8GA1UEAxMoODdBNUEzRjFDOEM1OTgyNEE5QTFB RDQyQkNCNjY2QjExMjg3QUFCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMCntZjMrjyqn2eGx0mkKQqHprDJWD7edIDImcdOZ6vumj7aEDof8wSW6GoB hPoV+n52Xlpp5n5z5Q3/oLSDzITqmlnnztLgzoavIAllmaCnQSuP6ecvwz22xLxn M2HLedL/xhARjLwcxWta452Ip8lbXJyjGzvWz75NeKKskG9RGBvGwcEHQ2rOjPpc GVWOmZDFP0BT4AlHJtL1Q5qB/l/RlyUZ0QZUjtUZXVHBoJGxKl/WHGyQg0wQ8X2M 4TDi2eofe+Hr/tQ0coaQz254dkYJcAgS+1KFWJGC0nYeK6Ye0IudfieVZZKP6Fjl 6SJgv4m272oGlREt7KpjvPxrUd0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSHpaPx yMWYJKmhrUK8tmaxEoeqtjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwOTEzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9kLAMA0GCSqGSIb3DQEBCwUAA4IBAQCjxoENwSHWZf9+BSWXejAP EGKBVTABWMcu46lLt1c1nKHixtkxJ8nb7CGhT2ZHTzP44KEfEyipqUwIbWXw9zDO sbGaPfewAjwcZl29w8xk2hkx7QIv5dQxn+KsvWr96fr11kZSGUcsV28tcf9PD5BI HUxiQ+XUq1MI0+PLkdrrkG/APvQA1LQXw+csasGJGMCceGtZboRwzDbVmHT1AGRN v+6AiELFBRqJ0BnElBXOZjUzpxKacM0I5WWsyUMZVceR8Ugn4DfYNCS8u1fH2T0k ZUilP4qjoCDqAliTC8REqYaJ6h98Y3fkAyqSfEnhlq1LW/Zv6ksqECqx76V4c0MC -----END CERTIFICATE-----Generated at Sun May 3 00:41:59 2026 by rpki-client