$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138829.roa File: AS138829.roa (raw, json) Hash identifier: PYCmcq7G/ACqSXjnu3b8lfvQMXAzOPjz35F9XOt0b5Y= Subject key identifier: 64:E6:1A:39:2B:1C:F6:CD:8A:EE:B7:3E:C2:DD:AE:F8:BA:26:4E:C5 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3775582DF9D78B2EAEF6CEBEC6FB8DC7C94AB108 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138829.roa Signing time: Sun 03 May 2026 04:30:07 +0000 ROA not before: Sun 03 May 2026 04:25:07 +0000 ROA not after: Sun 02 May 2027 04:30:07 +0000 asID: 138829 IP address blocks: 36.50.253.0/24 maxlen: 24 103.11.132.0/23 maxlen: 24 103.137.110.0/23 maxlen: 23 2404:afc0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:75:58:2d:f9:d7:8b:2e:ae:f6:ce:be:c6:fb:8d:c7:c9:4a:b1:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 04:25:07 2026 GMT Not After : May 2 04:30:07 2027 GMT Subject: CN=64E61A392B1CF6CD8AEEB73EC2DDAEF8BA264EC5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:94:be:20:92:4a:51:b3:d2:70:83:70:ee:1b: d9:33:c6:9a:ed:f3:fc:31:39:ec:9a:b3:c4:24:32: ff:63:ca:85:3a:dc:c5:74:f1:d9:5c:93:5d:2f:87: 66:03:02:d6:9c:a0:64:b1:6d:b3:9f:37:b9:54:05: 0a:05:d9:c2:10:15:90:70:7e:78:ec:4f:18:27:fe: 5b:ce:7e:26:17:77:37:52:80:93:6b:78:9e:5f:de: 2c:5c:e6:98:39:97:77:2c:75:c4:7c:b0:be:c7:8d: c1:df:1a:bd:ed:b0:fd:7b:fe:3c:04:75:ef:2a:74: 01:a0:0d:12:aa:e9:c6:e9:0f:2b:67:5f:71:21:8b: 5d:4e:63:4c:ff:1a:9a:16:a8:72:1a:a0:23:56:a1: 8c:82:6f:47:b0:eb:1e:4f:39:f4:16:2f:46:62:b7: 2b:44:4b:2a:27:de:bf:48:62:58:d7:c7:b5:6c:34: f9:5b:28:9e:b7:21:af:85:3f:de:89:a7:ea:ec:9b: 08:7e:ca:66:d2:8f:43:b9:89:bc:8a:c5:6f:82:50: 67:07:09:c9:ec:08:4f:bf:86:43:02:c8:83:8a:89: 37:a7:d4:7c:58:77:8a:5a:29:10:09:ba:84:4b:f8: 46:25:38:91:0d:6c:00:81:cf:e1:cb:e6:2e:89:9b: 18:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:E6:1A:39:2B:1C:F6:CD:8A:EE:B7:3E:C2:DD:AE:F8:BA:26:4E:C5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138829.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.50.253.0/24 103.11.132.0/23 103.137.110.0/23 IPv6: 2404:afc0::/32 Signature Algorithm: sha256WithRSAEncryption a4:4a:28:eb:db:95:da:d0:c1:be:dd:5a:cf:b6:68:bc:00:3d: a0:d5:f9:15:90:8c:66:80:71:8d:e5:47:1c:8a:87:b7:59:7b: b6:03:fd:2b:af:ea:69:65:63:58:89:c7:64:ef:21:ba:d1:f6: 75:bb:9c:a0:31:22:ac:68:fa:6c:05:b1:62:fc:66:e8:a8:60: 1a:15:24:0d:9d:39:eb:a9:09:05:49:25:8b:f2:d5:85:fd:2b: 72:3d:3e:dc:2b:28:8b:3f:54:6e:f9:9c:cd:dd:8c:6f:20:d4: ac:a0:ea:8e:5a:a8:db:e3:d9:cf:d7:99:4b:38:f7:a0:a8:6a: f3:82:57:f3:a7:9a:5e:76:58:9c:c6:64:4b:b4:39:6b:74:85: 2c:e1:82:e3:43:47:f5:40:58:22:f3:b3:18:e8:7c:84:9c:a4: 77:c6:4c:56:7e:23:97:8b:79:2c:12:86:96:ee:f1:f5:9d:42: 51:2c:05:f1:b3:1f:35:8d:9e:35:91:d4:45:b7:ed:e0:95:2f: 51:1f:1f:35:a7:53:dd:12:81:bb:3f:1d:6d:75:79:95:31:a1: 28:2e:19:e8:d0:57:b1:da:af:4e:cf:98:c3:83:2b:5f:8b:ee: 7d:e4:e5:ab:91:cc:34:20:24:8a:05:0f:fc:64:20:a0:f2:47: 31:d0:3e:42 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUN3VYLfnXiy6u9s6+xvuNx8lKsQgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA0MjUwN1oX DTI3MDUwMjA0MzAwN1owMzExMC8GA1UEAxMoNjRFNjFBMzkyQjFDRjZDRDhBRUVC NzNFQzJEREFFRjhCQTI2NEVDNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKyUviCSSlGz0nCDcO4b2TPGmu3z/DE57JqzxCQy/2PKhTrcxXTx2VyTXS+H ZgMC1pygZLFts583uVQFCgXZwhAVkHB+eOxPGCf+W85+Jhd3N1KAk2t4nl/eLFzm mDmXdyx1xHywvseNwd8ave2w/Xv+PAR17yp0AaANEqrpxukPK2dfcSGLXU5jTP8a mhaochqgI1ahjIJvR7DrHk859BYvRmK3K0RLKifev0hiWNfHtWw0+Vsonrchr4U/ 3omn6uybCH7KZtKPQ7mJvIrFb4JQZwcJyewIT7+GQwLIg4qJN6fUfFh3ilopEAm6 hEv4RiU4kQ1sAIHP4cvmLombGCkCAwEAAaOCAecwggHjMB0GA1UdDgQWBBRk5ho5 Kxz2zYrutz7C3a74uiZOxTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODI5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIA ATASAwQAJDL9AwQBZwuEAwQBZ4luMA0EAgACMAcDBQAkBK/AMA0GCSqGSIb3DQEB CwUAA4IBAQCkSijr25Xa0MG+3VrPtmi8AD2g1fkVkIxmgHGN5Uccioe3WXu2A/0r r+ppZWNYicdk7yG60fZ1u5ygMSKsaPpsBbFi/GboqGAaFSQNnTnrqQkFSSWL8tWF /StyPT7cKyiLP1Ru+ZzN3YxvINSsoOqOWqjb49nP15lLOPegqGrzglfzp5pedlic xmRLtDlrdIUs4YLjQ0f1QFgi87MY6HyEnKR3xkxWfiOXi3ksEoaW7vH1nUJRLAXx sx81jZ41kdRFt+3glS9RHx81p1PdEoG7Px1tdXmVMaEoLhno0Fex2q9Oz5jDgytf i+595OWrkcw0ICSKBQ/8ZCCg8kcx0D5C -----END CERTIFICATE-----Generated at Tue May 12 22:56:03 2026 by rpki-client