$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140304.roa File: AS140304.roa (raw, json) Hash identifier: Vc+rOgbxazjFlHQz0FMDDB/USuCxbO49I3rZqeljx7c= Subject key identifier: 35:8B:79:42:B9:C9:F7:01:5A:C0:0F:11:F6:3F:47:6F:21:1B:44:37 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3AAEFF6D68B71E36E0B538FA801E4B3DBC5820E9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140304.roa Signing time: Tue 07 Apr 2026 08:07:23 +0000 ROA not before: Tue 07 Apr 2026 08:02:23 +0000 ROA not after: Tue 06 Apr 2027 08:07:23 +0000 asID: 140304 IP address blocks: 2001:df6:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 00:44:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:ae:ff:6d:68:b7:1e:36:e0:b5:38:fa:80:1e:4b:3d:bc:58:20:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 7 08:02:23 2026 GMT Not After : Apr 6 08:07:23 2027 GMT Subject: CN=358B7942B9C9F7015AC00F11F63F476F211B4437 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:30:98:41:07:d8:70:05:22:64:ff:91:70:44: 38:d8:44:b3:78:a5:d4:e8:27:8f:47:92:fb:9a:4e: 1a:81:cb:13:72:a7:59:5d:35:03:ad:94:ef:fd:9c: 68:89:04:72:8e:ff:cc:31:67:da:cf:53:88:19:9b: 48:19:c3:0e:5f:27:ad:31:2d:b0:f9:7a:ca:80:5f: 39:4f:ef:26:3f:07:c8:cd:9e:c0:b4:dd:cb:b6:13: 6b:53:6b:7d:4a:59:d8:23:a6:1a:ce:00:fa:d7:f5: fc:2b:8a:4d:eb:97:69:4c:00:f5:95:5c:bb:a4:b0: aa:a8:7b:97:dc:f3:14:b9:dd:f9:93:7b:d4:4d:13: 83:19:3d:e5:a1:fd:07:93:fe:df:73:f6:5b:72:01: b0:7a:ac:dd:90:2f:67:e9:0b:8c:93:fa:5d:96:98: fb:78:ba:95:14:1b:12:1b:a5:e5:70:19:ea:68:38: ba:34:e0:18:5a:dd:36:50:c3:2e:8b:c9:1b:d9:70: 99:8a:dc:98:9b:ba:b7:9e:2b:e4:ea:87:aa:a2:bc: 83:3e:39:38:a9:2e:a9:45:2c:9e:09:66:19:16:c3: af:83:de:55:66:33:72:09:40:b5:e1:c1:3f:f4:4c: 47:00:63:a9:aa:53:bb:0e:ae:a8:80:0a:83:38:da: 59:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:8B:79:42:B9:C9:F7:01:5A:C0:0F:11:F6:3F:47:6F:21:1B:44:37 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS140304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:b040::/48 Signature Algorithm: sha256WithRSAEncryption 4a:bc:f7:a8:f2:1a:16:d8:e5:a7:ea:bd:6f:cf:9e:c0:83:04: 97:7e:40:29:bc:bf:61:24:28:bd:34:18:74:2a:42:c1:a2:59: 99:31:a1:b6:bd:9f:bc:ec:91:3a:53:43:de:a4:c0:3b:11:31: 76:1d:4a:c8:bd:08:68:e1:9d:a9:60:84:c7:6b:1b:d4:7a:f1: c1:65:04:51:29:3e:59:1c:bd:37:05:d9:d5:f0:ba:84:6b:50: f5:73:9d:7c:6e:95:13:8f:ef:27:89:ab:f7:fb:4d:c5:a3:78: 86:6c:2c:bc:ad:63:62:22:e6:c6:47:93:29:e7:0e:05:ef:53: 25:06:b0:ed:cd:2d:d3:c6:6b:cf:ca:ce:8f:13:35:2b:fb:97: 68:31:66:6d:60:9a:e3:c4:bd:8e:ae:aa:9d:ab:16:2a:93:a0: d2:55:31:d9:32:a3:81:8b:e3:83:36:2f:19:f7:22:56:6c:19: e2:7a:d9:75:e1:a0:0b:28:d4:43:d6:4e:96:f7:ec:5f:33:3f: 12:65:0f:78:1a:2a:0b:ed:45:a2:fa:8c:e6:ef:53:c0:cc:df: fb:0e:73:e6:53:47:2f:ac:11:e7:af:3e:93:c4:e0:60:55:35: d4:05:b2:c5:50:f1:81:ae:8f:ce:8e:03:db:f0:27:e5:b4:c9: 2b:37:55:5b -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUOq7/bWi3HjbgtTj6gB5LPbxYIOkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDQwNzA4MDIyM1oX DTI3MDQwNjA4MDcyM1owMzExMC8GA1UEAxMoMzU4Qjc5NDJCOUM5RjcwMTVBQzAw RjExRjYzRjQ3NkYyMTFCNDQzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMowmEEH2HAFImT/kXBEONhEs3il1Ognj0eS+5pOGoHLE3KnWV01A62U7/2c aIkEco7/zDFn2s9TiBmbSBnDDl8nrTEtsPl6yoBfOU/vJj8HyM2ewLTdy7YTa1Nr fUpZ2COmGs4A+tf1/CuKTeuXaUwA9ZVcu6Swqqh7l9zzFLnd+ZN71E0Tgxk95aH9 B5P+33P2W3IBsHqs3ZAvZ+kLjJP6XZaY+3i6lRQbEhul5XAZ6mg4ujTgGFrdNlDD LovJG9lwmYrcmJu6t54r5OqHqqK8gz45OKkuqUUsnglmGRbDr4PeVWYzcglAteHB P/RMRwBjqapTuw6uqIAKgzjaWU0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQ1i3lC ucn3AVrADxH2P0dvIRtENzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MDMwNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfawQDANBgkqhkiG9w0BAQsFAAOCAQEASrz3qPIaFtjlp+q9 b8+ewIMEl35AKby/YSQovTQYdCpCwaJZmTGhtr2fvOyROlND3qTAOxExdh1KyL0I aOGdqWCEx2sb1HrxwWUEUSk+WRy9NwXZ1fC6hGtQ9XOdfG6VE4/vJ4mr9/tNxaN4 hmwsvK1jYiLmxkeTKecOBe9TJQaw7c0t08Zrz8rOjxM1K/uXaDFmbWCa48S9jq6q nasWKpOg0lUx2TKjgYvjgzYvGfciVmwZ4nrZdeGgCyjUQ9ZOlvfsXzM/EmUPeBoq C+1FovqM5u9TwMzf+w5z5lNHL6wR568+k8TgYFU11AWyxVDxga6Pzo4D2/An5bTJ KzdVWw== -----END CERTIFICATE-----Generated at Fri Apr 17 16:02:49 2026 by rpki-client