$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS147173.roa File: AS147173.roa (raw, json) Hash identifier: SApBNr9InjBqfuPJDZKeD75mw+z+EbNYzH8pma5Y8es= Subject key identifier: EA:D6:28:CF:14:04:85:D9:7E:BB:6A:52:75:8E:E3:19:B3:C5:B8:C7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1CACE712B1C3778F6EFB9B8D696A9155A36F05BE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147173.roa Signing time: Sat 02 May 2026 09:26:16 +0000 ROA not before: Sat 02 May 2026 09:21:16 +0000 ROA not after: Sat 01 May 2027 09:26:16 +0000 asID: 147173 IP address blocks: 2001:df6:3540::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:ac:e7:12:b1:c3:77:8f:6e:fb:9b:8d:69:6a:91:55:a3:6f:05:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:16 2026 GMT Not After : May 1 09:26:16 2027 GMT Subject: CN=EAD628CF140485D97EBB6A52758EE319B3C5B8C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:55:84:9a:b8:f2:20:8c:36:72:b2:26:67:db: a8:da:f8:68:c2:94:30:65:0d:48:57:62:4b:58:04: aa:1a:c7:97:5a:47:8a:72:cb:bd:fb:84:e3:87:1d: 58:d5:a5:c6:a0:c9:a2:31:9b:9f:44:c5:0c:f0:c1: 04:39:43:29:44:39:17:d2:a4:f2:65:d2:b6:bf:79: 3d:af:11:16:c3:ed:68:d0:2a:f3:38:25:fe:83:03: 7f:39:ee:70:48:82:93:eb:f7:f5:39:76:04:36:01: 5a:fd:d3:9b:1c:3d:82:c3:b8:0f:7e:33:6b:6a:1d: 74:ee:39:6d:74:11:4a:eb:80:b7:f4:fc:f4:4f:f6: 1e:18:e6:f0:8f:6d:05:80:75:24:fd:d4:6d:5c:71: d8:95:19:6c:48:18:2e:9a:f2:2b:27:28:f5:7b:ee: 66:39:cd:6f:80:08:d3:bc:ed:38:1f:59:ec:51:12: d6:ac:b0:b6:63:ed:43:ac:24:a4:01:09:0c:c5:35: 8d:ba:30:da:5e:33:51:6a:70:ef:9b:b1:8c:38:38: 78:57:df:c0:a7:6a:d6:77:31:ab:ca:25:bb:48:54: 5a:02:f7:3c:85:fd:0a:31:3c:3e:06:35:38:bf:17: 27:dc:8a:cb:45:6b:67:9c:47:3e:31:0a:d0:b2:69: 8d:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:D6:28:CF:14:04:85:D9:7E:BB:6A:52:75:8E:E3:19:B3:C5:B8:C7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147173.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:3540::/48 Signature Algorithm: sha256WithRSAEncryption 0e:28:61:d7:63:2b:55:fd:4a:3f:01:62:ec:ae:a9:f1:19:9c: 1b:75:57:99:b5:40:e3:af:af:70:cc:d6:c9:ce:40:04:bd:c9: ae:3a:05:3c:68:a5:66:5b:26:5e:b4:f2:52:0d:b2:57:2c:da: e3:fa:93:d0:cc:ad:4a:47:71:f5:d2:cb:f0:e8:2c:5c:44:1d: 48:5a:e4:df:d9:04:63:ac:50:22:63:29:77:d1:76:cc:72:71: e9:52:7a:46:d3:97:1c:4f:94:e3:dc:f8:5b:da:ba:d4:f6:dc: 91:70:e1:48:b0:38:94:32:e5:cf:3d:e0:b4:3e:94:29:eb:56: 83:32:c6:f9:60:e7:de:a8:99:d8:a9:73:a5:16:c1:65:01:6c: f3:f6:08:b8:24:9c:09:d4:52:30:c6:20:5b:0c:17:e3:c8:ff: e3:fb:31:ff:97:e9:25:9f:af:76:4a:a9:fe:60:3e:b5:ff:f2: 21:c5:24:1f:51:92:2b:9d:d4:97:13:37:14:15:25:ef:0a:55: fa:df:5e:ed:3b:ae:94:ef:7c:ac:7c:6b:af:41:3d:6f:03:52: 35:ca:0c:f6:ac:74:b2:aa:e4:56:6d:94:1f:a9:90:20:58:e9: 49:66:5e:35:ea:ff:c0:7a:de:13:bf:38:cd:f2:be:4c:d7:85: bb:25:33:e2 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUHKznErHDd49u+5uNaWqRVaNvBb4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjExNloX DTI3MDUwMTA5MjYxNlowMzExMC8GA1UEAxMoRUFENjI4Q0YxNDA0ODVEOTdFQkI2 QTUyNzU4RUUzMTlCM0M1QjhDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKFVhJq48iCMNnKyJmfbqNr4aMKUMGUNSFdiS1gEqhrHl1pHinLLvfuE44cd WNWlxqDJojGbn0TFDPDBBDlDKUQ5F9Kk8mXStr95Pa8RFsPtaNAq8zgl/oMDfznu cEiCk+v39Tl2BDYBWv3Tmxw9gsO4D34za2oddO45bXQRSuuAt/T89E/2Hhjm8I9t BYB1JP3UbVxx2JUZbEgYLpryKyco9XvuZjnNb4AI07ztOB9Z7FES1qywtmPtQ6wk pAEJDMU1jbow2l4zUWpw75uxjDg4eFffwKdq1ncxq8olu0hUWgL3PIX9CjE8PgY1 OL8XJ9yKy0VrZ5xHPjEK0LJpjf8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTq1ijP FASF2X67alJ1juMZs8W4xzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ3MTczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9jVAMA0GCSqGSIb3DQEBCwUAA4IBAQAOKGHXYytV/Uo/AWLsrqnx GZwbdVeZtUDjr69wzNbJzkAEvcmuOgU8aKVmWyZetPJSDbJXLNrj+pPQzK1KR3H1 0svw6CxcRB1IWuTf2QRjrFAiYyl30XbMcnHpUnpG05ccT5Tj3Phb2rrU9tyRcOFI sDiUMuXPPeC0PpQp61aDMsb5YOfeqJnYqXOlFsFlAWzz9gi4JJwJ1FIwxiBbDBfj yP/j+zH/l+kln692Sqn+YD61//IhxSQfUZIrndSXEzcUFSXvClX6317tO66U73ys fGuvQT1vA1I1ygz2rHSyquRWbZQfqZAgWOlJZl416v/Aet4TvzjN8r5M14W7JTPi -----END CERTIFICATE-----Generated at Sun May 3 00:40:34 2026 by rpki-client