$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa File: AS139994.roa (raw, json) Hash identifier: mQEJNXJ3XVh/s4Uqn72Xq0FcwJo74FkotAw0eOv4kCI= Subject key identifier: CA:BA:BC:12:F0:A0:33:BC:0F:78:9F:3E:28:F4:B1:5A:A0:F7:B9:3F Certificate issuer: /CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Certificate serial: 25008942FCB899B73EAE3756083B30A6D72BF370 Authority key identifier: B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa Signing time: Mon 11 Aug 2025 08:57:13 +0000 ROA not before: Mon 11 Aug 2025 08:52:13 +0000 ROA not after: Mon 10 Aug 2026 08:57:13 +0000 asID: 139994 IP address blocks: 103.3.220.0/22 maxlen: 22 103.3.220.0/24 maxlen: 24 103.3.221.0/24 maxlen: 24 103.3.222.0/24 maxlen: 24 2400:9800:6011::/48 maxlen: 48 2400:9800:6012::/48 maxlen: 48 2400:9800:6013::/48 maxlen: 48 2400:9800:6014::/48 maxlen: 48 2400:9800:6015::/48 maxlen: 48 2400:9800:6026::/48 maxlen: 48 2400:9800:6027::/48 maxlen: 48 2400:9800:6030::/47 maxlen: 47 2400:9800:6032::/47 maxlen: 47 2400:9800:6034::/47 maxlen: 47 2400:9800:6036::/47 maxlen: 47 2400:9800:6040::/47 maxlen: 47 2400:9800:6042::/47 maxlen: 47 2400:9800:6050::/47 maxlen: 47 2400:9800:6052::/47 maxlen: 47 2400:9800:6060::/48 maxlen: 48 2400:9800:6061::/48 maxlen: 48 2400:9800:6065::/48 maxlen: 48 2400:9800:6066::/48 maxlen: 48 2400:9800:6070::/48 maxlen: 48 2400:9800:6073::/48 maxlen: 48 2400:9800:6074::/48 maxlen: 48 2400:9800:6077::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 18:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:00:89:42:fc:b8:99:b7:3e:ae:37:56:08:3b:30:a6:d7:2b:f3:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B493A5CEBF09E10BC35D9AC2211DAFD2095687DA Validity Not Before: Aug 11 08:52:13 2025 GMT Not After : Aug 10 08:57:13 2026 GMT Subject: CN=CABABC12F0A033BC0F789F3E28F4B15AA0F7B93F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6f:74:90:b0:02:f2:57:00:9b:0c:8c:a6:9d: b4:94:20:57:30:a0:b8:97:cd:64:a1:a4:f8:74:1f: 79:1c:38:82:50:52:5e:1c:21:73:38:ad:a8:89:92: 00:96:90:67:de:9f:67:5c:08:4e:8f:d9:b2:ad:fb: 10:56:fc:a2:fa:92:b4:ee:55:37:f7:83:9f:f6:7d: ed:fc:85:b5:7d:b3:9e:8a:e6:1a:ad:86:fc:96:8c: fe:cf:74:b4:d7:2e:63:b3:1d:f6:c2:09:ed:25:e4: 1c:06:24:d5:0e:52:be:ec:2c:46:20:e9:b6:99:c4: f3:3d:8a:58:92:d8:72:4b:39:03:e9:44:1a:ca:17: f8:c0:fb:82:4d:aa:f1:18:c5:a5:fe:58:f6:12:65: a5:ce:f8:d8:68:14:df:ca:3a:ab:54:27:48:e7:b0: 52:43:3b:e7:10:a8:07:f8:ce:42:e7:7b:d5:98:63: bc:31:82:c2:84:0b:ac:95:1b:85:84:8b:a9:ce:3d: 27:0a:06:e9:92:71:8b:d8:02:6c:d6:f2:51:fa:5a: a2:60:8a:e0:52:33:ce:a4:93:5f:d7:be:9a:29:fb: e2:81:14:4f:17:de:ab:13:eb:2e:3a:5a:68:5c:d4: f8:3f:52:84:94:fe:60:88:4c:2c:df:92:d2:2e:25: 5c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:BA:BC:12:F0:A0:33:BC:0F:78:9F:3E:28:F4:B1:5A:A0:F7:B9:3F X509v3 Authority Key Identifier: keyid:B4:93:A5:CE:BF:09:E1:0B:C3:5D:9A:C2:21:1D:AF:D2:09:56:87:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B493A5CEBF09E10BC35D9AC2211DAFD2095687DA.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/0/AS139994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.220.0/22 IPv6: 2400:9800:6011::-2400:9800:6015:ffff:ffff:ffff:ffff:ffff 2400:9800:6026::/47 2400:9800:6030::/45 2400:9800:6040::/46 2400:9800:6050::/46 2400:9800:6060::/47 2400:9800:6065::-2400:9800:6066:ffff:ffff:ffff:ffff:ffff 2400:9800:6070::/48 2400:9800:6073::-2400:9800:6074:ffff:ffff:ffff:ffff:ffff 2400:9800:6077::/48 Signature Algorithm: sha256WithRSAEncryption 3b:0c:37:51:5a:55:96:21:45:5b:ee:28:39:80:87:a0:88:6d: 83:2d:85:52:91:e8:3e:f3:69:35:e2:96:a4:24:5f:ec:c9:bc: bd:3c:c4:80:54:c5:8e:bd:1f:cb:1e:4e:86:2c:f2:0a:71:5a: 5a:48:fc:12:aa:01:fc:8a:fc:f5:b6:07:9f:2b:ce:2c:47:40: db:ce:49:14:d8:da:14:f5:05:f0:63:85:b3:17:4f:5c:0d:9c: 05:05:32:de:0b:2a:a4:e6:b9:3b:86:dc:31:b5:69:19:3d:9b: 7f:4d:b3:16:65:d1:9c:f3:ed:cf:93:fc:ba:be:e8:c4:04:1b: 85:c4:72:2c:17:0c:a6:5f:2b:b6:43:ef:08:7e:e3:3a:6c:0c: 12:89:59:77:91:e7:3c:a5:02:1a:28:aa:39:39:7e:fa:58:54: 4c:8f:6d:13:c1:e1:f5:7d:2a:38:8e:88:0d:75:f7:e5:09:1f: 7e:39:eb:35:0b:90:4c:c2:19:0d:2a:e7:fa:26:3a:c6:29:ec: dd:a5:49:df:79:5e:6c:14:ea:b0:d5:6a:5a:78:1c:c2:9c:3f: 41:51:e2:3b:c1:2c:cb:d6:c4:3d:59:86:6e:79:33:23:ec:61: 2a:0d:a2:fe:7d:f1:77:9d:fa:69:a7:b1:ae:38:2d:df:f6:4d: b6:04:88:9e -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIUJQCJQvy4mbc+rjdWCDswptcr83AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIw OTU2ODdEQTAeFw0yNTA4MTEwODUyMTNaFw0yNjA4MTAwODU3MTNaMDMxMTAvBgNV BAMTKENBQkFCQzEyRjBBMDMzQkMwRjc4OUYzRTI4RjRCMTVBQTBGN0I5M0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4b3SQsALyVwCbDIymnbSUIFcw oLiXzWShpPh0H3kcOIJQUl4cIXM4raiJkgCWkGfen2dcCE6P2bKt+xBW/KL6krTu VTf3g5/2fe38hbV9s56K5hqthvyWjP7PdLTXLmOzHfbCCe0l5BwGJNUOUr7sLEYg 6baZxPM9iliS2HJLOQPpRBrKF/jA+4JNqvEYxaX+WPYSZaXO+NhoFN/KOqtUJ0jn sFJDO+cQqAf4zkLne9WYY7wxgsKEC6yVG4WEi6nOPScKBumScYvYAmzW8lH6WqJg iuBSM86kk1/Xvpop++KBFE8X3qsT6y46Wmhc1Pg/UoSU/mCITCzfktIuJVxzAgMB AAGjggKGMIICgjAdBgNVHQ4EFgQUyrq8EvCgM7wPeJ8+KPSxWqD3uT8wHwYDVR0j BBgwFoAUtJOlzr8J4QvDXZrCIR2v0glWh9owDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMC9CNDkzQTVDRUJG MDlFMTBCQzM1RDlBQzIyMTFEQUZEMjA5NTY4N0RBLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvQjQ5M0E1Q0VCRjA5RTEwQkMzNUQ5QUMyMjExREFGRDIwOTU2 ODdEQS5jZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMC9BUzEzOTk5NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwDAQCAAEwBgMEAmcD3DCBgQQCAAIw ezASAwcAJACYAGARAwcBJACYAGAUAwcBJACYAGAmAwcDJACYAGAwAwcCJACYAGBA AwcCJACYAGBQAwcBJACYAGBgMBIDBwAkAJgAYGUDBwAkAJgAYGYDBwAkAJgAYHAw EgMHACQAmABgcwMHACQAmABgdAMHACQAmABgdzANBgkqhkiG9w0BAQsFAAOCAQEA Oww3UVpVliFFW+4oOYCHoIhtgy2FUpHoPvNpNeKWpCRf7Mm8vTzEgFTFjr0fyx5O hizyCnFaWkj8EqoB/Ir89bYHnyvOLEdA285JFNjaFPUF8GOFsxdPXA2cBQUy3gsq pOa5O4bcMbVpGT2bf02zFmXRnPPtz5P8ur7oxAQbhcRyLBcMpl8rtkPvCH7jOmwM EolZd5HnPKUCGiiqOTl++lhUTI9tE8Hh9X0qOI6IDXX35QkffjnrNQuQTMIZDSrn +iY6xins3aVJ33lebBTqsNVqWngcwpw/QVHiO8Esy9bEPVmGbnkzI+xhKg2i/n3x d536aaexrjgt3/ZNtgSIng== -----END CERTIFICATE-----Generated at Tue Oct 28 17:37:12 2025 by rpki-client