$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS24534.roa File: AS24534.roa (raw, json) Hash identifier: kwBLhzTsaKKGiThxKZtdht+okstjwWm1/bR96I//KwI= Subject key identifier: DB:CD:7E:0C:09:35:E9:C0:12:6C:02:81:6E:D7:68:CE:61:3E:63:52 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4B6AFA2F43FA9C247CDB0E3CC37C84E10E694D25 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24534.roa Signing time: Sat 02 May 2026 21:08:43 +0000 ROA not before: Sat 02 May 2026 21:03:43 +0000 ROA not after: Sat 01 May 2027 21:08:43 +0000 asID: 24534 IP address blocks: 103.52.68.0/23 maxlen: 24 103.52.70.0/23 maxlen: 24 103.136.78.0/23 maxlen: 24 103.149.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:6a:fa:2f:43:fa:9c:24:7c:db:0e:3c:c3:7c:84:e1:0e:69:4d:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:03:43 2026 GMT Not After : May 1 21:08:43 2027 GMT Subject: CN=DBCD7E0C0935E9C0126C02816ED768CE613E6352 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e8:cb:5e:17:2e:5d:35:a3:72:30:d0:90:04: 7a:48:d3:8a:4d:f8:d1:80:0d:e3:8d:88:7b:f8:96: 66:e4:2e:43:a7:f6:05:44:ae:1e:98:6e:d4:98:fc: 6c:ce:4f:8d:97:a6:0b:4c:d1:eb:87:10:3e:fe:11: 21:a1:78:b8:b6:f9:d0:ac:50:31:a0:6f:cc:7e:b9: 4e:bd:74:3c:46:90:7a:b2:4a:ea:4b:fe:9a:f7:97: 65:8e:4d:14:e9:a5:7b:00:98:94:1d:69:68:45:5a: f1:a3:d4:99:66:39:a3:21:9d:af:33:c7:76:7b:36: 5c:6f:2e:84:fc:f4:f7:99:c2:53:06:40:4a:be:96: da:fa:9f:c7:fe:7f:58:b5:d4:40:eb:ed:b5:b6:ae: 48:8c:85:f8:e1:15:32:64:45:96:08:37:0a:63:e2: 0a:59:a4:59:fe:67:16:6a:f8:d7:f1:a2:3b:ab:ca: b6:71:06:d5:2a:72:cd:d4:05:f3:54:1a:86:c5:34: 0c:8c:06:bc:cf:20:50:6f:a1:e1:bc:e6:51:8c:13: 88:fc:f1:09:17:99:40:fe:91:0c:8e:1a:a4:8c:c4: 57:a0:04:e9:4d:fb:99:c4:97:8d:66:f6:40:b4:23: fa:57:6e:2e:d7:63:54:2d:10:1e:88:37:19:2a:54: 6c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:CD:7E:0C:09:35:E9:C0:12:6C:02:81:6E:D7:68:CE:61:3E:63:52 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.52.68.0/22 103.136.78.0/23 103.149.14.0/23 Signature Algorithm: sha256WithRSAEncryption 72:ab:1a:9b:db:b0:7b:c0:b9:90:d2:ce:4b:e3:18:7f:92:1c: 12:af:07:b7:99:1a:58:a5:c3:14:c4:e7:ad:8e:8d:d2:54:ce: 5b:46:6e:20:5e:f0:c0:3a:d9:fb:c2:43:24:60:1b:d9:fb:1f: 23:d2:90:1f:85:ee:fb:0c:a2:57:8a:bf:57:13:8c:1e:e6:a2: 45:0e:e6:83:2c:5a:9f:76:b7:85:af:a7:d1:3f:b7:b3:29:0c: 50:a1:74:e1:e9:6d:6f:68:ec:88:be:bb:41:f7:2f:f6:f9:47: 81:80:f8:6c:0a:e2:01:c8:14:c7:2f:ae:24:66:32:de:e5:01: ca:81:c1:fb:56:ce:fc:ee:0f:06:c7:28:97:97:45:68:25:58: 24:e9:07:a3:9c:3b:c1:5d:1c:0d:c2:f6:ca:4e:ae:ad:0a:53: 5f:c3:e2:f7:59:24:0b:a6:42:4f:73:c7:a9:be:80:6f:56:36: f0:34:58:e6:06:2e:e4:dc:c7:18:7d:dc:a5:93:a9:29:ac:9d: 2b:5c:15:ab:a4:0b:e6:02:c5:03:d7:1c:ff:e5:fc:7f:66:3f: c3:f9:90:0e:1a:d7:b7:c6:20:bd:a1:3e:09:e4:90:0c:d4:4d: 81:e7:2f:cd:4a:b7:62:36:d9:02:ac:80:3a:ea:c5:2b:81:3c: bb:ef:5d:a2 -----BEGIN CERTIFICATE----- MIIE5DCCA8ygAwIBAgIUS2r6L0P6nCR82w48w3yE4Q5pTSUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDM0M1oX DTI3MDUwMTIxMDg0M1owMzExMC8GA1UEAxMoREJDRDdFMEMwOTM1RTlDMDEyNkMw MjgxNkVENzY4Q0U2MTNFNjM1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANfoy14XLl01o3Iw0JAEekjTik340YAN442Ie/iWZuQuQ6f2BUSuHphu1Jj8 bM5PjZemC0zR64cQPv4RIaF4uLb50KxQMaBvzH65Tr10PEaQerJK6kv+mveXZY5N FOmlewCYlB1paEVa8aPUmWY5oyGdrzPHdns2XG8uhPz095nCUwZASr6W2vqfx/5/ WLXUQOvttbauSIyF+OEVMmRFlgg3CmPiClmkWf5nFmr41/GiO6vKtnEG1SpyzdQF 81QahsU0DIwGvM8gUG+h4bzmUYwTiPzxCReZQP6RDI4apIzEV6AE6U37mcSXjWb2 QLQj+lduLtdjVC0QHog3GSpUbDkCAwEAAaOCAdcwggHTMB0GA1UdDgQWBBTbzX4M CTXpwBJsAoFu12jOYT5jUjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjQ1MzQucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgAB MBIDBAJnNEQDBAFniE4DBAFnlQ4wDQYJKoZIhvcNAQELBQADggEBAHKrGpvbsHvA uZDSzkvjGH+SHBKvB7eZGlilwxTE562OjdJUzltGbiBe8MA62fvCQyRgG9n7HyPS kB+F7vsMoleKv1cTjB7mokUO5oMsWp92t4Wvp9E/t7MpDFChdOHpbW9o7Ii+u0H3 L/b5R4GA+GwK4gHIFMcvriRmMt7lAcqBwftWzvzuDwbHKJeXRWglWCTpB6OcO8Fd HA3C9spOrq0KU1/D4vdZJAumQk9zx6m+gG9WNvA0WOYGLuTcxxh93KWTqSmsnStc FaukC+YCxQPXHP/l/H9mP8P5kA4a17fGIL2hPgnkkAzUTYHnL81Kt2I22QKsgDrq xSuBPLvvXaI= -----END CERTIFICATE-----Generated at Sun May 3 00:40:34 2026 by rpki-client