$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS9657.roa File: AS9657.roa (raw, json) Hash identifier: uu8cqjeKYX1/3EOt04+fArZyhFmaVac40maBn7HZRJM= Subject key identifier: C3:F7:A2:14:47:5F:39:76:9E:40:8E:CA:FE:5B:8F:6B:CB:02:8D:35 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 78602D663741A00247A3CF6D6B9BADC124D4BD9F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9657.roa Signing time: Sat 02 May 2026 16:26:06 +0000 ROA not before: Sat 02 May 2026 16:21:06 +0000 ROA not after: Sat 01 May 2027 16:26:06 +0000 asID: 9657 IP address blocks: 202.138.224.0/19 maxlen: 24 2403:9500::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:60:2d:66:37:41:a0:02:47:a3:cf:6d:6b:9b:ad:c1:24:d4:bd:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 16:21:06 2026 GMT Not After : May 1 16:26:06 2027 GMT Subject: CN=C3F7A214475F39769E408ECAFE5B8F6BCB028D35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:86:73:4e:22:47:e5:a2:25:ae:58:74:0f:e2: 74:36:0e:8e:68:b5:a3:19:cf:05:e8:e1:b0:b9:95: b9:3e:f9:dc:7c:99:ff:89:a8:ce:8a:1b:4d:e8:54: a7:ee:c4:d8:70:2f:59:3d:4b:06:53:04:66:43:50: 2d:7d:a0:fa:48:84:2c:09:af:33:8f:05:fa:0b:97: 4a:4b:5b:bb:8e:65:df:93:02:90:e4:4a:e2:01:dd: c2:d9:ff:28:a6:79:d3:ed:d1:a9:49:a5:3d:f0:c2: f6:c6:b5:57:42:ca:31:21:ea:80:7c:10:b6:97:14: 4b:d0:40:55:17:46:03:0b:0d:18:3f:c1:eb:82:ec: e6:05:8f:21:c3:79:3b:9e:ec:54:0a:2f:d7:b6:28: ec:04:fa:86:6f:51:10:fb:64:b1:24:2e:8f:14:fa: 0d:bc:3f:69:fc:90:ff:bc:ec:2b:43:24:02:4f:9d: 9a:1b:2b:53:72:3e:8f:5a:ed:98:84:ed:cd:cf:87: 4d:8d:95:37:24:8a:98:eb:bc:c4:ab:30:2a:94:8b: 1a:90:28:12:e7:1d:5a:cf:4f:57:b1:a0:76:aa:e4: ab:ce:7b:75:df:4a:14:4e:35:de:60:51:9b:df:dc: d5:67:a5:e2:3e:a8:37:e4:a9:23:d6:75:3b:39:95: 25:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:F7:A2:14:47:5F:39:76:9E:40:8E:CA:FE:5B:8F:6B:CB:02:8D:35 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS9657.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.138.224.0/19 IPv6: 2403:9500::/32 Signature Algorithm: sha256WithRSAEncryption 73:19:e2:b2:3e:69:15:7c:e8:7e:ed:41:53:09:e6:af:d1:83: be:1d:33:99:2e:85:0f:e3:7b:41:c1:74:01:6a:0b:e9:6e:b3: 7b:23:75:aa:bf:1c:5d:76:cb:9f:af:f3:63:9d:ac:fc:45:72: e9:3b:50:a3:ed:2d:90:c9:68:ea:af:fa:59:18:1d:d8:d3:99: 46:ad:ed:40:b7:5c:f4:cf:df:b8:ca:79:80:ea:b1:e4:9c:cc: 3a:4f:22:76:32:88:02:1d:2a:a9:44:a3:45:91:f2:f0:52:24: 08:83:ba:78:6c:fd:66:30:fa:56:f8:31:0c:65:ec:75:4a:7f: 2b:0a:fd:ce:2f:c3:8d:55:d6:d8:6f:7d:f3:2d:bd:b1:4d:54: 78:e6:ba:16:de:bd:cd:f3:4e:60:d8:ab:12:f9:81:9f:09:72: 8a:21:a9:1a:f0:f0:74:16:d5:5b:00:0c:97:06:9c:81:ae:3e: b0:0e:71:6d:37:4e:b9:74:6f:2a:00:11:c3:4f:21:15:ca:64: de:a4:2a:38:e7:cd:8c:96:21:b4:e1:da:ba:db:1f:4c:a1:7c: 98:3a:52:74:a3:e3:cd:43:93:bd:69:e8:db:b7:5d:d7:2a:23: 01:75:d8:d6:14:90:68:3a:ec:28:67:de:7b:63:a6:77:97:4f: 91:fc:f2:99 -----BEGIN CERTIFICATE----- MIIE5jCCA86gAwIBAgIUeGAtZjdBoAJHo89ta5utwSTUvZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjE2MjEwNloX DTI3MDUwMTE2MjYwNlowMzExMC8GA1UEAxMoQzNGN0EyMTQ0NzVGMzk3NjlFNDA4 RUNBRkU1QjhGNkJDQjAyOEQzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKGc04iR+WiJa5YdA/idDYOjmi1oxnPBejhsLmVuT753HyZ/4mozoobTehU p+7E2HAvWT1LBlMEZkNQLX2g+kiELAmvM48F+guXSktbu45l35MCkORK4gHdwtn/ KKZ50+3RqUmlPfDC9sa1V0LKMSHqgHwQtpcUS9BAVRdGAwsNGD/B64Ls5gWPIcN5 O57sVAov17Yo7AT6hm9REPtksSQujxT6Dbw/afyQ/7zsK0MkAk+dmhsrU3I+j1rt mITtzc+HTY2VNySKmOu8xKswKpSLGpAoEucdWs9PV7Ggdqrkq857dd9KFE413mBR m9/c1Wel4j6oN+SpI9Z1OzmVJRMCAwEAAaOCAdkwggHVMB0GA1UdDgQWBBTD96IU R185dp5Ajsr+W49rywKNNTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBQBggrBgEFBQcBCwREMEIwQAYIKwYBBQUHMAuGNHJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTOTY1Ny5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEw BgMEBcqK4DANBAIAAjAHAwUAJAOVADANBgkqhkiG9w0BAQsFAAOCAQEAcxnisj5p FXzofu1BUwnmr9GDvh0zmS6FD+N7QcF0AWoL6W6zeyN1qr8cXXbLn6/zY52s/EVy 6TtQo+0tkMlo6q/6WRgd2NOZRq3tQLdc9M/fuMp5gOqx5JzMOk8idjKIAh0qqUSj RZHy8FIkCIO6eGz9ZjD6VvgxDGXsdUp/Kwr9zi/DjVXW2G998y29sU1UeOa6Ft69 zfNOYNirEvmBnwlyiiGpGvDwdBbVWwAMlwacga4+sA5xbTdOuXRvKgARw08hFcpk 3qQqOOfNjJYhtOHautsfTKF8mDpSdKPjzUOTvWno27dd1yojAXXY1hSQaDrsKGfe e2Omd5dPkfzymQ== -----END CERTIFICATE-----Generated at Sun May 3 01:40:54 2026 by rpki-client