$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS133844.roa File: AS133844.roa (raw, json) Hash identifier: fuA8sAMjFUXtcEi9HUqGSvnBDvHwtHVRb8FeLEGCXHI= Subject key identifier: EC:44:B3:2A:DD:C5:CD:40:8D:86:00:32:40:A3:4C:FC:D9:A6:D8:27 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4B4A0D501EBCCF9647A9CD04DFC81CB7BC316938 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133844.roa Signing time: Sat 02 May 2026 09:21:09 +0000 ROA not before: Sat 02 May 2026 09:16:09 +0000 ROA not after: Sat 01 May 2027 09:21:09 +0000 asID: 133844 IP address blocks: 103.193.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:4a:0d:50:1e:bc:cf:96:47:a9:cd:04:df:c8:1c:b7:bc:31:69:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:09 2026 GMT Not After : May 1 09:21:09 2027 GMT Subject: CN=EC44B32ADDC5CD408D86003240A34CFCD9A6D827 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:0f:b6:de:c6:4d:d7:bc:2a:57:69:32:13:f2: 73:b1:36:82:ae:b1:58:f0:db:cf:e3:a3:af:bd:91: 6f:3b:0e:3b:29:29:a0:50:97:88:3e:c5:c3:8d:38: a1:1b:51:bb:e5:9e:c9:b0:88:11:d2:45:b2:0b:96: 30:2f:c0:81:04:1f:1a:db:06:8d:79:a3:25:bb:e2: 4a:50:44:1c:97:26:db:39:c8:da:4e:fb:d6:43:35: 67:be:6c:fd:63:4b:24:f0:dc:93:9e:7f:48:ed:57: 5d:74:6c:c9:16:dd:54:52:8c:c7:df:0b:6e:2b:98: 7c:63:81:59:60:93:ea:0e:c0:a4:7a:8b:0d:8c:b1: 3e:8e:8c:ea:84:37:44:00:29:92:06:09:9c:c0:62: 05:66:a4:53:0d:f7:1d:a7:a9:44:4f:14:99:7b:54: 7e:24:2b:1d:3b:7e:a4:fb:63:8f:86:f2:3f:27:45: 0d:b9:c8:09:8f:b0:72:96:6b:ea:61:67:76:84:7b: 40:70:01:89:d1:99:66:f2:13:97:d2:e4:5a:e0:e6: b6:59:79:92:2e:75:fd:ef:1e:c4:fe:13:7a:23:e9: 0a:5b:90:dd:03:4d:1e:e3:a4:6f:d9:ad:36:da:59: e9:3c:76:08:b2:4b:b0:ac:6f:a5:24:aa:95:d9:7a: 68:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:44:B3:2A:DD:C5:CD:40:8D:86:00:32:40:A3:4C:FC:D9:A6:D8:27 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133844.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.193.19.0/24 Signature Algorithm: sha256WithRSAEncryption 9a:05:5a:5e:42:47:3c:93:a2:37:48:88:f5:8b:33:79:f2:4e: 0a:72:c6:a3:46:07:01:db:00:da:02:c6:96:8e:ab:1b:b8:6a: 08:ac:dd:6a:19:fa:d5:7d:e5:8d:fd:91:2e:02:3f:85:9b:a5: 57:59:78:ca:70:1e:a0:8b:b6:ff:96:28:b5:99:09:9a:04:2a: 03:06:8d:71:ce:d5:db:f8:06:27:21:67:3a:57:49:a1:ab:68: 2b:ef:e9:7b:5d:13:60:e0:7d:10:b1:31:d3:95:02:35:db:63: 4c:a2:cf:0e:0e:65:e9:23:ae:67:ab:bb:7f:f4:88:81:6f:64: 6e:a2:89:0c:10:ce:f2:ef:54:6a:73:1b:03:48:b8:57:5e:ac: 1d:70:e5:91:bc:84:65:a9:96:bd:8a:2c:73:7b:48:ab:f1:43: 70:bc:fb:e9:5a:5b:bd:f1:e6:9a:6b:e5:1b:88:94:45:70:8e: 10:9b:28:f5:dc:d8:ab:4a:6c:50:da:f9:a8:d7:45:67:e7:34: 56:9b:52:1e:b1:70:c5:5b:7b:ee:9e:e3:0a:a0:07:60:74:f2: dd:c7:62:94:31:c7:55:c7:24:09:c4:3e:09:39:bd:d5:16:52: 75:38:1b:68:4c:43:c3:34:c9:a9:19:c2:f7:bc:c0:a3:01:59: 0d:18:97:63 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUS0oNUB68z5ZHqc0E38gct7wxaTgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTYwOVoX DTI3MDUwMTA5MjEwOVowMzExMC8GA1UEAxMoRUM0NEIzMkFEREM1Q0Q0MDhEODYw MDMyNDBBMzRDRkNEOUE2RDgyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQPtt7GTde8KldpMhPyc7E2gq6xWPDbz+Ojr72RbzsOOykpoFCXiD7Fw404 oRtRu+WeybCIEdJFsguWMC/AgQQfGtsGjXmjJbviSlBEHJcm2znI2k771kM1Z75s /WNLJPDck55/SO1XXXRsyRbdVFKMx98LbiuYfGOBWWCT6g7ApHqLDYyxPo6M6oQ3 RAApkgYJnMBiBWakUw33HaepRE8UmXtUfiQrHTt+pPtjj4byPydFDbnICY+wcpZr 6mFndoR7QHABidGZZvITl9LkWuDmtll5ki51/e8exP4TeiPpCluQ3QNNHuOkb9mt NtpZ6Tx2CLJLsKxvpSSqldl6aJcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTsRLMq 3cXNQI2GADJAo0z82abYJzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMzODQ0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZ8ETMA0GCSqGSIb3DQEBCwUAA4IBAQCaBVpeQkc8k6I3SIj1izN58k4K csajRgcB2wDaAsaWjqsbuGoIrN1qGfrVfeWN/ZEuAj+Fm6VXWXjKcB6gi7b/lii1 mQmaBCoDBo1xztXb+AYnIWc6V0mhq2gr7+l7XRNg4H0QsTHTlQI122NMos8ODmXp I65nq7t/9IiBb2RuookMEM7y71RqcxsDSLhXXqwdcOWRvIRlqZa9iixze0ir8UNw vPvpWlu98eaaa+UbiJRFcI4Qmyj13NirSmxQ2vmo10Vn5zRWm1IesXDFW3vunuMK oAdgdPLdx2KUMcdVxyQJxD4JOb3VFlJ1OBtoTEPDNMmpGcL3vMCjAVkNGJdj -----END CERTIFICATE-----Generated at Sun May 3 00:42:11 2026 by rpki-client