$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS147131.roa File: AS147131.roa (raw, json) Hash identifier: TLFYLW6EbqWOAbtregLIi36fsXFTNlBDhZT3iCIEu8o= Subject key identifier: 6F:00:85:81:EB:1D:D9:A9:69:7B:16:AB:E3:19:B5:19:F9:BB:42:B9 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 770DD61B5EFE056FEA5245320B2A29A31B976FCF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS147131.roa Signing time: Sat 02 May 2026 09:25:15 +0000 ROA not before: Sat 02 May 2026 09:20:15 +0000 ROA not after: Sat 01 May 2027 09:25:15 +0000 asID: 147131 IP address blocks: 138.252.178.0/23 maxlen: 24 165.99.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:0d:d6:1b:5e:fe:05:6f:ea:52:45:32:0b:2a:29:a3:1b:97:6f:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:15 2026 GMT Not After : May 1 09:25:15 2027 GMT Subject: CN=6F008581EB1DD9A9697B16ABE319B519F9BB42B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:99:58:21:2e:61:ac:80:37:96:77:e1:11:68: a4:b6:01:5c:41:cc:13:df:fa:00:6f:69:e0:75:90: 71:06:31:bf:c1:14:e2:2c:f4:2b:68:31:73:57:8a: 02:17:72:a9:01:7e:f3:56:5a:ae:97:d0:a1:bf:3d: 53:93:ed:c2:3e:ab:b0:de:e3:e6:e4:27:6c:58:78: 8a:3c:5b:a9:6d:fa:5a:fe:11:5f:36:c2:cb:96:74: c2:59:14:3b:14:e7:9d:11:a0:2b:31:99:44:ef:3e: 51:2f:98:47:3d:98:05:c3:b2:4a:eb:38:6e:56:20: 56:3d:bf:94:30:44:12:89:e8:cc:aa:bc:b5:04:7f: 63:01:e8:05:c5:b9:4a:0b:36:53:de:cf:18:e4:3b: d5:60:03:42:0e:d3:36:3d:aa:e6:b8:9a:4c:4c:06: a6:88:db:eb:3e:ed:27:18:20:89:be:10:59:16:ac: 61:dc:46:1b:b3:5d:bc:c9:3a:88:2d:07:c8:27:28: eb:8e:d2:1f:86:8f:4e:e0:8b:ed:cb:ad:00:6d:18: da:ad:96:92:01:38:30:78:5a:e5:0a:a9:e4:5f:0a: a8:8d:1a:96:05:b3:ea:c8:b0:24:d2:c5:ce:81:7e: ac:aa:63:b5:39:ac:18:91:10:07:7a:6e:32:35:69: cb:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:00:85:81:EB:1D:D9:A9:69:7B:16:AB:E3:19:B5:19:F9:BB:42:B9 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS147131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.178.0/23 165.99.160.0/24 Signature Algorithm: sha256WithRSAEncryption af:8e:2b:ea:02:bf:33:2c:8f:5d:79:f3:65:b3:bf:a9:60:00: 96:b9:ff:db:4c:41:ab:46:c5:dc:b0:ad:fc:38:cd:cf:ef:c6: 3c:b2:82:a0:e2:6b:f2:50:7b:cc:47:0f:ab:8d:4d:af:88:8a: fc:96:4f:ee:f2:d1:fb:bb:09:2d:5a:61:f9:6a:64:f3:9d:82: 5c:f2:85:cd:7e:5d:9c:3f:47:f0:03:fd:7e:e4:7d:0e:4f:8e: b4:e8:04:c0:26:e0:12:9a:a5:41:15:a2:1b:62:5f:17:fb:e2: b0:09:ea:4a:ab:0e:d1:7d:ac:22:4c:6b:a9:a3:3e:aa:27:53: 96:c4:3e:37:05:93:78:1e:7f:6f:05:56:a6:43:66:8a:b7:67: be:bf:12:23:27:2c:d5:8c:6a:77:7b:d3:45:79:3c:45:20:a9: 3c:cd:c6:62:56:f7:5a:a0:3c:7a:43:c6:46:bb:31:65:c4:e1: 71:c1:ac:89:f3:7a:44:22:e8:20:3c:23:59:5b:74:8d:d9:7d: a3:40:ae:cf:0d:96:2e:5b:71:cc:be:f2:ea:57:83:b1:1a:b7: bf:17:e2:9f:71:08:cb:38:f3:49:75:f8:d2:88:6d:8b:06:25: e5:c8:95:5e:3e:be:03:9c:a6:5b:18:b3:5e:8c:ae:e1:0e:9a: ea:1d:45:9d -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUdw3WG17+BW/qUkUyCyopoxuXb88wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAxNVoX DTI3MDUwMTA5MjUxNVowMzExMC8GA1UEAxMoNkYwMDg1ODFFQjFERDlBOTY5N0Ix NkFCRTMxOUI1MTlGOUJCNDJCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJyZWCEuYayAN5Z34RFopLYBXEHME9/6AG9p4HWQcQYxv8EU4iz0K2gxc1eK AhdyqQF+81ZarpfQob89U5Ptwj6rsN7j5uQnbFh4ijxbqW36Wv4RXzbCy5Z0wlkU OxTnnRGgKzGZRO8+US+YRz2YBcOySus4blYgVj2/lDBEEonozKq8tQR/YwHoBcW5 Sgs2U97PGOQ71WADQg7TNj2q5riaTEwGpojb6z7tJxggib4QWRasYdxGG7NdvMk6 iC0HyCco647SH4aPTuCL7cutAG0Y2q2WkgE4MHha5Qqp5F8KqI0algWz6siwJNLF zoF+rKpjtTmsGJEQB3puMjVpy+cCAwEAAaOCAdIwggHOMB0GA1UdDgQWBBRvAIWB 6x3ZqWl7FqvjGbUZ+btCuTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTQ3MTMxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQBivyyAwQApWOgMA0GCSqGSIb3DQEBCwUAA4IBAQCvjivqAr8zLI9defNl s7+pYACWuf/bTEGrRsXcsK38OM3P78Y8soKg4mvyUHvMRw+rjU2viIr8lk/u8tH7 uwktWmH5amTznYJc8oXNfl2cP0fwA/1+5H0OT4606ATAJuASmqVBFaIbYl8X++Kw CepKqw7RfawiTGupoz6qJ1OWxD43BZN4Hn9vBVamQ2aKt2e+vxIjJyzVjGp3e9NF eTxFIKk8zcZiVvdaoDx6Q8ZGuzFlxOFxwayJ83pEIuggPCNZW3SN2X2jQK7PDZYu W3HMvvLqV4OxGre/F+KfcQjLOPNJdfjSiG2LBiXlyJVePr4DnKZbGLNejK7hDprq HUWd -----END CERTIFICATE-----Generated at Sat May 2 21:03:36 2026 by rpki-client