$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS58821.roa File: AS58821.roa (raw, json) Hash identifier: 27bcAD4XAXT57GJiQ0a9lcrrK1AIZ8kwOGVSMGJjEP4= Subject key identifier: 9D:7C:0E:4F:A2:A1:64:B5:4D:1D:B8:A0:08:CF:EC:B0:85:13:F4:30 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1835AA15471443A3EC77D3E67686F8BF2D50C918 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58821.roa Signing time: Sat 02 May 2026 21:35:48 +0000 ROA not before: Sat 02 May 2026 21:30:48 +0000 ROA not after: Sat 01 May 2027 21:35:48 +0000 asID: 58821 IP address blocks: 103.156.248.0/23 maxlen: 24 2001:df5:9f80::/48 maxlen: 48 2001:df5:b8c0::/48 maxlen: 48 2406:9140::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:35:aa:15:47:14:43:a3:ec:77:d3:e6:76:86:f8:bf:2d:50:c9:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:30:48 2026 GMT Not After : May 1 21:35:48 2027 GMT Subject: CN=9D7C0E4FA2A164B54D1DB8A008CFECB08513F430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:41:84:c3:97:b0:1b:e7:e9:8e:82:dd:3a:5f: 97:26:50:03:37:42:77:0d:37:45:01:5c:86:b0:e4: 5e:c6:dd:ff:20:95:a0:da:35:a5:5d:05:cb:7d:77: 97:3f:d2:36:32:c9:a1:93:4c:9c:9e:49:d2:63:64: d5:2a:87:9c:86:1b:be:03:0c:86:e8:8a:14:74:32: d1:80:31:cf:ef:c0:94:ac:07:85:84:d7:5c:b6:0b: 67:e5:5f:96:8a:de:4b:f0:4f:73:fa:d8:8c:1e:69: 93:89:ea:35:ef:57:49:19:b3:ed:e9:57:7c:2f:01: fd:6c:fe:49:f4:7e:cf:ee:19:b9:a6:a8:8e:26:45: fe:bd:58:96:c0:23:f5:86:a8:25:4c:64:71:38:a7: bf:ae:67:1f:2d:01:d6:98:ca:03:bf:4e:26:56:d6: 37:52:9f:ff:9a:95:37:a4:d4:ad:89:5a:9e:c0:77: 57:a2:0e:de:0f:f4:65:42:1b:fe:1c:78:ed:98:2d: 1b:c7:91:93:fa:41:48:a4:42:85:b1:15:13:95:ce: df:7c:28:f0:73:d3:05:a8:63:16:c2:4d:eb:a1:aa: 6a:3d:29:d7:fd:11:7b:0d:75:83:f2:2a:26:80:a3: 98:ac:a3:a1:df:4a:e2:14:ba:f0:82:ab:b3:61:32: fa:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:7C:0E:4F:A2:A1:64:B5:4D:1D:B8:A0:08:CF:EC:B0:85:13:F4:30 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS58821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.248.0/23 IPv6: 2001:df5:9f80::/48 2001:df5:b8c0::/48 2406:9140::/32 Signature Algorithm: sha256WithRSAEncryption 66:5a:d1:0a:49:9f:ea:e5:1e:02:b1:ee:2c:1c:c5:bf:32:c3: 19:26:29:8d:3f:ca:67:f5:9f:d7:47:58:45:e2:33:c1:50:c6: 70:07:af:b2:6d:2b:23:35:fb:31:fb:9d:07:3b:90:9e:5d:ee: b5:32:ab:4c:40:58:7a:62:15:0e:fb:22:a6:52:22:f5:05:d6: 8c:84:c6:13:1d:47:c5:61:1e:e2:73:58:31:e8:b1:a1:51:56: aa:d5:8f:01:7c:7d:2a:17:0b:0c:52:63:29:6d:85:f4:5c:3c: 4f:c7:24:51:39:51:ad:7b:ba:0c:e5:8c:b7:52:8b:ec:44:97: 45:a8:9e:72:72:3d:e3:8d:13:7f:53:92:41:14:1b:6c:b4:fc: a3:36:3b:3c:ed:66:b4:f7:54:b5:76:07:84:da:5c:47:40:e5: 46:82:a8:a5:e0:ae:3c:f1:7d:64:e3:b9:44:74:19:e9:e6:89: c6:bb:bd:d7:af:65:fc:04:96:d0:e3:4e:27:0f:74:99:96:2a: 94:db:8f:68:fe:9b:bd:c4:a2:19:4f:5a:f6:4f:bb:31:88:fa: d2:a8:69:7e:06:4f:de:60:ee:af:c6:30:25:3b:63:b8:cd:ee: a6:81:fb:7b:87:66:c2:45:c3:ea:59:aa:da:f3:a2:a0:4c:99: 39:36:41:a7 -----BEGIN CERTIFICATE----- MIIE+TCCA+GgAwIBAgIUGDWqFUcUQ6Psd9Pmdob4vy1QyRgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMzA0OFoX DTI3MDUwMTIxMzU0OFowMzExMC8GA1UEAxMoOUQ3QzBFNEZBMkExNjRCNTREMURC OEEwMDhDRkVDQjA4NTEzRjQzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1BhMOXsBvn6Y6C3TpflyZQAzdCdw03RQFchrDkXsbd/yCVoNo1pV0Fy313 lz/SNjLJoZNMnJ5J0mNk1SqHnIYbvgMMhuiKFHQy0YAxz+/AlKwHhYTXXLYLZ+Vf loreS/BPc/rYjB5pk4nqNe9XSRmz7elXfC8B/Wz+SfR+z+4ZuaaojiZF/r1YlsAj 9YaoJUxkcTinv65nHy0B1pjKA79OJlbWN1Kf/5qVN6TUrYlansB3V6IO3g/0ZUIb /hx47ZgtG8eRk/pBSKRChbEVE5XO33wo8HPTBahjFsJN66Gqaj0p1/0Rew11g/Iq JoCjmKyjod9K4hS68IKrs2Ey+psCAwEAAaOCAewwggHoMB0GA1UdDgQWBBSdfA5P oqFktU0duKAIz+ywhRP0MDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTNTg4MjEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMAwEAgAB MAYDBAFnnPgwHwQCAAIwGQMHACABDfWfgAMHACABDfW4wAMFACQGkUAwDQYJKoZI hvcNAQELBQADggEBAGZa0QpJn+rlHgKx7iwcxb8ywxkmKY0/ymf1n9dHWEXiM8FQ xnAHr7JtKyM1+zH7nQc7kJ5d7rUyq0xAWHpiFQ77IqZSIvUF1oyExhMdR8VhHuJz WDHosaFRVqrVjwF8fSoXCwxSYylthfRcPE/HJFE5Ua17ugzljLdSi+xEl0WonnJy PeONE39TkkEUG2y0/KM2OzztZrT3VLV2B4TaXEdA5UaCqKXgrjzxfWTjuUR0Genm ica7vdevZfwEltDjTicPdJmWKpTbj2j+m73EohlPWvZPuzGI+tKoaX4GT95g7q/G MCU7Y7jN7qaB+3uHZsJFw+pZqtrzoqBMmTk2Qac= -----END CERTIFICATE-----Generated at Sun May 3 01:44:55 2026 by rpki-client