$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS58552.roa File: AS58552.roa (raw, json) Hash identifier: dBTppfqhLNpUdo4U5xbYyfXdDoMzcipSb9NjpGXCDu4= Subject key identifier: D3:9D:63:61:17:60:C3:8A:AE:7C:87:FE:5C:29:DE:AB:29:3B:4E:9F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2A5E8654A3E5D03402B25A2668631C25817199B4 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58552.roa Signing time: Sat 02 May 2026 21:06:40 +0000 ROA not before: Sat 02 May 2026 21:01:40 +0000 ROA not after: Sat 01 May 2027 21:06:40 +0000 asID: 58552 IP address blocks: 103.143.223.0/24 maxlen: 24 114.198.241.0/24 maxlen: 24 114.198.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:5e:86:54:a3:e5:d0:34:02:b2:5a:26:68:63:1c:25:81:71:99:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:01:40 2026 GMT Not After : May 1 21:06:40 2027 GMT Subject: CN=D39D63611760C38AAE7C87FE5C29DEAB293B4E9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:88:49:fa:3a:0e:6a:6f:ee:7e:b6:10:a6:85: a6:04:f0:25:92:fc:fc:7d:87:90:40:5d:61:ed:79: 88:a0:b9:d5:92:24:6d:f1:59:14:47:8d:ba:63:4e: 4b:68:5e:b4:74:7f:7b:2c:57:61:6a:da:ef:35:ac: 36:6f:97:58:3b:cc:33:ed:98:f3:cf:4b:25:f2:fa: 19:93:af:32:d3:9d:6d:89:11:ea:97:56:4d:12:e9: b0:3c:95:a5:21:30:b4:2d:26:9e:37:a2:13:e5:41: d5:03:5a:ca:c6:8b:19:2d:5d:23:03:7a:74:8b:50: a3:60:d1:46:88:dd:92:7e:8e:bd:c9:0c:c5:49:25: 95:f6:f4:80:2b:8f:e3:cf:0b:bc:29:a7:c0:6f:78: fd:fe:3c:59:d7:ba:70:c7:bc:6c:14:1f:d2:68:c4: 34:66:dd:0d:d3:f9:f2:32:a5:38:0f:76:2a:49:4f: 84:0e:35:ed:5c:8d:4f:9d:14:3b:bd:f1:8d:76:ba: 2e:3b:e8:fc:c5:a0:93:db:c7:45:be:a7:72:9b:5c: 9b:a1:b0:cf:a4:06:90:8d:c0:eb:b4:c1:b1:55:40: ad:6e:5b:cc:32:9b:db:38:dd:26:ce:41:95:10:60: 85:56:91:95:f0:d8:47:1f:e9:6f:70:3d:c0:77:4d: f7:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:9D:63:61:17:60:C3:8A:AE:7C:87:FE:5C:29:DE:AB:29:3B:4E:9F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58552.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.143.223.0/24 114.198.241.0/24 114.198.247.0/24 Signature Algorithm: sha256WithRSAEncryption 9a:91:34:c9:58:a0:98:57:ec:0b:11:af:37:a4:35:80:a4:f2: 56:ac:e2:f5:d5:9e:5f:4d:c7:26:2d:c9:1e:0d:11:94:e8:fd: b7:ad:e4:53:e6:9b:5f:cc:ab:69:19:0e:8c:b1:07:de:4e:3c: 0f:21:2b:0a:b8:f4:9e:24:fa:60:79:82:dd:81:8c:2a:4b:7a: 59:cd:37:ec:64:d6:fa:a7:db:8e:0f:a2:98:3e:43:73:dc:5a: e2:df:79:f4:dd:b7:82:98:20:ff:1a:b3:16:d3:f3:86:65:f6: a6:9e:be:9b:d2:d9:35:9a:d6:1b:65:10:3b:9c:23:69:bf:a7: 3a:d2:08:53:a3:fa:c8:f8:d3:86:30:01:0e:99:af:b2:60:1a: a7:80:58:c8:22:55:c3:e3:e2:8e:5d:a1:3d:74:59:be:c1:6c: c3:e9:a7:a3:e1:99:ed:bf:95:d4:2b:d0:16:3f:17:df:33:79: 14:9e:3f:6d:40:3b:a9:07:a7:64:91:82:44:2d:50:17:8b:22: 0c:7d:04:b5:61:07:73:25:82:8d:8c:18:f7:24:cd:fa:f2:a4: 22:ea:36:9b:3c:b2:64:61:0e:7c:68:b6:36:43:c3:58:94:97: 7e:0b:90:fc:b1:85:8b:43:a5:54:5a:52:cd:d8:ac:3e:18:a0: 07:97:08:99 -----BEGIN CERTIFICATE----- MIIE5DCCA8ygAwIBAgIUKl6GVKPl0DQCslomaGMcJYFxmbQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDE0MFoX DTI3MDUwMTIxMDY0MFowMzExMC8GA1UEAxMoRDM5RDYzNjExNzYwQzM4QUFFN0M4 N0ZFNUMyOURFQUIyOTNCNEU5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOISfo6Dmpv7n62EKaFpgTwJZL8/H2HkEBdYe15iKC51ZIkbfFZFEeNumNO S2hetHR/eyxXYWra7zWsNm+XWDvMM+2Y889LJfL6GZOvMtOdbYkR6pdWTRLpsDyV pSEwtC0mnjeiE+VB1QNaysaLGS1dIwN6dItQo2DRRojdkn6OvckMxUkllfb0gCuP 488LvCmnwG94/f48Wde6cMe8bBQf0mjENGbdDdP58jKlOA92KklPhA417VyNT50U O73xjXa6Ljvo/MWgk9vHRb6ncptcm6Gwz6QGkI3A67TBsVVArW5bzDKb2zjdJs5B lRBghVaRlfDYRx/pb3A9wHdN9zkCAwEAAaOCAdcwggHTMB0GA1UdDgQWBBTTnWNh F2DDiq58h/5cKd6rKTtOnzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNTg1NTIucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgAB MBIDBABnj98DBAByxvEDBAByxvcwDQYJKoZIhvcNAQELBQADggEBAJqRNMlYoJhX 7AsRrzekNYCk8las4vXVnl9NxyYtyR4NEZTo/bet5FPmm1/Mq2kZDoyxB95OPA8h Kwq49J4k+mB5gt2BjCpLelnNN+xk1vqn244Popg+Q3PcWuLfefTdt4KYIP8asxbT 84Zl9qaevpvS2TWa1htlEDucI2m/pzrSCFOj+sj404YwAQ6Zr7JgGqeAWMgiVcPj 4o5doT10Wb7BbMPpp6Phme2/ldQr0BY/F98zeRSeP21AO6kHp2SRgkQtUBeLIgx9 BLVhB3Mlgo2MGPckzfrypCLqNps8smRhDnxotjZDw1iUl34LkPyxhYtDpVRaUs3Y rD4YoAeXCJk= -----END CERTIFICATE-----Generated at Sun May 3 01:44:43 2026 by rpki-client