$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS23699.roa File: AS23699.roa (raw, json) Hash identifier: Z1zdARJKNw+Kfp2s75WB7M4AghNyVQUbfWYSE5FTyZk= Subject key identifier: 80:B1:4E:EE:07:52:AD:CD:6D:8E:DB:B9:A3:65:BC:05:35:E0:AA:4D Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 37967C80948D87F790AFF59EB8E2868DA95EB621 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23699.roa Signing time: Sat 02 May 2026 21:31:42 +0000 ROA not before: Sat 02 May 2026 21:26:42 +0000 ROA not after: Sat 01 May 2027 21:31:42 +0000 asID: 23699 IP address blocks: 2400:cce0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:96:7c:80:94:8d:87:f7:90:af:f5:9e:b8:e2:86:8d:a9:5e:b6:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:26:42 2026 GMT Not After : May 1 21:31:42 2027 GMT Subject: CN=80B14EEE0752ADCD6D8EDBB9A365BC0535E0AA4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:62:47:97:90:87:da:c8:ad:9a:57:59:0f:5c: 94:78:81:2e:b2:17:82:ed:00:dc:fe:37:21:bb:c8: 8d:96:84:6e:9d:98:7c:ae:7b:bc:f7:44:54:1e:fe: d6:51:ca:a9:75:c9:78:8f:77:9d:b9:b0:02:ba:af: 5b:99:4c:0c:65:03:82:8e:c8:1c:3e:12:94:13:af: 31:78:b8:36:bf:16:e4:ce:5c:92:7a:af:c3:3d:44: cd:cd:f4:34:95:a9:f0:b8:d8:cd:50:28:22:e7:c4: b0:69:dd:a0:e2:29:c0:9d:7f:ca:22:51:61:16:43: ab:ed:5a:05:20:c1:22:48:a8:9d:d0:52:f8:68:31: cc:3e:f5:37:35:0c:6f:ff:79:83:22:59:8d:ec:13: ba:92:6b:a9:ce:50:bd:2f:57:c7:89:18:e3:4f:42: ff:66:43:c3:e6:5e:54:73:16:ee:25:40:bd:93:de: c0:06:16:c1:53:15:54:a6:3e:6d:01:7f:71:93:8e: 91:2b:1b:53:68:06:25:10:af:24:89:14:4f:e3:d4: 42:af:cd:a7:10:1b:78:6d:a4:3f:4e:fa:37:34:cc: d9:2d:8f:6c:bd:97:e2:7f:10:0d:dc:13:71:46:09: a9:4d:f0:77:55:03:56:e9:fd:55:d9:0d:ba:08:b9: 78:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:B1:4E:EE:07:52:AD:CD:6D:8E:DB:B9:A3:65:BC:05:35:E0:AA:4D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23699.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:cce0::/32 Signature Algorithm: sha256WithRSAEncryption a2:d2:f6:53:16:4e:6f:ea:1c:9f:20:cb:9c:e0:8a:04:9f:49: 64:bd:51:47:20:21:5b:f8:37:63:0a:e3:4f:0c:e0:55:30:ca: 60:c6:be:82:d7:b6:3e:8b:c8:e5:44:e9:68:d5:d4:5a:f3:0b: 5c:42:31:cd:70:e2:2f:1c:3d:da:74:be:fb:31:c6:b2:c5:59: ed:d7:32:6c:5d:e2:67:e6:01:05:02:5b:c7:94:40:18:2a:24: a1:c2:12:0b:b7:55:5b:e1:9e:91:f9:25:7e:b5:95:d3:9b:b0: 40:64:ff:d8:d3:f5:3e:e3:e4:d8:a5:5e:3c:4c:17:ad:49:1d: db:a2:d7:28:68:f6:b0:5e:58:fa:92:f4:68:98:14:b3:9d:41: b2:3b:3d:a1:cc:88:17:21:3a:ac:b7:7b:79:79:bc:d7:5e:a8: 63:86:62:bf:e2:4a:55:ac:4f:96:8e:e9:62:2f:1f:53:bc:c0: c4:a6:c3:94:15:ac:36:06:e3:31:ff:ef:16:e6:3e:5a:75:b3: 6c:d4:c7:9a:68:20:ae:51:25:58:6c:82:84:a4:90:01:ad:1b: b0:63:2f:b4:03:83:87:ba:f4:07:9a:d4:47:26:c1:d9:db:da: 52:4f:d2:73:ba:b1:02:b1:e9:3d:6c:48:fd:21:54:fc:20:7c: 7b:f2:ee:2c -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUN5Z8gJSNh/eQr/WeuOKGjaletiEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjY0MloX DTI3MDUwMTIxMzE0MlowMzExMC8GA1UEAxMoODBCMTRFRUUwNzUyQURDRDZEOEVE QkI5QTM2NUJDMDUzNUUwQUE0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOViR5eQh9rIrZpXWQ9clHiBLrIXgu0A3P43IbvIjZaEbp2YfK57vPdEVB7+ 1lHKqXXJeI93nbmwArqvW5lMDGUDgo7IHD4SlBOvMXi4Nr8W5M5cknqvwz1Ezc30 NJWp8LjYzVAoIufEsGndoOIpwJ1/yiJRYRZDq+1aBSDBIkiondBS+GgxzD71NzUM b/95gyJZjewTupJrqc5QvS9Xx4kY409C/2ZDw+ZeVHMW7iVAvZPewAYWwVMVVKY+ bQF/cZOOkSsbU2gGJRCvJIkUT+PUQq/NpxAbeG2kP076NzTM2S2PbL2X4n8QDdwT cUYJqU3wd1UDVun9VdkNugi5eP0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSAsU7u B1KtzW2O27mjZbwFNeCqTTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjM2OTkucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQAkAMzgMA0GCSqGSIb3DQEBCwUAA4IBAQCi0vZTFk5v6hyfIMuc4IoEn0lk vVFHICFb+DdjCuNPDOBVMMpgxr6C17Y+i8jlROlo1dRa8wtcQjHNcOIvHD3adL77 McayxVnt1zJsXeJn5gEFAlvHlEAYKiShwhILt1Vb4Z6R+SV+tZXTm7BAZP/Y0/U+ 4+TYpV48TBetSR3botcoaPawXlj6kvRomBSznUGyOz2hzIgXITqst3t5ebzXXqhj hmK/4kpVrE+WjuliLx9TvMDEpsOUFaw2BuMx/+8W5j5adbNs1MeaaCCuUSVYbIKE pJABrRuwYy+0A4OHuvQHmtRHJsHZ29pST9JzurECsek9bEj9IVT8IHx78u4s -----END CERTIFICATE-----Generated at Sun May 3 01:41:18 2026 by rpki-client