$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS131702.roa File: AS131702.roa (raw, json) Hash identifier: oIVmoWvHTYjH6qy8hl+EIHNEvbzt9kIFfD0MitsFubw= Subject key identifier: 40:C0:5C:BE:57:1B:7E:56:E5:A5:12:0A:54:86:38:56:CF:BE:84:21 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 17C036FFAC6FE77D340F02F8DCDEFDF154E752B6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS131702.roa Signing time: Sat 02 May 2026 21:12:36 +0000 ROA not before: Sat 02 May 2026 21:07:36 +0000 ROA not after: Sat 01 May 2027 21:12:36 +0000 asID: 131702 IP address blocks: 103.154.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:c0:36:ff:ac:6f:e7:7d:34:0f:02:f8:dc:de:fd:f1:54:e7:52:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:07:36 2026 GMT Not After : May 1 21:12:36 2027 GMT Subject: CN=40C05CBE571B7E56E5A5120A54863856CFBE8421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:5f:f7:cc:81:fa:b7:03:af:b1:e9:b2:8e:04: 89:a2:f9:23:47:07:6c:63:d2:2a:28:f9:d8:87:09: 65:7f:5b:cb:93:bb:99:b0:d5:9d:b0:60:2a:c3:d6: 00:5e:bf:41:a0:73:1e:21:b2:8b:18:bd:fc:87:49: 9e:f5:8d:2c:b3:78:47:0a:f7:00:05:f8:a2:6d:bc: f5:a9:24:5d:b3:9c:dc:da:13:cf:c3:c8:ff:ca:6a: 65:12:1d:8f:8e:cf:3a:67:94:76:a8:c9:79:e0:8a: 9b:5b:94:0b:86:dc:d5:e4:e5:f9:97:f3:43:aa:5e: ce:60:08:ba:62:19:b7:1e:cc:f8:bc:e6:d1:0d:79: 78:69:20:c0:97:a6:f4:64:37:5a:d5:1e:03:4d:31: 42:a5:bf:50:9a:3b:d9:b1:72:97:a2:15:b5:1a:4a: 06:d2:0c:7c:d3:e0:90:39:13:e7:de:62:17:45:86: cd:42:1b:dd:0e:00:d0:c3:d3:49:69:95:d6:99:84: 8f:05:1b:52:bb:30:ab:d3:c2:7d:7c:52:cc:41:b8: 47:f4:d4:b3:23:c7:a1:1e:83:99:f8:a6:9f:b1:01: e8:0e:0e:97:df:86:30:fe:ac:fc:46:66:31:00:06: e0:a0:e2:75:1b:d1:ec:23:a2:39:95:a4:b4:e2:c3: 9b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:C0:5C:BE:57:1B:7E:56:E5:A5:12:0A:54:86:38:56:CF:BE:84:21 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS131702.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.154.227.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:85:43:9e:17:d6:c7:9a:a1:19:04:1f:98:e4:67:ee:18:d9: 77:46:6b:ff:e8:55:63:14:d2:be:04:de:1a:ca:47:ff:c7:a4: 5f:70:82:e6:c3:d0:db:69:02:a0:18:14:88:da:df:23:4d:2a: bd:d4:17:1a:88:b6:88:9b:49:64:bc:48:de:39:19:c6:88:38: be:eb:d7:ec:cd:0d:b9:90:db:62:e7:7b:51:72:94:98:f3:83: d5:a2:d6:0f:42:26:60:5d:49:63:4c:18:db:c0:ed:50:49:bc: 6b:51:ca:ef:2f:03:27:9a:fb:13:06:4c:03:55:42:a8:d4:9a: f3:d0:a5:93:e4:f4:0b:e5:19:f4:1c:2f:a5:2c:2b:30:6e:a0: a4:c7:88:30:7e:79:e0:30:49:21:3c:e4:5b:f3:14:82:49:1a: 81:13:ee:ff:72:c7:01:cf:67:64:69:07:14:66:b0:a8:bf:d0: 3a:0b:7e:89:13:e4:c6:0c:58:40:a3:29:84:10:c1:46:0d:73: 06:f1:9c:0c:fc:11:6d:18:5e:24:c6:42:2d:5b:10:f0:44:ea: ee:2f:c0:4e:8c:2f:9e:c6:e6:4a:d6:48:1f:e5:47:f2:3c:9b: 77:f1:15:11:4a:86:29:f7:4c:cd:05:5e:c3:b2:d8:c1:17:07: 44:8d:34:3c -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUF8A2/6xv5300DwL43N798VTnUrYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDczNloX DTI3MDUwMTIxMTIzNlowMzExMC8GA1UEAxMoNDBDMDVDQkU1NzFCN0U1NkU1QTUx MjBBNTQ4NjM4NTZDRkJFODQyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALhf98yB+rcDr7Hpso4EiaL5I0cHbGPSKij52IcJZX9by5O7mbDVnbBgKsPW AF6/QaBzHiGyixi9/IdJnvWNLLN4Rwr3AAX4om289akkXbOc3NoTz8PI/8pqZRId j47POmeUdqjJeeCKm1uUC4bc1eTl+ZfzQ6pezmAIumIZtx7M+Lzm0Q15eGkgwJem 9GQ3WtUeA00xQqW/UJo72bFyl6IVtRpKBtIMfNPgkDkT595iF0WGzUIb3Q4A0MPT SWmV1pmEjwUbUrswq9PCfXxSzEG4R/TUsyPHoR6Dmfimn7EB6A4Ol9+GMP6s/EZm MQAG4KDidRvR7COiOZWktOLDm90CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRAwFy+ Vxt+VuWlEgpUhjhWz76EITAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMxNzAyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZ5rjMA0GCSqGSIb3DQEBCwUAA4IBAQAKhUOeF9bHmqEZBB+Y5GfuGNl3 Rmv/6FVjFNK+BN4aykf/x6RfcILmw9DbaQKgGBSI2t8jTSq91BcaiLaIm0lkvEje ORnGiDi+69fszQ25kNti53tRcpSY84PVotYPQiZgXUljTBjbwO1QSbxrUcrvLwMn mvsTBkwDVUKo1Jrz0KWT5PQL5Rn0HC+lLCswbqCkx4gwfnngMEkhPORb8xSCSRqB E+7/cscBz2dkaQcUZrCov9A6C36JE+TGDFhAoymEEMFGDXMG8ZwM/BFtGF4kxkIt WxDwROruL8BOjC+exuZK1kgf5UfyPJt38RURSoYp90zNBV7DstjBFwdEjTQ8 -----END CERTIFICATE-----Generated at Sun May 3 00:40:30 2026 by rpki-client