$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS133823.roa File: AS133823.roa (raw, json) Hash identifier: zvpaRi92Urf2Gt4dfUpLm96WzgLIw3alCLJ9PZ3VMls= Subject key identifier: 13:40:06:92:6C:B4:DF:7C:82:0B:2C:17:78:CC:40:C4:64:39:21:82 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 53DD4D7B82DA8D948D34C924729D159D79C59FE0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133823.roa Signing time: Sat 02 May 2026 09:20:02 +0000 ROA not before: Sat 02 May 2026 09:15:02 +0000 ROA not after: Sat 01 May 2027 09:20:02 +0000 asID: 133823 IP address blocks: 103.161.140.0/24 maxlen: 24 103.161.141.0/24 maxlen: 24 103.162.130.0/24 maxlen: 24 103.162.131.0/24 maxlen: 24 103.211.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:dd:4d:7b:82:da:8d:94:8d:34:c9:24:72:9d:15:9d:79:c5:9f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:15:02 2026 GMT Not After : May 1 09:20:02 2027 GMT Subject: CN=134006926CB4DF7C820B2C1778CC40C464392182 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:01:b8:13:1f:76:32:56:e7:f9:a9:fa:e4:38: b9:61:ec:d4:9b:0e:8c:7a:c7:4d:b3:b5:ee:27:40: a3:33:49:f5:db:00:7b:d5:7a:48:46:b0:f9:20:8e: 17:68:0e:07:60:5e:44:f3:12:5d:10:36:3a:13:c3: f2:b6:91:80:db:6e:40:d5:59:ff:d3:38:42:db:9f: a1:7f:08:92:00:1d:5d:c5:a4:88:0d:1d:14:bb:24: f7:c2:e0:5d:7e:a1:01:6f:cd:b1:2d:1b:35:98:71: f3:b1:88:8a:19:8e:a0:70:e1:ed:c6:0d:7a:73:04: c4:d9:9e:3c:5b:19:de:04:dc:ef:5a:b3:17:49:fb: 28:d7:be:cc:c6:a0:a6:0b:6c:83:e9:4a:0b:35:ff: f8:bd:86:41:ee:81:55:f2:f0:93:09:e7:3e:ed:f1: c7:7b:55:83:bb:1e:18:d2:7d:a5:66:14:5d:30:f2: 1a:6d:bd:5f:c8:26:d7:00:9d:a4:51:27:4d:c8:72: 4b:b1:53:6e:04:cf:a3:75:3f:3f:d4:b1:76:ce:cd: 9d:87:65:65:65:f5:65:10:dc:4f:98:b2:66:6f:b8: 60:2a:98:60:c5:a0:5f:56:7d:03:ee:3a:ca:0f:1d: 85:53:b4:2d:5b:9e:40:08:22:0c:6d:e0:ae:a5:ea: 35:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:40:06:92:6C:B4:DF:7C:82:0B:2C:17:78:CC:40:C4:64:39:21:82 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133823.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.140.0/23 103.162.130.0/23 103.211.232.0/22 Signature Algorithm: sha256WithRSAEncryption 44:ca:c5:e0:ef:d9:2a:a3:6d:c5:26:bd:17:1f:a3:fd:ca:f8: 6f:e0:a0:2a:f5:62:1e:50:17:22:1d:24:50:6a:c2:bb:34:ce: 26:27:9f:a7:1b:31:be:d5:ea:ce:df:d2:21:94:5f:ae:8c:aa: a0:98:fc:94:7f:ee:0c:25:52:ef:41:3a:c0:f9:4c:0f:b6:2c: 4f:25:58:d1:54:8a:d7:ce:9a:5e:9c:6b:e2:a5:83:1e:22:9c: 2b:db:cf:36:9c:30:3a:75:70:2b:37:d5:46:4a:f4:64:e2:71: c3:ab:1b:1c:91:b0:4d:65:cf:4d:e3:e4:3d:60:0d:3e:a0:65: 33:19:80:08:1c:4d:71:44:db:01:02:45:c0:49:52:7f:ad:13: 52:b5:08:c7:92:f1:4a:36:1d:6f:2b:7b:57:16:d5:6c:e6:df: cd:be:8c:0d:45:56:21:58:a2:70:b0:7c:1f:34:45:d0:a5:74: 23:34:5d:1f:ee:5a:3d:db:e4:30:b3:ec:43:e6:c5:8e:74:77: 1d:99:74:8c:3b:e7:52:4d:57:5b:46:62:6b:a6:bd:a3:e1:e3: 22:70:7b:74:ce:2a:74:2f:2c:bd:ea:f5:45:24:3a:a6:27:f2: bc:28:fb:08:ba:df:c2:cd:07:57:ea:9c:fe:38:cb:b5:75:ff: 06:4c:51:60 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUU91Ne4LajZSNNMkkcp0VnXnFn+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTUwMloX DTI3MDUwMTA5MjAwMlowMzExMC8GA1UEAxMoMTM0MDA2OTI2Q0I0REY3QzgyMEIy QzE3NzhDQzQwQzQ2NDM5MjE4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKcBuBMfdjJW5/mp+uQ4uWHs1JsOjHrHTbO17idAozNJ9dsAe9V6SEaw+SCO F2gOB2BeRPMSXRA2OhPD8raRgNtuQNVZ/9M4QtufoX8IkgAdXcWkiA0dFLsk98Lg XX6hAW/NsS0bNZhx87GIihmOoHDh7cYNenMExNmePFsZ3gTc71qzF0n7KNe+zMag pgtsg+lKCzX/+L2GQe6BVfLwkwnnPu3xx3tVg7seGNJ9pWYUXTDyGm29X8gm1wCd pFEnTchyS7FTbgTPo3U/P9Sxds7NnYdlZWX1ZRDcT5iyZm+4YCqYYMWgX1Z9A+46 yg8dhVO0LVueQAgiDG3grqXqNS8CAwEAAaOCAdgwggHUMB0GA1UdDgQWBBQTQAaS bLTffIILLBd4zEDEZDkhgjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMzODIzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIA ATASAwQBZ6GMAwQBZ6KCAwQCZ9PoMA0GCSqGSIb3DQEBCwUAA4IBAQBEysXg79kq o23FJr0XH6P9yvhv4KAq9WIeUBciHSRQasK7NM4mJ5+nGzG+1erO39IhlF+ujKqg mPyUf+4MJVLvQTrA+UwPtixPJVjRVIrXzppenGvipYMeIpwr2882nDA6dXArN9VG SvRk4nHDqxsckbBNZc9N4+Q9YA0+oGUzGYAIHE1xRNsBAkXASVJ/rRNStQjHkvFK Nh1vK3tXFtVs5t/NvowNRVYhWKJwsHwfNEXQpXQjNF0f7lo92+Qws+xD5sWOdHcd mXSMO+dSTVdbRmJrpr2j4eMicHt0zip0Lyy96vVFJDqmJ/K8KPsIut/CzQdX6pz+ OMu1df8GTFFg -----END CERTIFICATE-----Generated at Sun May 3 00:42:22 2026 by rpki-client