$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS142325.roa File: AS142325.roa (raw, json) Hash identifier: Md+Geba2MZKBeu9Ig8BuTJHvXw84pmwZ4uvlDydMbZc= Subject key identifier: D2:A2:F1:D5:AE:1E:98:C1:50:09:30:8A:5A:ED:4E:0C:D6:5A:E3:D0 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 782A0329CDFEF62AD4F0DEB22D56FF49842D1B5A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142325.roa Signing time: Sat 02 May 2026 21:24:50 +0000 ROA not before: Sat 02 May 2026 21:19:50 +0000 ROA not after: Sat 01 May 2027 21:24:50 +0000 asID: 142325 IP address blocks: 2001:df1:34c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:2a:03:29:cd:fe:f6:2a:d4:f0:de:b2:2d:56:ff:49:84:2d:1b:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:19:50 2026 GMT Not After : May 1 21:24:50 2027 GMT Subject: CN=D2A2F1D5AE1E98C15009308A5AED4E0CD65AE3D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:2c:c8:39:b7:6f:43:f3:06:7a:89:38:00:13: c7:7e:1d:e9:b1:2c:cd:bd:38:28:02:c8:c7:40:92: 1f:9c:68:01:08:74:e2:2a:81:ed:55:2c:34:0e:06: 9f:47:3f:d9:30:ef:ac:1a:e8:51:a0:5b:29:b3:f3: b7:5b:73:5a:09:a3:38:b4:80:de:50:00:a8:e4:88: 60:b9:ad:d4:d2:6a:31:db:26:5c:b6:ef:87:3a:a3: 5f:76:b7:42:a6:70:37:1b:40:92:ad:a5:b4:29:c8: 5b:89:a6:ae:27:d4:fe:04:d2:e0:8f:fc:97:bd:39: 8c:d9:46:f6:b6:04:f0:96:a8:62:07:94:90:37:23: 71:42:85:f1:94:28:f4:d1:a1:eb:5d:8d:31:b8:17: 18:1b:2c:1c:09:43:7e:b7:d2:79:e2:99:0e:32:12: 16:03:24:c0:40:20:f6:9c:6e:03:8e:7b:17:a1:d4: 35:5a:63:22:8b:a2:fe:ae:ad:15:f9:4f:61:e9:c5: d2:87:aa:28:20:6e:8c:4b:b1:58:aa:a3:b4:93:af: 3b:74:1b:c0:f6:bc:e4:0c:31:26:32:6e:a3:43:f6: 4b:2b:39:7c:15:e5:91:fc:91:48:18:2a:1c:b3:8e: ef:24:bf:e7:a6:b5:73:80:ca:75:1e:9d:1b:b8:4c: 67:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:A2:F1:D5:AE:1E:98:C1:50:09:30:8A:5A:ED:4E:0C:D6:5A:E3:D0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:34c0::/48 Signature Algorithm: sha256WithRSAEncryption 73:a0:e0:80:7c:cc:d3:76:0f:cc:f1:a8:38:b3:f4:d1:7a:32: 4a:9c:c4:af:ec:8b:7a:64:c0:72:28:e5:1c:95:45:51:e7:7a: 33:b0:7f:5a:74:80:47:08:4f:4e:7a:ef:9f:ca:2f:fb:4d:30: 9a:7a:38:52:ec:a8:4f:1a:c5:5c:4b:b2:39:d2:e2:a7:5c:21: 89:d4:12:27:54:44:b9:8c:1b:c4:83:05:2d:05:b1:b4:6f:03: 6d:88:c4:10:c1:b9:ac:12:ca:0f:e0:62:5a:d0:e2:bf:ad:97: 09:64:22:7f:ce:d4:32:3d:57:60:63:2a:c2:c2:80:a3:7f:53: 4a:67:49:b8:bd:36:07:41:01:e2:38:7f:41:c2:32:f6:94:27: 78:34:10:5b:4c:b7:f4:64:06:7c:27:85:38:ac:b8:b5:8c:24: 34:c4:8a:03:5e:00:6c:f1:1e:a6:95:e1:48:26:f4:87:2b:16: e1:85:7a:d3:e6:0b:6b:25:6b:4c:e0:86:78:79:2c:c7:23:cd: 2c:4d:e4:5c:0a:a8:95:f7:7d:a3:44:fc:6c:f2:19:91:e1:36: 3b:99:b5:81:5e:9f:7d:fe:45:db:e6:b9:a0:79:4a:ab:91:4b: 01:72:f9:5f:41:17:6d:7b:4d:1b:6a:4b:76:81:cd:40:b1:74: cb:78:93:50 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUeCoDKc3+9irU8N6yLVb/SYQtG1owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTk1MFoX DTI3MDUwMTIxMjQ1MFowMzExMC8GA1UEAxMoRDJBMkYxRDVBRTFFOThDMTUwMDkz MDhBNUFFRDRFMENENjVBRTNEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKEsyDm3b0PzBnqJOAATx34d6bEszb04KALIx0CSH5xoAQh04iqB7VUsNA4G n0c/2TDvrBroUaBbKbPzt1tzWgmjOLSA3lAAqOSIYLmt1NJqMdsmXLbvhzqjX3a3 QqZwNxtAkq2ltCnIW4mmrifU/gTS4I/8l705jNlG9rYE8JaoYgeUkDcjcUKF8ZQo 9NGh612NMbgXGBssHAlDfrfSeeKZDjISFgMkwEAg9pxuA457F6HUNVpjIoui/q6t FflPYenF0oeqKCBujEuxWKqjtJOvO3QbwPa85AwxJjJuo0P2Sys5fBXlkfyRSBgq HLOO7yS/56a1c4DKdR6dG7hMZ1MCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTSovHV rh6YwVAJMIpa7U4M1lrj0DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQyMzI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN8TTAMA0GCSqGSIb3DQEBCwUAA4IBAQBzoOCAfMzTdg/M8ag4s/TR ejJKnMSv7It6ZMByKOUclUVR53ozsH9adIBHCE9Oeu+fyi/7TTCaejhS7KhPGsVc S7I50uKnXCGJ1BInVES5jBvEgwUtBbG0bwNtiMQQwbmsEsoP4GJa0OK/rZcJZCJ/ ztQyPVdgYyrCwoCjf1NKZ0m4vTYHQQHiOH9BwjL2lCd4NBBbTLf0ZAZ8J4U4rLi1 jCQ0xIoDXgBs8R6mleFIJvSHKxbhhXrT5gtrJWtM4IZ4eSzHI80sTeRcCqiV932j RPxs8hmR4TY7mbWBXp99/kXb5rmgeUqrkUsBcvlfQRdte00bakt2gc1AsXTLeJNQ -----END CERTIFICATE-----Generated at Sun May 3 00:42:21 2026 by rpki-client