$ rpki-client -vvf rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS140421.roa File: AS140421.roa (raw, json) Hash identifier: NubwM9MWXF/shtYPHNCf93qRquIZw5eXxpOBi0ubSeY= Subject key identifier: 3F:BA:C1:A6:50:50:F2:42:B9:C6:A7:F9:35:4B:4A:A9:F5:9B:85:26 Certificate issuer: /CN=1FD138814ED6ED10A74AEDE620ECC6CB414D8D49 Certificate serial: 6896450B9DE79F00EBB4F8D9BCE80A50FDEB38D8 Authority key identifier: 1F:D1:38:81:4E:D6:ED:10:A7:4A:ED:E6:20:EC:C6:CB:41:4D:8D:49 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS140421.roa Signing time: Sun 03 May 2026 03:14:40 +0000 ROA not before: Sun 03 May 2026 03:09:40 +0000 ROA not after: Sun 02 May 2027 03:14:40 +0000 asID: 140421 IP address blocks: 202.87.177.0/24 maxlen: 24 202.87.180.0/24 maxlen: 24 202.87.181.0/24 maxlen: 24 202.87.182.0/24 maxlen: 24 202.87.183.0/24 maxlen: 24 202.87.185.0/24 maxlen: 24 202.87.186.0/24 maxlen: 24 202.87.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.crl rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:96:45:0b:9d:e7:9f:00:eb:b4:f8:d9:bc:e8:0a:50:fd:eb:38:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FD138814ED6ED10A74AEDE620ECC6CB414D8D49 Validity Not Before: May 3 03:09:40 2026 GMT Not After : May 2 03:14:40 2027 GMT Subject: CN=3FBAC1A65050F242B9C6A7F9354B4AA9F59B8526 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:4a:46:20:82:90:21:fc:5c:15:a1:9b:0a:99: a1:0a:93:0e:13:c2:35:1d:27:ea:4e:ca:8d:68:92: a8:7f:22:3b:72:46:dc:6d:dd:f7:53:bd:10:4c:36: f1:ba:9b:15:e5:41:fd:57:e7:cf:9a:68:ac:b3:19: d0:a7:98:62:c8:26:e2:23:0d:f9:87:ef:75:2c:72: f1:29:ce:77:15:78:0d:5a:e2:cc:91:01:5e:72:29: a1:39:b3:87:e5:b6:8b:f0:e7:a4:a7:80:d6:74:df: 4b:dc:c4:37:ff:65:19:27:48:8d:64:49:c7:a1:ae: 51:3e:46:32:06:88:13:45:5f:f4:71:03:23:38:c6: a7:20:55:e9:50:f2:a6:5c:55:8f:c1:56:81:5e:7b: ca:50:54:85:60:b4:43:4b:78:c3:71:92:e8:74:79: 1c:cd:42:08:c2:ea:64:89:e2:f2:47:ad:bb:cd:8a: 1b:47:3d:0a:bb:a4:c5:d2:1b:1d:59:c9:b2:17:fc: b2:b4:60:fd:15:3e:e0:f1:b8:78:81:59:9d:6b:18: 96:13:70:91:0b:22:ec:e1:01:9e:3e:0d:99:1a:6b: ab:72:a7:26:65:8d:d8:8f:2f:65:aa:3c:d5:28:8d: 84:91:b6:b4:58:03:47:6e:4b:ee:35:7b:4f:c2:87: f8:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:BA:C1:A6:50:50:F2:42:B9:C6:A7:F9:35:4B:4A:A9:F5:9B:85:26 X509v3 Authority Key Identifier: keyid:1F:D1:38:81:4E:D6:ED:10:A7:4A:ED:E6:20:EC:C6:CB:41:4D:8D:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/1FD138814ED6ED10A74AEDE620ECC6CB414D8D49.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/AS140421.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.87.177.0/24 202.87.180.0/22 202.87.185.0-202.87.186.255 202.87.189.0/24 Signature Algorithm: sha256WithRSAEncryption 84:01:9b:ee:ac:5d:fd:d1:2b:7c:cb:4b:9d:8c:6c:20:15:a4: 70:3e:27:f8:f8:f4:24:f9:83:83:7e:c4:8f:45:9a:cb:54:ec: 36:64:b5:0b:30:d2:08:5f:6a:0f:44:c5:6e:2b:cc:8d:2d:71: 5d:b8:61:86:c6:09:33:4e:a9:0c:55:d0:ba:92:3c:96:5a:74: 44:30:14:4b:88:e6:39:a0:32:0e:b5:1b:96:97:6c:c9:c0:82: 0a:f3:91:12:b9:a3:5c:8c:30:09:9a:df:ac:7a:9b:25:19:3e: eb:c4:17:26:f7:6e:fd:f7:2c:69:b8:b5:73:83:52:26:91:63: 49:52:45:d5:a9:04:b3:03:08:6a:f8:57:56:20:6c:e1:4c:ed: 44:b2:e8:3f:ea:2f:27:ee:df:98:80:33:cc:13:9a:bb:d0:e4: bd:c8:66:5d:68:d1:25:dc:37:2c:55:6d:43:e7:07:7b:9c:d9: e4:66:4e:72:30:36:1b:23:d0:77:fe:52:89:ec:5a:8e:35:f6: 35:3c:78:12:f7:b4:54:e9:7d:7e:c4:46:37:e6:af:51:94:a5: ec:a2:91:46:f6:ae:93:4a:cc:e6:67:ef:b6:df:7b:16:08:20: b8:15:97:89:52:90:76:af:8b:67:2f:5d:13:3a:03:01:0d:ac: 7a:a2:97:1e -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgIUaJZFC53nnwDrtPjZvOgKUP3rONgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZEMTM4ODE0RUQ2RUQxMEE3NEFFREU2MjBFQ0M2Q0I0 MTREOEQ0OTAeFw0yNjA1MDMwMzA5NDBaFw0yNzA1MDIwMzE0NDBaMDMxMTAvBgNV BAMTKDNGQkFDMUE2NTA1MEYyNDJCOUM2QTdGOTM1NEI0QUE5RjU5Qjg1MjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPSkYggpAh/FwVoZsKmaEKkw4T wjUdJ+pOyo1okqh/IjtyRtxt3fdTvRBMNvG6mxXlQf1X58+aaKyzGdCnmGLIJuIj DfmH73UscvEpzncVeA1a4syRAV5yKaE5s4fltovw56SngNZ030vcxDf/ZRknSI1k ScehrlE+RjIGiBNFX/RxAyM4xqcgVelQ8qZcVY/BVoFee8pQVIVgtENLeMNxkuh0 eRzNQgjC6mSJ4vJHrbvNihtHPQq7pMXSGx1ZybIX/LK0YP0VPuDxuHiBWZ1rGJYT cJELIuzhAZ4+DZkaa6typyZljdiPL2WqPNUojYSRtrRYA0duS+41e0/Ch/gBAgMB AAGjggIZMIICFTAdBgNVHQ4EFgQUP7rBplBQ8kK5xqf5NUtKqfWbhSYwHwYDVR0j BBgwFoAUH9E4gU7W7RCnSu3mIOzGy0FNjUkwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v ZTg3MzQ5ZmItNDY1ZS00ZThiLWE5NzQtOTBlOTM5YmNiMGZiLzAvMUZEMTM4ODE0 RUQ2RUQxMEE3NEFFREU2MjBFQ0M2Q0I0MTREOEQ0OS5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS8xRkQxMzg4MTRFRDZFRDEwQTc0QUVERTYyMEVDQzZDQjQxNEQ4 RDQ5LmNlcjBxBggrBgEFBQcBCwRlMGMwYQYIKwYBBQUHMAuGVXJzeW5jOi8vcnBr aS1yc3luYy5pZG5pYy5uZXQvcmVwby9lODczNDlmYi00NjVlLTRlOGItYTk3NC05 MGU5MzliY2IwZmIvMC9BUzE0MDQyMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAMpXsQMEAspXtDAMAwQA yle5AwQAyle6AwQAyle9MA0GCSqGSIb3DQEBCwUAA4IBAQCEAZvurF390St8y0ud jGwgFaRwPif4+PQk+YODfsSPRZrLVOw2ZLULMNIIX2oPRMVuK8yNLXFduGGGxgkz TqkMVdC6kjyWWnREMBRLiOY5oDIOtRuWl2zJwIIK85ESuaNcjDAJmt+sepslGT7r xBcm92799yxpuLVzg1ImkWNJUkXVqQSzAwhq+FdWIGzhTO1Esug/6i8n7t+YgDPM E5q70OS9yGZdaNEl3DcsVW1D5wd7nNnkZk5yMDYbI9B3/lKJ7FqONfY1PHgS97RU 6X1+xEY35q9RlKXsopFG9q6TSszmZ++233sWCCC4FZeJUpB2r4tnL10TOgMBDax6 opce -----END CERTIFICATE-----Generated at Tue May 12 23:00:47 2026 by rpki-client