$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS38505.roa File: AS38505.roa (raw, json) Hash identifier: mSsGnZZbl7QRpuGcHEIQqYRTL2awAC/BTCln7sS12AQ= Subject key identifier: ED:6D:C9:E1:FE:D7:06:5E:1A:C4:C5:04:5D:85:F8:66:B7:81:75:DE Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6F3B11B402FE7DF222E7E7C3F753699C003D6497 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38505.roa Signing time: Sat 02 May 2026 09:19:28 +0000 ROA not before: Sat 02 May 2026 09:14:28 +0000 ROA not after: Sat 01 May 2027 09:19:28 +0000 asID: 38505 IP address blocks: 103.11.186.0/23 maxlen: 24 203.217.132.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:3b:11:b4:02:fe:7d:f2:22:e7:e7:c3:f7:53:69:9c:00:3d:64:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:14:28 2026 GMT Not After : May 1 09:19:28 2027 GMT Subject: CN=ED6DC9E1FED7065E1AC4C5045D85F866B78175DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:3c:e6:a2:17:74:b5:24:f1:e8:8e:ee:66:78: 4f:78:91:ed:9e:3b:46:89:e9:b8:43:7f:9b:9c:5b: ef:96:71:af:eb:2d:c1:fc:22:5b:29:63:b9:a2:34: 70:93:f5:0e:c7:ce:7f:7f:49:25:ba:00:3a:9a:02: d9:84:2b:a9:38:f7:ff:d2:a9:ff:29:d1:88:3f:d1: bf:fb:7a:f3:6c:4f:a5:f3:0a:72:53:38:de:14:44: a0:2e:88:7d:ee:d8:1b:33:08:44:d4:7b:8f:0d:ed: 5a:6d:e9:4b:b9:a3:74:a9:bf:8f:22:3d:4e:83:c7: b4:70:36:f5:49:23:34:e3:50:f1:6e:c2:35:68:57: 67:0a:f3:f2:c1:40:75:02:68:7b:f8:ff:29:b6:bc: 07:9f:f6:90:6c:e9:fa:7c:de:8c:08:c3:c1:d0:ef: 91:fc:6e:ec:e7:e8:fb:92:4f:3d:1d:00:16:29:ce: e8:a5:db:14:f1:55:ea:12:58:ea:60:1f:9d:a1:04: b7:8e:09:2f:a2:d6:64:d1:a4:c2:ec:a8:a8:64:e2: c8:4c:2b:e8:0e:9f:26:57:4e:bf:3f:55:fa:40:3b: eb:21:56:e3:da:ef:64:0d:b6:53:6d:4a:87:4b:3f: 6c:98:3b:01:dc:1e:b1:a4:f8:06:c1:05:82:15:0e: c2:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:6D:C9:E1:FE:D7:06:5E:1A:C4:C5:04:5D:85:F8:66:B7:81:75:DE X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38505.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.11.186.0/23 203.217.132.0/23 Signature Algorithm: sha256WithRSAEncryption 41:2d:fe:7b:d6:f9:77:2c:7f:ae:49:01:21:2f:dc:14:4b:3a: bf:5e:04:2a:d0:d4:f7:98:3f:1e:a4:1a:9d:72:da:a7:9f:02: b3:09:eb:51:fd:13:f7:b4:28:db:9b:74:5e:1e:a2:e0:d1:d7: 0f:e6:c7:95:c5:b0:f8:91:a0:17:5c:fc:c5:a3:19:d3:47:27: 32:5c:ad:4f:91:01:4f:3f:e6:52:38:eb:b7:78:ed:72:e1:25: 64:e3:ce:98:96:2b:9e:d3:b4:d1:f2:20:b5:dc:22:8f:9d:a5: ef:54:27:c3:5a:9d:69:e7:84:c1:de:29:d9:dd:f2:ce:e2:7a: 11:58:db:30:41:73:36:05:a7:37:5e:c7:8d:63:ab:f1:ff:5f: 78:64:c1:02:de:06:f3:ab:ab:6d:f7:51:0c:7c:12:f2:63:d8: b3:42:94:59:f0:57:43:19:66:c1:68:f1:40:76:a8:46:db:b3: ff:4a:30:de:97:e6:7d:20:63:62:25:2f:c7:38:c7:3b:4a:f8: a3:d7:1f:f4:27:0e:f6:da:99:82:e5:de:17:1e:78:27:0b:1a: 43:5c:2d:98:9b:4d:d3:9d:09:fd:ce:f8:03:8f:ae:28:e6:bc: d9:3a:b2:67:b4:b5:46:ec:11:3b:25:3c:db:98:f7:03:32:5c: cc:85:81:bd -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUbzsRtAL+ffIi5+fD91NpnAA9ZJcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTQyOFoX DTI3MDUwMTA5MTkyOFowMzExMC8GA1UEAxMoRUQ2REM5RTFGRUQ3MDY1RTFBQzRD NTA0NUQ4NUY4NjZCNzgxNzVERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKo85qIXdLUk8eiO7mZ4T3iR7Z47RonpuEN/m5xb75Zxr+stwfwiWyljuaI0 cJP1DsfOf39JJboAOpoC2YQrqTj3/9Kp/ynRiD/Rv/t682xPpfMKclM43hREoC6I fe7YGzMIRNR7jw3tWm3pS7mjdKm/jyI9ToPHtHA29UkjNONQ8W7CNWhXZwrz8sFA dQJoe/j/Kba8B5/2kGzp+nzejAjDwdDvkfxu7Ofo+5JPPR0AFinO6KXbFPFV6hJY 6mAfnaEEt44JL6LWZNGkwuyoqGTiyEwr6A6fJldOvz9V+kA76yFW49rvZA22U21K h0s/bJg7AdwesaT4BsEFghUOws8CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBTtbcnh /tcGXhrExQRdhfhmt4F13jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMzg1MDUucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgAB MAwDBAFnC7oDBAHL2YQwDQYJKoZIhvcNAQELBQADggEBAEEt/nvW+Xcsf65JASEv 3BRLOr9eBCrQ1PeYPx6kGp1y2qefArMJ61H9E/e0KNubdF4eouDR1w/mx5XFsPiR oBdc/MWjGdNHJzJcrU+RAU8/5lI467d47XLhJWTjzpiWK57TtNHyILXcIo+dpe9U J8NanWnnhMHeKdnd8s7iehFY2zBBczYFpzdex41jq/H/X3hkwQLeBvOrq233UQx8 EvJj2LNClFnwV0MZZsFo8UB2qEbbs/9KMN6X5n0gY2IlL8c4xztK+KPXH/QnDvba mYLl3hceeCcLGkNcLZibTdOdCf3O+AOPrijmvNk6sme0tUbsETslPNuY9wMyXMyF gb0= -----END CERTIFICATE-----Generated at Sun May 3 00:41:56 2026 by rpki-client