$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS213607.roa File: AS213607.roa (raw, json) Hash identifier: FsPYDEYgJPjQEkNXQhKkFMvMoyW69FaH8de09ZeFfDg= Subject key identifier: 5A:57:7F:38:8B:31:44:81:C5:99:33:C3:97:1D:0C:12:CA:59:AC:4F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 042E43E7F9FBBE6CA93B5CEFA2193965BACB11A5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS213607.roa Signing time: Sat 02 May 2026 08:35:14 +0000 ROA not before: Sat 02 May 2026 08:30:14 +0000 ROA not after: Sat 01 May 2027 08:35:14 +0000 asID: 213607 IP address blocks: 203.84.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:2e:43:e7:f9:fb:be:6c:a9:3b:5c:ef:a2:19:39:65:ba:cb:11:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:14 2026 GMT Not After : May 1 08:35:14 2027 GMT Subject: CN=5A577F388B314481C59933C3971D0C12CA59AC4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:91:5e:17:84:09:a1:61:0f:62:68:e2:12:11: 1e:e4:40:55:b3:00:28:3a:c5:c4:17:5a:e3:49:69: 1d:08:ef:4a:3a:6e:7e:9c:16:f7:b1:21:88:94:a5: 82:3c:b1:4c:f8:f2:9d:e4:b8:0c:e8:c2:e1:85:43: ce:d0:fd:ed:53:fd:2a:83:0a:95:08:af:54:ac:d7: 64:7d:f3:26:09:9d:db:bb:8b:74:4b:95:94:3a:e7: 87:11:0b:9c:69:87:50:57:1a:20:c9:4d:f3:93:d8: 51:c9:7d:95:f2:b4:14:74:94:68:d9:d8:9a:7f:34: 23:1a:66:80:b5:ea:4c:13:07:cb:d9:2d:fd:82:2a: 32:05:04:b3:69:07:3e:f7:d5:26:83:ef:c3:4b:9a: 62:3c:7d:e2:d9:cc:37:f9:d8:6e:f4:6b:7a:dd:9d: 89:c8:0a:d6:0c:d1:7d:3d:93:4c:9f:db:3f:6b:2e: 03:6a:c1:08:c4:57:a0:b3:ff:dd:c7:49:1b:c9:6b: 8d:6f:a9:80:23:88:a8:4b:25:be:bc:45:bf:26:3b: e3:ee:6e:02:4e:35:ce:66:31:94:cf:bb:b4:79:52: 5e:4c:2e:7b:b8:9f:84:39:9d:ac:79:22:28:1a:6a: 38:f2:f3:94:6a:4a:81:d0:a5:8b:52:05:91:5d:8a: 26:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:57:7F:38:8B:31:44:81:C5:99:33:C3:97:1D:0C:12:CA:59:AC:4F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS213607.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.84.143.0/24 Signature Algorithm: sha256WithRSAEncryption 31:a0:8c:42:d4:d1:61:a1:f2:cf:20:c1:35:76:fd:61:35:9d: e8:31:ff:9a:9f:8b:31:06:3c:f5:76:a1:fc:fa:57:22:9b:94: 50:57:7b:66:74:ce:1d:68:81:80:57:46:d2:2d:9d:2b:65:04: f7:1d:42:a6:af:b3:78:55:7e:2e:c8:b7:85:dc:6b:68:41:5e: 60:ab:8d:c8:58:4e:53:88:27:19:0f:ab:9d:6e:49:23:71:1d: b4:86:5c:9c:8d:51:6d:b6:41:9d:3c:be:23:17:7f:1b:84:66: 17:95:cd:67:e7:14:b5:9d:80:c4:fe:6a:34:1b:17:ca:af:7a: 21:f8:1e:21:ec:2c:aa:70:33:14:2d:d2:20:bb:cc:59:74:3a: 29:c4:93:57:b0:95:8b:c5:63:b5:fb:0f:73:ff:f5:a4:2f:e6: e3:c1:42:45:b9:6c:de:4b:b6:79:5b:d3:03:a4:7a:fe:a3:22: 65:3d:1f:6e:d5:bf:84:e4:55:a7:d3:32:9c:e7:78:0e:9b:65: 34:5b:3d:dc:ae:cb:f1:d5:b0:d1:b9:c8:2a:44:24:75:84:d9: 3c:7a:2b:0e:65:18:df:f0:39:93:1d:23:85:37:a1:92:78:65: a7:0f:7b:ca:f5:aa:2a:14:82:54:0c:75:e8:61:ea:60:da:65: bd:82:b2:58 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUBC5D5/n7vmypO1zvohk5ZbrLEaUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzAxNFoX DTI3MDUwMTA4MzUxNFowMzExMC8GA1UEAxMoNUE1NzdGMzg4QjMxNDQ4MUM1OTkz M0MzOTcxRDBDMTJDQTU5QUM0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJiRXheECaFhD2Jo4hIRHuRAVbMAKDrFxBda40lpHQjvSjpufpwW97EhiJSl gjyxTPjyneS4DOjC4YVDztD97VP9KoMKlQivVKzXZH3zJgmd27uLdEuVlDrnhxEL nGmHUFcaIMlN85PYUcl9lfK0FHSUaNnYmn80IxpmgLXqTBMHy9kt/YIqMgUEs2kH PvfVJoPvw0uaYjx94tnMN/nYbvRret2dicgK1gzRfT2TTJ/bP2suA2rBCMRXoLP/ 3cdJG8lrjW+pgCOIqEslvrxFvyY74+5uAk41zmYxlM+7tHlSXkwue7ifhDmdrHki KBpqOPLzlGpKgdCli1IFkV2KJmUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRaV384 izFEgcWZM8OXHQwSylmsTzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjEzNjA3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAy1SPMA0GCSqGSIb3DQEBCwUAA4IBAQAxoIxC1NFhofLPIME1dv1hNZ3o Mf+an4sxBjz1dqH8+lcim5RQV3tmdM4daIGAV0bSLZ0rZQT3HUKmr7N4VX4uyLeF 3GtoQV5gq43IWE5TiCcZD6udbkkjcR20hlycjVFttkGdPL4jF38bhGYXlc1n5xS1 nYDE/mo0GxfKr3oh+B4h7CyqcDMULdIgu8xZdDopxJNXsJWLxWO1+w9z//WkL+bj wUJFuWzeS7Z5W9MDpHr+oyJlPR9u1b+E5FWn0zKc53gOm2U0Wz3crsvx1bDRucgq RCR1hNk8eisOZRjf8DmTHSOFN6GSeGWnD3vK9aoqFIJUDHXoYepg2mW9grJY -----END CERTIFICATE-----Generated at Sun May 3 00:39:46 2026 by rpki-client