$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS38771.roa File: AS38771.roa (raw, json) Hash identifier: YI5NeL4oO4PaeS2h/qW3AxqvJIjn0G/HZUfKZCYpxp4= Subject key identifier: 9E:29:8E:CC:28:D6:A8:55:AF:1F:00:AD:63:5A:31:52:D9:5A:5F:CD Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 556A68E8AC6A1A60B6533CB78058136B99EE0AE8 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38771.roa Signing time: Sat 02 May 2026 08:37:08 +0000 ROA not before: Sat 02 May 2026 08:32:08 +0000 ROA not after: Sat 01 May 2027 08:37:08 +0000 asID: 38771 IP address blocks: 103.171.234.0/23 maxlen: 24 114.141.48.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:6a:68:e8:ac:6a:1a:60:b6:53:3c:b7:80:58:13:6b:99:ee:0a:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:32:08 2026 GMT Not After : May 1 08:37:08 2027 GMT Subject: CN=9E298ECC28D6A855AF1F00AD635A3152D95A5FCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ba:b6:4d:7a:7f:22:68:0e:07:a2:df:c6:b1: 58:06:53:65:8a:17:e7:f8:ca:3b:3e:2a:43:79:17: 78:68:58:86:79:57:d6:9f:8d:56:16:5b:87:ca:3c: 6a:e3:51:c3:3f:7c:06:4d:c0:55:55:82:a2:7b:ff: 98:72:44:f7:00:1b:af:73:18:6d:3c:e6:80:93:ae: 23:38:98:26:e5:03:5d:ab:70:3e:70:8e:25:c8:89: 80:40:a5:f7:d6:96:14:00:ae:24:40:15:47:af:79: 69:4c:70:a6:65:6f:19:a8:28:13:dd:0b:12:95:63: 1f:cf:76:4f:28:41:36:11:7a:42:e4:4e:24:45:9e: b1:ee:22:ed:c5:e6:6a:4a:b2:e4:85:2c:5b:17:29: 9b:1d:f0:a2:07:90:27:57:36:5d:ed:b6:20:78:a4: 02:c4:3d:77:a9:69:49:f9:b0:9f:78:ad:b8:d1:a6: 0a:4d:00:6b:19:ce:d7:5f:ae:d1:86:90:a4:3e:28: 0f:ff:78:6c:e5:19:7b:ba:3b:24:03:61:c4:d1:3d: 0e:b0:ec:d1:4f:38:9c:dc:4f:50:b2:33:b8:16:20: 33:e0:9d:7e:a6:34:ce:87:df:2e:24:c8:74:cd:7a: a6:f9:b9:6c:76:e6:3e:ef:3f:fd:30:86:2a:43:91: 40:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:29:8E:CC:28:D6:A8:55:AF:1F:00:AD:63:5A:31:52:D9:5A:5F:CD X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS38771.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.171.234.0/23 114.141.48.0/21 Signature Algorithm: sha256WithRSAEncryption 2c:2a:0f:ad:a0:f3:70:ce:17:72:e5:47:2e:28:c8:19:60:30: 8b:66:9d:b5:18:28:50:95:af:96:f6:ac:1d:82:c3:be:f0:99: 93:31:30:78:6d:96:fa:b5:61:5c:de:d9:d7:0a:6d:00:ce:07: 3b:9c:8e:23:3b:75:c1:64:9d:58:13:c1:46:ee:15:e5:34:60: 91:4d:1d:06:30:0f:34:ec:19:1c:d0:cd:e6:38:9b:e3:3e:d7: f2:e0:1d:c4:69:e4:12:89:48:e1:49:27:88:50:ea:b6:53:f8: 56:44:6d:8d:8f:7d:ab:7a:60:c5:a9:13:17:43:95:fd:3a:77: cb:4d:6e:f6:2c:a0:09:6a:94:50:c8:71:74:8b:25:44:ad:4b: c0:46:49:f8:9a:bb:da:33:1b:7a:57:de:bd:bd:28:63:c9:c2: 38:64:3d:0b:81:2b:80:c7:ed:a8:3e:37:eb:a6:08:a5:02:b7: 55:27:b1:c4:7e:53:36:2d:34:12:64:5b:43:16:6a:da:94:66: 62:4b:2a:93:d1:ef:ea:d8:45:2f:cb:35:31:26:10:fa:8c:e8: 54:d4:75:5c:53:a9:7b:23:f5:0f:5a:2c:ff:b1:c7:22:25:cd: 26:b0:2c:5b:00:f4:60:0b:4c:51:8d:e2:bd:fd:51:0d:7e:c0: e4:7d:bc:15 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUVWpo6KxqGmC2Uzy3gFgTa5nuCugwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzIwOFoX DTI3MDUwMTA4MzcwOFowMzExMC8GA1UEAxMoOUUyOThFQ0MyOEQ2QTg1NUFGMUYw MEFENjM1QTMxNTJEOTVBNUZDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPK6tk16fyJoDgei38axWAZTZYoX5/jKOz4qQ3kXeGhYhnlX1p+NVhZbh8o8 auNRwz98Bk3AVVWConv/mHJE9wAbr3MYbTzmgJOuIziYJuUDXatwPnCOJciJgECl 99aWFACuJEAVR695aUxwpmVvGagoE90LEpVjH892TyhBNhF6QuROJEWese4i7cXm akqy5IUsWxcpmx3wogeQJ1c2Xe22IHikAsQ9d6lpSfmwn3ituNGmCk0AaxnO11+u 0YaQpD4oD/94bOUZe7o7JANhxNE9DrDs0U84nNxPULIzuBYgM+CdfqY0zoffLiTI dM16pvm5bHbmPu8//TCGKkORQIMCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBSeKY7M KNaoVa8fAK1jWjFS2VpfzTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMzg3NzEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgAB MAwDBAFnq+oDBANyjTAwDQYJKoZIhvcNAQELBQADggEBACwqD62g83DOF3LlRy4o yBlgMItmnbUYKFCVr5b2rB2Cw77wmZMxMHhtlvq1YVze2dcKbQDOBzucjiM7dcFk nVgTwUbuFeU0YJFNHQYwDzTsGRzQzeY4m+M+1/LgHcRp5BKJSOFJJ4hQ6rZT+FZE bY2Pfat6YMWpExdDlf06d8tNbvYsoAlqlFDIcXSLJUStS8BGSfiau9ozG3pX3r29 KGPJwjhkPQuBK4DH7ag+N+umCKUCt1UnscR+UzYtNBJkW0MWatqUZmJLKpPR7+rY RS/LNTEmEPqM6FTUdVxTqXsj9Q9aLP+xxyIlzSawLFsA9GALTFGN4r39UQ1+wOR9 vBU= -----END CERTIFICATE-----Generated at Sun May 3 01:40:54 2026 by rpki-client