$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS58820.roa File: AS58820.roa (raw, json) Hash identifier: cZa4Xecs/f7GB2AgiqD2uMg5xQEHThe0i8iMl9FJIUQ= Subject key identifier: F9:B1:CF:F2:66:D0:22:D1:0E:5B:19:A2:C1:C5:E3:64:86:FA:D0:E5 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3048E125CAF2799FA2DAEEAF52D295C34F223276 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58820.roa Signing time: Sat 02 May 2026 21:04:24 +0000 ROA not before: Sat 02 May 2026 20:59:24 +0000 ROA not after: Sat 01 May 2027 21:04:24 +0000 asID: 58820 IP address blocks: 103.113.28.0/24 maxlen: 24 103.136.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:48:e1:25:ca:f2:79:9f:a2:da:ee:af:52:d2:95:c3:4f:22:32:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 20:59:24 2026 GMT Not After : May 1 21:04:24 2027 GMT Subject: CN=F9B1CFF266D022D10E5B19A2C1C5E36486FAD0E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:bf:a4:e4:48:1f:25:68:35:ce:f8:1e:e4:d7: f8:4b:05:e8:f7:08:e2:fb:76:d9:fe:c2:9e:1a:67: 9d:40:14:d7:11:80:36:d4:0d:af:84:66:50:6c:c8: fa:3c:89:b7:81:59:3a:82:a7:ed:9e:12:35:9b:d3: a3:37:ed:fe:76:3c:e5:a6:66:3c:44:3e:7e:a2:f3: 58:4d:2e:d0:4e:bf:a8:a4:6c:4e:1c:d3:2f:18:7a: cd:3f:c6:17:a0:5c:2f:8d:82:c4:ca:4b:a9:90:ec: 36:c3:a3:42:b8:28:d3:57:86:e5:a8:3c:c5:8c:e2: 21:4a:2f:91:5b:3d:48:81:32:ff:e1:d8:a3:28:77: cc:96:90:02:f0:f0:34:22:4d:50:16:b5:74:85:5b: cd:29:b3:6c:25:b6:57:da:d5:c6:c1:de:66:8a:c4: 38:b0:73:0e:46:b5:12:82:be:30:7a:2d:59:f0:65: a3:72:0c:10:5f:a5:ca:35:ea:2b:97:65:c1:7e:c0: 99:3e:96:fe:07:58:8f:da:a6:b4:55:ef:59:b9:f3: 34:5d:32:57:55:1d:7c:21:7c:1b:1a:ef:3c:53:92: 23:d0:f6:ff:60:6a:5e:72:f1:01:bc:f0:ec:78:51: c7:c0:57:ef:1e:41:17:3a:8f:29:44:28:41:39:ae: a8:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B1:CF:F2:66:D0:22:D1:0E:5B:19:A2:C1:C5:E3:64:86:FA:D0:E5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58820.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.113.28.0/24 103.136.16.0/22 Signature Algorithm: sha256WithRSAEncryption 33:5c:6b:ef:08:c5:ae:4b:1f:83:e2:f6:c7:47:44:fd:1b:ae: 97:7e:f1:c2:39:19:11:12:03:9e:cd:a5:14:b1:e5:5f:aa:ad: d5:57:e2:0d:17:9c:cb:e3:9f:5f:ad:0f:e9:45:3f:91:25:7e: cb:b2:a8:14:a3:a8:26:fe:6e:e4:62:c6:8b:da:1f:eb:1a:7c: dd:6e:34:87:97:5d:2c:a5:76:97:7e:d1:5a:ab:ee:2c:d6:2e: c5:f8:24:b7:ec:82:e7:42:35:ca:15:d9:2a:62:ca:ac:79:c4: 22:cc:c2:a6:f6:2d:36:47:b8:6a:aa:bf:60:f3:c0:47:aa:5a: d3:fa:8d:6d:70:40:a1:43:12:32:96:3d:ad:0c:da:82:9b:67: 23:3a:06:9d:a0:a0:41:8c:ac:e6:5c:f4:55:bf:25:c2:75:d8: 8f:68:14:bd:ff:9d:58:f0:78:b0:e2:1e:83:f3:68:6e:63:67: db:2d:05:a4:9f:36:b2:60:23:5b:28:7c:fe:7b:0c:13:11:d8: 5d:10:f9:b5:b3:9d:a4:e8:eb:00:be:fc:ec:0c:f1:a1:9b:8f: 86:77:31:0c:6c:06:2d:90:06:fa:ae:96:a6:59:af:a8:4c:da: f7:73:d6:d9:19:e4:88:4d:57:f4:0b:8a:5a:c3:32:7b:05:59: ba:78:15:59 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUMEjhJcryeZ+i2u6vUtKVw08iMnYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwNTkyNFoX DTI3MDUwMTIxMDQyNFowMzExMC8GA1UEAxMoRjlCMUNGRjI2NkQwMjJEMTBFNUIx OUEyQzFDNUUzNjQ4NkZBRDBFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANa/pORIHyVoNc74HuTX+EsF6PcI4vt22f7CnhpnnUAU1xGANtQNr4RmUGzI +jyJt4FZOoKn7Z4SNZvTozft/nY85aZmPEQ+fqLzWE0u0E6/qKRsThzTLxh6zT/G F6BcL42CxMpLqZDsNsOjQrgo01eG5ag8xYziIUovkVs9SIEy/+HYoyh3zJaQAvDw NCJNUBa1dIVbzSmzbCW2V9rVxsHeZorEOLBzDka1EoK+MHotWfBlo3IMEF+lyjXq K5dlwX7AmT6W/gdYj9qmtFXvWbnzNF0yV1UdfCF8GxrvPFOSI9D2/2BqXnLxAbzw 7HhRx8BX7x5BFzqPKUQoQTmuqKECAwEAAaOCAdEwggHNMB0GA1UdDgQWBBT5sc/y ZtAi0Q5bGaLBxeNkhvrQ5TAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNTg4MjAucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgAB MAwDBABncRwDBAJniBAwDQYJKoZIhvcNAQELBQADggEBADNca+8Ixa5LH4Pi9sdH RP0brpd+8cI5GRESA57NpRSx5V+qrdVX4g0XnMvjn1+tD+lFP5ElfsuyqBSjqCb+ buRixovaH+safN1uNIeXXSyldpd+0Vqr7izWLsX4JLfsgudCNcoV2Spiyqx5xCLM wqb2LTZHuGqqv2DzwEeqWtP6jW1wQKFDEjKWPa0M2oKbZyM6Bp2goEGMrOZc9FW/ JcJ12I9oFL3/nVjweLDiHoPzaG5jZ9stBaSfNrJgI1sofP57DBMR2F0Q+bWznaTo 6wC+/OwM8aGbj4Z3MQxsBi2QBvqulqZZr6hM2vdz1tkZ5IhNV/QLilrDMnsFWbp4 FVk= -----END CERTIFICATE-----Generated at Sun May 3 00:40:43 2026 by rpki-client