$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS24209.roa File: AS24209.roa (raw, json) Hash identifier: UNKMBPKhwZCe1tTGEXQszmTy3k4ECQ48t0aBC0jWuyg= Subject key identifier: A9:E2:EE:98:3A:58:FF:C5:E2:60:E1:E0:7D:38:2F:70:6A:53:2C:EF Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7B4572365846134DFD24B1178769F00DC22164FC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24209.roa Signing time: Sat 02 May 2026 09:27:03 +0000 ROA not before: Sat 02 May 2026 09:22:03 +0000 ROA not after: Sat 01 May 2027 09:27:03 +0000 asID: 24209 IP address blocks: 202.122.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:45:72:36:58:46:13:4d:fd:24:b1:17:87:69:f0:0d:c2:21:64:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:03 2026 GMT Not After : May 1 09:27:03 2027 GMT Subject: CN=A9E2EE983A58FFC5E260E1E07D382F706A532CEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c6:ae:57:68:e8:eb:53:b6:b1:10:aa:cd:cd: b8:f4:38:b6:22:74:d4:5f:3f:b5:c8:13:e8:0c:a8: b8:cc:a3:9b:76:6f:a9:6d:06:05:a4:0d:11:f2:b6: cf:50:74:96:73:f0:2e:fa:79:44:65:12:87:83:78: 2a:5d:aa:f0:54:39:5c:f0:28:49:d0:a6:fe:ed:16: 3d:64:08:a5:3d:78:e8:ac:d7:14:f7:7a:e5:06:79: 8e:07:70:6e:eb:7b:0a:65:99:d4:c4:ae:00:fe:d5: 12:69:3b:01:ba:25:37:67:2a:4a:3d:88:7b:db:8c: 11:ac:93:22:0e:c8:2f:72:0c:4c:ef:ca:92:5b:9f: 14:bc:72:e2:ea:c1:f6:aa:29:9e:0a:cf:88:3e:6b: dd:fe:24:e7:94:83:56:dc:42:4a:ca:b2:d2:39:7f: df:68:28:3c:c9:f4:60:29:30:08:c0:de:79:f1:39: 57:b7:2c:e5:62:f3:a1:dd:76:58:b1:12:46:31:fb: a4:b6:f5:4c:eb:f6:d3:e5:28:1b:bf:5e:2c:6e:d8: e9:c3:f5:5b:96:38:96:2a:ab:46:6d:ff:15:11:06: 4e:76:3e:ca:a9:9b:da:ac:03:64:1c:cb:58:5d:21: f2:e0:53:fc:89:e1:e1:94:59:6c:3f:b1:16:43:2b: 2d:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:E2:EE:98:3A:58:FF:C5:E2:60:E1:E0:7D:38:2F:70:6A:53:2C:EF X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24209.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.122.8.0/21 Signature Algorithm: sha256WithRSAEncryption 6e:28:19:d0:04:18:72:6a:68:42:68:70:1c:39:03:3a:70:3f: 5c:6c:37:ee:c2:98:fd:71:de:93:64:ac:3d:c7:f9:ed:24:5e: f6:cf:22:cd:68:70:27:52:32:95:90:e8:0d:39:ac:a1:d4:93: 3c:9e:1d:bf:63:b5:66:34:50:48:9c:f1:1b:a5:fc:4f:0a:68: db:91:f5:81:7f:5f:bf:af:55:b6:ca:e6:11:c3:08:93:53:93: 04:64:53:85:e3:f6:01:7b:96:89:30:86:77:62:cc:19:7d:6f: 6d:37:de:83:2e:25:d7:c2:6c:9f:ec:38:f8:28:82:3f:be:dd: c4:e8:1d:66:85:85:63:8e:2c:2e:fe:69:f3:fb:5e:7d:24:a4: f5:64:e2:91:4b:75:e5:b5:c8:31:81:1d:0b:e0:8d:e9:96:81: 0f:ff:8d:01:a9:44:ef:56:5d:e7:4e:a9:a1:9c:48:80:53:d0: 34:a9:ca:68:19:8a:da:a1:ad:ab:39:c9:a4:25:6e:09:30:fa: ac:db:a8:fa:36:77:b0:50:c8:78:8a:6e:ff:e0:f2:b7:db:f0: 47:fe:b4:0a:e4:d7:75:07:39:24:fc:81:87:57:fe:f7:b6:51: 13:bd:99:2a:92:69:7b:ed:fb:a9:97:99:2e:53:d5:c6:16:0e: e2:b0:9f:83 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUe0VyNlhGE039JLEXh2nwDcIhZPwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwM1oX DTI3MDUwMTA5MjcwM1owMzExMC8GA1UEAxMoQTlFMkVFOTgzQTU4RkZDNUUyNjBF MUUwN0QzODJGNzA2QTUzMkNFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALLGrldo6OtTtrEQqs3NuPQ4tiJ01F8/tcgT6AyouMyjm3ZvqW0GBaQNEfK2 z1B0lnPwLvp5RGUSh4N4Kl2q8FQ5XPAoSdCm/u0WPWQIpT146KzXFPd65QZ5jgdw but7CmWZ1MSuAP7VEmk7AbolN2cqSj2Ie9uMEayTIg7IL3IMTO/KklufFLxy4urB 9qopngrPiD5r3f4k55SDVtxCSsqy0jl/32goPMn0YCkwCMDeefE5V7cs5WLzod12 WLESRjH7pLb1TOv20+UoG79eLG7Y6cP1W5Y4liqrRm3/FREGTnY+yqmb2qwDZBzL WF0h8uBT/Inh4ZRZbD+xFkMrLXECAwEAAaOCAcswggHHMB0GA1UdDgQWBBSp4u6Y Olj/xeJg4eB9OC9walMs7zAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjQyMDkucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAPKeggwDQYJKoZIhvcNAQELBQADggEBAG4oGdAEGHJqaEJocBw5AzpwP1xs N+7CmP1x3pNkrD3H+e0kXvbPIs1ocCdSMpWQ6A05rKHUkzyeHb9jtWY0UEic8Rul /E8KaNuR9YF/X7+vVbbK5hHDCJNTkwRkU4Xj9gF7lokwhndizBl9b2033oMuJdfC bJ/sOPgogj++3cToHWaFhWOOLC7+afP7Xn0kpPVk4pFLdeW1yDGBHQvgjemWgQ// jQGpRO9WXedOqaGcSIBT0DSpymgZitqhras5yaQlbgkw+qzbqPo2d7BQyHiKbv/g 8rfb8Ef+tArk13UHOST8gYdX/ve2URO9mSqSaXvt+6mXmS5T1cYWDuKwn4M= -----END CERTIFICATE-----Generated at Sun May 3 00:41:23 2026 by rpki-client