$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS24207.roa File: AS24207.roa (raw, json) Hash identifier: nqeqGxebmbZbNs7X/4YAPZx3DdYZIsg0c0pLI2kxjEw= Subject key identifier: 19:D6:6F:A5:EF:65:62:BC:97:A3:77:07:98:0B:EE:BB:4C:7F:C7:47 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 487BB90CEE73A67D05A776CF19ABC7956EC20D5C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24207.roa Signing time: Sun 03 May 2026 14:30:41 +0000 ROA not before: Sun 03 May 2026 14:25:41 +0000 ROA not after: Sun 02 May 2027 14:30:41 +0000 asID: 24207 IP address blocks: 120.89.92.0/23 maxlen: 24 2001:df2:f140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:7b:b9:0c:ee:73:a6:7d:05:a7:76:cf:19:ab:c7:95:6e:c2:0d:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 14:25:41 2026 GMT Not After : May 2 14:30:41 2027 GMT Subject: CN=19D66FA5EF6562BC97A37707980BEEBB4C7FC747 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:df:f0:4b:ce:40:d9:39:b4:ab:8d:ff:93:ce: 44:6d:d4:20:57:15:03:ca:4d:6d:6d:18:c6:11:05: 30:ac:40:87:33:fc:de:35:be:95:90:e8:54:3e:e9: ef:80:ae:57:fc:90:ae:ab:87:31:bf:0a:21:d2:e1: 9c:0c:55:52:f0:37:0e:65:78:ce:c5:da:1a:8a:2b: 53:18:a8:48:d2:59:b4:6b:f3:64:1f:75:a6:0b:6b: 7d:ef:19:9a:2f:9c:a5:3b:62:98:75:94:f3:48:88: 60:45:26:44:78:e5:f2:33:f9:94:ee:1b:cf:49:5c: f2:86:e2:6f:54:04:ad:b0:49:df:9a:d5:98:ec:e0: 4e:4a:09:30:4f:6c:67:5c:94:5d:f6:89:c4:71:03: 9b:3f:ed:a0:a9:a1:e8:3f:06:f2:5b:32:77:e8:f2: 98:e2:b3:c1:06:c8:59:5b:7d:68:52:4c:ee:10:e8: 1f:fc:df:a9:3c:71:33:dc:80:77:fd:65:fb:68:d8: 9a:3f:c7:b7:2c:2d:7c:d2:a0:6d:01:a8:79:aa:cd: a5:5a:1a:17:b1:58:f3:ee:39:2e:eb:0f:d3:55:8c: cf:fd:8b:fa:a9:72:aa:03:c2:60:dd:89:41:4e:6d: e1:15:40:ea:15:71:59:29:8f:24:75:f3:42:00:17: e7:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:D6:6F:A5:EF:65:62:BC:97:A3:77:07:98:0B:EE:BB:4C:7F:C7:47 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS24207.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.89.92.0/23 IPv6: 2001:df2:f140::/48 Signature Algorithm: sha256WithRSAEncryption 8e:08:0c:23:13:a2:fe:df:7a:d9:20:62:0f:b2:8d:17:81:55: 7a:4a:05:ed:76:a2:10:b8:9f:50:e2:54:b6:f8:b1:a1:d3:bb: a8:f3:ca:22:82:07:2a:f0:c4:3a:7f:6d:8b:9b:a9:39:02:38: f7:ba:3c:a9:e7:76:94:00:10:a0:ce:db:15:f0:36:6d:0f:4f: 34:c4:3e:2d:cb:ef:9c:f3:e0:2f:c5:b6:25:ab:1f:0f:c8:bf: 6e:16:b6:18:41:d0:5b:5b:42:31:ec:94:e1:88:a6:11:4f:a4: c6:f3:bb:a2:6a:3a:d7:b3:39:e4:5d:d8:fc:43:fc:46:0a:3e: 7f:4c:27:29:32:5d:cf:57:99:a5:6c:49:11:f1:70:ea:6e:b1: 39:c5:ac:09:1d:64:b6:3b:9e:3e:19:33:67:0c:8b:cf:ee:85: e8:b9:8e:ff:9b:0a:06:7f:4d:eb:2b:de:99:ca:c6:71:90:92: 95:7f:db:1c:e2:4b:80:77:ff:14:46:36:ec:d9:c0:03:ae:38: d9:c0:17:0b:1d:be:49:d5:d0:33:df:22:a1:3b:52:e6:3a:fd: dd:5f:ff:39:ef:22:09:6f:ce:39:1a:8a:5f:28:1b:2b:47:84: 4d:b8:fb:e3:f1:84:87:b6:cd:dc:5c:13:ab:1e:81:b8:72:7f: 9a:61:08:49 -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgIUSHu5DO5zpn0Fp3bPGavHlW7CDVwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzE0MjU0MVoX DTI3MDUwMjE0MzA0MVowMzExMC8GA1UEAxMoMTlENjZGQTVFRjY1NjJCQzk3QTM3 NzA3OTgwQkVFQkI0QzdGQzc0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPff8EvOQNk5tKuN/5PORG3UIFcVA8pNbW0YxhEFMKxAhzP83jW+lZDoVD7p 74CuV/yQrquHMb8KIdLhnAxVUvA3DmV4zsXaGoorUxioSNJZtGvzZB91pgtrfe8Z mi+cpTtimHWU80iIYEUmRHjl8jP5lO4bz0lc8obib1QErbBJ35rVmOzgTkoJME9s Z1yUXfaJxHEDmz/toKmh6D8G8lsyd+jymOKzwQbIWVt9aFJM7hDoH/zfqTxxM9yA d/1l+2jYmj/HtywtfNKgbQGoearNpVoaF7FY8+45LusP01WMz/2L+qlyqgPCYN2J QU5t4RVA6hVxWSmPJHXzQgAX50UCAwEAAaOCAdwwggHYMB0GA1UdDgQWBBQZ1m+l 72VivJejdweYC+67TH/HRzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjQyMDcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgAB MAYDBAF4WVwwDwQCAAIwCQMHACABDfLxQDANBgkqhkiG9w0BAQsFAAOCAQEAjggM IxOi/t962SBiD7KNF4FVekoF7XaiELifUOJUtvixodO7qPPKIoIHKvDEOn9ti5up OQI497o8qed2lAAQoM7bFfA2bQ9PNMQ+LcvvnPPgL8W2JasfD8i/bha2GEHQW1tC MeyU4YimEU+kxvO7omo617M55F3Y/EP8Rgo+f0wnKTJdz1eZpWxJEfFw6m6xOcWs CR1ktjuePhkzZwyLz+6F6LmO/5sKBn9N6yvemcrGcZCSlX/bHOJLgHf/FEY27NnA A6442cAXCx2+SdXQM98ioTtS5jr93V//Oe8iCW/OORqKXygbK0eETbj74/GEh7bN 3FwTqx6BuHJ/mmEISQ== -----END CERTIFICATE-----Generated at Tue May 12 22:42:15 2026 by rpki-client