$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS133789.roa File: AS133789.roa (raw, json) Hash identifier: y+PjCiA/GA1ML7tK7Krp0BZEEiKPDVP5n+gHmc5prqE= Subject key identifier: E7:B4:C4:82:2A:42:68:04:E0:D2:BE:7A:72:E9:FE:70:68:93:F1:BC Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4A785F317806C5F94686C38A71F9E1ED5F4AB750 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133789.roa Signing time: Sat 02 May 2026 21:06:51 +0000 ROA not before: Sat 02 May 2026 21:01:51 +0000 ROA not after: Sat 01 May 2027 21:06:51 +0000 asID: 133789 IP address blocks: 103.143.98.0/23 maxlen: 24 103.143.100.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:78:5f:31:78:06:c5:f9:46:86:c3:8a:71:f9:e1:ed:5f:4a:b7:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:01:51 2026 GMT Not After : May 1 21:06:51 2027 GMT Subject: CN=E7B4C4822A426804E0D2BE7A72E9FE706893F1BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ea:54:45:52:f7:d9:b0:c0:06:78:df:37:8c: 5e:20:d8:e3:86:a5:60:40:c9:33:e6:bf:a8:d4:0f: 07:54:b4:8b:4d:a5:7e:a2:8f:7d:23:13:91:84:1e: a2:2d:c2:64:05:4c:72:de:4a:d3:c9:a8:d9:ee:d9: 81:f8:dc:72:02:b1:71:5b:19:81:76:06:78:1c:64: a5:60:7b:89:a6:7f:2d:3f:5d:e1:cb:50:ae:73:b3: 0b:fc:f1:e6:93:07:eb:28:cb:14:64:59:6e:20:7f: 0a:1f:9e:45:3e:ef:09:76:13:af:7f:a7:23:72:e2: 1f:47:2d:a4:b8:b2:ec:4f:60:4d:ff:ff:7a:1c:ff: 24:33:78:38:aa:9d:d0:c0:cf:8b:24:5e:e7:a6:01: 93:56:70:3d:49:cc:9f:27:3a:4e:99:c9:da:8b:d1: ad:62:db:9c:50:61:20:68:f9:d5:18:ee:0e:f7:89: 49:9d:5c:85:af:e2:41:f3:32:89:5f:f0:95:ae:be: c5:78:13:a0:6b:0a:e8:4c:83:0e:fc:18:06:56:10: 6e:51:6a:39:6e:bf:be:6d:47:0f:4b:2a:68:44:35: 15:ce:13:aa:f6:2e:61:ef:df:4a:5e:b7:f1:ac:a3: 69:fe:4f:96:04:d2:44:cb:12:70:29:01:64:d6:71: b7:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:B4:C4:82:2A:42:68:04:E0:D2:BE:7A:72:E9:FE:70:68:93:F1:BC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133789.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.143.98.0-103.143.101.255 Signature Algorithm: sha256WithRSAEncryption a6:19:4d:b4:e1:f3:66:ea:4d:68:15:28:5c:70:ac:b0:c2:1f: cb:e5:bf:f2:d3:37:0b:3d:9f:d7:60:03:ae:2a:ba:52:4b:6e: 17:5b:f7:7e:1e:df:9d:21:69:64:89:c0:8c:a6:b0:c8:42:51: 58:fa:89:47:c2:57:d5:05:1f:cd:68:5b:fd:e8:8b:46:47:69: 03:99:c3:4d:50:ea:98:47:12:66:bb:3b:87:90:6b:7d:32:f9: 64:fc:4e:14:30:42:31:37:a1:f8:93:df:19:01:64:a6:4a:ba: db:d4:f0:fe:4c:4e:3c:d9:ec:a4:f2:6b:07:e8:24:59:d9:b5: 59:74:ba:2c:7a:1c:e7:07:1c:39:fc:54:0e:4e:4c:45:77:e6: 7f:b3:43:50:ff:7e:f6:21:62:5a:c3:25:34:20:23:e9:bd:8c: 8e:7d:bb:a0:96:45:00:44:2b:73:69:d6:e9:1c:be:60:3d:b2: 4e:f8:2a:0e:eb:04:30:bd:37:88:5f:79:f3:ee:49:84:0c:2c: ce:e9:62:d5:e5:e8:4b:30:2f:6f:d4:7a:b5:9d:f8:32:b7:a6: e8:d9:d2:fc:65:8c:a1:c1:12:5e:79:68:ca:39:43:af:f6:48: 48:65:3f:ba:06:6e:d8:fe:b4:6f:65:a1:28:28:e8:ca:fd:27: 31:89:b1:c4 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIUSnhfMXgGxflGhsOKcfnh7V9Kt1AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDE1MVoX DTI3MDUwMTIxMDY1MVowMzExMC8GA1UEAxMoRTdCNEM0ODIyQTQyNjgwNEUwRDJC RTdBNzJFOUZFNzA2ODkzRjFCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJbqVEVS99mwwAZ43zeMXiDY44alYEDJM+a/qNQPB1S0i02lfqKPfSMTkYQe oi3CZAVMct5K08mo2e7ZgfjccgKxcVsZgXYGeBxkpWB7iaZ/LT9d4ctQrnOzC/zx 5pMH6yjLFGRZbiB/Ch+eRT7vCXYTr3+nI3LiH0ctpLiy7E9gTf//ehz/JDN4OKqd 0MDPiyRe56YBk1ZwPUnMnyc6TpnJ2ovRrWLbnFBhIGj51RjuDveJSZ1cha/iQfMy iV/wla6+xXgToGsK6EyDDvwYBlYQblFqOW6/vm1HD0sqaEQ1Fc4TqvYuYe/fSl63 8ayjaf5PlgTSRMsScCkBZNZxtxcCAwEAAaOCAdQwggHQMB0GA1UdDgQWBBTntMSC KkJoBODSvnpy6f5waJPxvDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMzNzg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIA ATAOMAwDBAFnj2IDBAFnj2QwDQYJKoZIhvcNAQELBQADggEBAKYZTbTh82bqTWgV KFxwrLDCH8vlv/LTNws9n9dgA64qulJLbhdb934e350haWSJwIymsMhCUVj6iUfC V9UFH81oW/3oi0ZHaQOZw01Q6phHEma7O4eQa30y+WT8ThQwQjE3ofiT3xkBZKZK utvU8P5MTjzZ7KTyawfoJFnZtVl0uix6HOcHHDn8VA5OTEV35n+zQ1D/fvYhYlrD JTQgI+m9jI59u6CWRQBEK3Np1ukcvmA9sk74Kg7rBDC9N4hfefPuSYQMLM7pYtXl 6EswL2/UerWd+DK3pujZ0vxljKHBEl55aMo5Q6/2SEhlP7oGbtj+tG9loSgo6Mr9 JzGJscQ= -----END CERTIFICATE-----Generated at Sun May 3 00:40:40 2026 by rpki-client