$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141091.roa File: AS141091.roa (raw, json) Hash identifier: b9o/rO10F11n8ZI+420a8THOwv+nmwNc7Y8xjdueAQE= Subject key identifier: E2:4F:8E:C7:4F:9B:74:CE:D2:55:5C:C9:E5:9D:B0:8C:C6:03:ED:EE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6749A0D5A400E9950C30443723CB938A65478411 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141091.roa Signing time: Tue 11 Nov 2025 06:00:18 +0000 ROA not before: Tue 11 Nov 2025 05:55:18 +0000 ROA not after: Tue 10 Nov 2026 06:00:18 +0000 asID: 141091 IP address blocks: 103.156.128.0/23 maxlen: 24 2406:87c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Nov 2025 08:25:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:49:a0:d5:a4:00:e9:95:0c:30:44:37:23:cb:93:8a:65:47:84:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 11 05:55:18 2025 GMT Not After : Nov 10 06:00:18 2026 GMT Subject: CN=E24F8EC74F9B74CED2555CC9E59DB08CC603EDEE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:09:4b:52:62:17:ac:d9:e8:f5:0f:23:df:85: 56:1f:d1:ba:63:4a:ee:e2:fc:11:57:e3:f7:41:c8: 2d:c5:3e:9b:34:3e:6c:c2:95:04:d5:04:54:a9:ba: 40:d4:5e:7c:ba:06:a9:2a:80:59:7a:89:ee:38:1a: df:b7:41:30:34:ae:41:c6:8d:6a:e3:19:64:12:ac: 1e:b4:d0:a3:8d:56:34:e3:97:cf:0e:4a:9b:30:6c: d3:92:96:dc:82:03:51:e7:f7:cc:c1:b2:ef:c5:ec: d1:01:e2:0a:ac:87:ec:f7:0a:26:b6:68:11:b4:1d: ff:26:ad:03:ba:73:06:c1:08:5c:7a:8e:b9:e8:a0: 1f:1c:29:1e:31:7e:89:16:67:e9:a2:38:a6:df:8b: 0f:9a:30:1a:fa:40:d3:ce:37:28:8f:9c:50:33:e8: d3:5a:29:ea:84:5c:7f:2c:e0:e6:93:cf:05:1a:07: 71:c0:81:19:f1:36:22:97:f8:75:a7:b8:60:1f:72: 5e:5e:a5:11:b1:b7:c7:0e:cf:16:b9:d4:69:f4:7f: 1e:7e:49:0f:e4:b5:8b:f8:e7:f3:d1:5d:f3:3b:8f: 48:ab:93:ee:dc:45:66:12:68:bb:dd:03:46:2f:10: 83:95:62:fc:d7:29:e3:2b:b7:22:51:d7:e2:df:5f: cf:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:4F:8E:C7:4F:9B:74:CE:D2:55:5C:C9:E5:9D:B0:8C:C6:03:ED:EE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.128.0/23 IPv6: 2406:87c0::/32 Signature Algorithm: sha256WithRSAEncryption 3c:a9:ec:8b:19:29:5b:93:ab:b8:ad:ba:3e:23:7a:52:7c:b1: a2:51:cf:a3:18:7b:71:21:ac:05:a2:8f:d3:a3:d7:bb:3b:24: a0:6b:0c:36:0b:56:fc:c9:7d:de:d1:ac:ca:64:ec:ff:0a:1b: 66:1a:9b:e8:55:86:14:bc:04:97:00:85:8f:d7:ac:bc:d2:45: 90:7a:04:0a:53:49:a8:93:35:53:e6:59:97:b6:ae:93:a6:4d: 82:8f:4e:dc:99:51:6f:48:8f:fc:5e:2f:f9:e2:a0:63:1b:02: 80:02:ed:45:46:47:59:67:a4:c5:13:92:03:44:ee:1b:f7:a3: ca:99:4a:ce:96:d8:05:1c:17:a9:79:a6:1e:a8:c4:a4:12:98: c6:8c:dd:34:53:e3:68:68:c0:e3:ad:07:7c:36:21:2d:55:c7: bd:95:df:82:b5:8a:18:f9:d3:a7:99:3d:3a:f0:86:be:34:2e: 87:9f:7a:05:b0:62:50:f6:6a:72:d4:c4:10:01:e8:58:44:eb: be:c7:f0:48:d9:61:d9:8a:80:3f:bd:6a:00:08:3b:b5:38:4e: 87:c5:86:bc:f5:28:39:96:cc:63:a1:78:e7:bf:a8:be:96:27: 26:6c:47:0b:d2:1a:7f:6e:5e:cb:81:bc:cd:81:24:e9:bf:a5: 40:f8:71:34 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgIUZ0mg1aQA6ZUMMEQ3I8uTimVHhBEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTExMTA1NTUxOFoX DTI2MTExMDA2MDAxOFowMzExMC8GA1UEAxMoRTI0RjhFQzc0RjlCNzRDRUQyNTU1 Q0M5RTU5REIwOENDNjAzRURFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO0JS1JiF6zZ6PUPI9+FVh/RumNK7uL8EVfj90HILcU+mzQ+bMKVBNUEVKm6 QNRefLoGqSqAWXqJ7jga37dBMDSuQcaNauMZZBKsHrTQo41WNOOXzw5KmzBs05KW 3IIDUef3zMGy78Xs0QHiCqyH7PcKJrZoEbQd/yatA7pzBsEIXHqOueigHxwpHjF+ iRZn6aI4pt+LD5owGvpA0843KI+cUDPo01op6oRcfyzg5pPPBRoHccCBGfE2Ipf4 dae4YB9yXl6lEbG3xw7PFrnUafR/Hn5JD+S1i/jn89Fd8zuPSKuT7txFZhJou90D Ri8Qg5Vi/Ncp4yu3IlHX4t9fz90CAwEAAaOCAd8wggHbMB0GA1UdDgQWBBTiT47H T5t0ztJVXMnlnbCMxgPt7jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTA5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0w DAQCAAEwBgMEAWecgDANBAIAAjAHAwUAJAaHwDANBgkqhkiG9w0BAQsFAAOCAQEA PKnsixkpW5OruK26PiN6UnyxolHPoxh7cSGsBaKP06PXuzskoGsMNgtW/Ml93tGs ymTs/wobZhqb6FWGFLwElwCFj9esvNJFkHoEClNJqJM1U+ZZl7auk6ZNgo9O3JlR b0iP/F4v+eKgYxsCgALtRUZHWWekxROSA0TuG/ejyplKzpbYBRwXqXmmHqjEpBKY xozdNFPjaGjA460HfDYhLVXHvZXfgrWKGPnTp5k9OvCGvjQuh596BbBiUPZqctTE EAHoWETrvsfwSNlh2YqAP71qAAg7tThOh8WGvPUoOZbMY6F457+ovpYnJmxHC9Ia f25ey4G8zYEk6b+lQPhxNA== -----END CERTIFICATE-----Generated at Tue Nov 18 01:39:39 2025 by rpki-client