$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa File: AS136121.roa (raw, json) Hash identifier: otSUcLMjMtaKFBnKGJrXaG4u1z2elWNUfqTxQcuMoSI= Subject key identifier: 89:3F:16:35:01:87:E2:8A:62:07:4D:41:BB:43:C0:87:55:17:72:6D Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0B3BDF5FC98B0EE4CFF064E2AF5F05F40500B7E3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa Signing time: Sun 03 May 2026 05:38:47 +0000 ROA not before: Sun 03 May 2026 05:33:47 +0000 ROA not after: Sun 02 May 2027 05:38:47 +0000 asID: 136121 IP address blocks: 103.154.230.0/23 maxlen: 23 202.154.18.0/23 maxlen: 23 2406:5dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 13:33:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:3b:df:5f:c9:8b:0e:e4:cf:f0:64:e2:af:5f:05:f4:05:00:b7:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 05:33:47 2026 GMT Not After : May 2 05:38:47 2027 GMT Subject: CN=893F16350187E28A62074D41BB43C0875517726D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:61:de:39:e5:94:5c:11:5b:cb:94:a3:b0:df: 89:a3:e9:4e:09:7b:cf:73:93:8c:75:97:28:3a:0f: 7d:c5:4e:73:58:15:65:7d:bd:7c:26:c1:9f:8c:f5: f8:9b:84:89:0c:97:05:85:f4:e7:98:89:e0:e4:79: 09:0f:90:ab:ae:b9:a3:97:47:fd:43:cc:84:88:bb: dc:ed:d1:28:e1:78:7c:af:9d:d7:39:99:da:aa:ac: de:30:93:7d:9a:44:57:78:29:f7:26:2f:23:e7:ad: 44:da:ce:56:78:91:64:42:f8:5a:5a:39:90:38:94: ba:e9:57:6f:23:63:84:ae:9f:25:93:67:43:fd:4e: a6:45:bf:b7:56:22:4e:5b:bc:f6:8e:95:35:15:c1: 03:b6:72:07:ca:95:c7:46:98:8e:ef:57:62:06:25: 6a:2f:2b:36:f4:91:b3:98:6c:fd:53:26:35:6c:b1: 7c:c1:d4:a3:d1:fa:6c:ff:1e:c3:f5:de:64:73:cc: 74:16:a0:60:90:78:ae:24:33:bb:73:8e:22:5a:bf: ec:12:b1:8e:da:7f:aa:b0:17:90:83:54:b5:3d:51: 55:01:c0:a6:8b:79:6c:0f:eb:f4:44:38:e3:d6:0f: db:16:31:cb:ae:47:44:25:9b:48:aa:7b:f7:70:bb: 5c:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:3F:16:35:01:87:E2:8A:62:07:4D:41:BB:43:C0:87:55:17:72:6D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.154.230.0/23 202.154.18.0/23 IPv6: 2406:5dc0::/32 Signature Algorithm: sha256WithRSAEncryption 18:27:80:60:68:fd:08:14:04:fe:30:b1:07:28:6e:1c:71:65: fa:9a:49:bf:96:4e:5e:2f:7d:e4:7c:a7:eb:06:7b:a8:93:b5: 88:9e:ae:f8:d8:c5:20:7e:c7:33:7f:5d:88:c2:8f:cf:84:44: 4c:be:e5:f6:51:0e:96:6b:57:25:3f:c9:72:b4:0e:b2:17:77: 41:42:2e:8e:42:7d:61:8c:ae:26:22:e3:3f:e4:5e:eb:52:c8: a7:1f:16:b5:49:05:19:a9:7c:c9:33:60:75:a6:bf:01:91:a9: cc:f1:bf:8d:3f:9c:80:8b:53:9a:45:b9:0e:ad:25:d8:e0:c0: d5:07:91:8c:2b:ed:d7:6f:f6:53:41:0d:dc:ff:f9:27:fb:2a: 24:e8:7c:4b:48:98:6d:78:e8:99:38:73:34:ac:1e:67:a2:7b: 92:5e:17:cc:4f:7d:81:e1:e4:13:81:fa:0c:df:ba:cc:47:c5: 2f:c8:b8:81:3c:05:f9:2e:be:76:0f:f1:9c:ec:db:9f:90:c1: cf:dc:6f:25:29:93:ca:31:69:41:72:aa:35:d6:04:f4:b3:72: 85:9f:42:f4:1c:1f:bd:f7:6b:cb:44:f3:8c:93:38:44:42:4f: 77:59:10:f6:bc:04:5b:45:2f:e1:76:89:47:8e:e9:66:48:23: 57:a8:e5:c0 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUCzvfX8mLDuTP8GTir18F9AUAt+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA1MzM0N1oX DTI3MDUwMjA1Mzg0N1owMzExMC8GA1UEAxMoODkzRjE2MzUwMTg3RTI4QTYyMDc0 RDQxQkI0M0MwODc1NTE3NzI2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK9h3jnllFwRW8uUo7DfiaPpTgl7z3OTjHWXKDoPfcVOc1gVZX29fCbBn4z1 +JuEiQyXBYX055iJ4OR5CQ+Qq665o5dH/UPMhIi73O3RKOF4fK+d1zmZ2qqs3jCT fZpEV3gp9yYvI+etRNrOVniRZEL4Wlo5kDiUuulXbyNjhK6fJZNnQ/1OpkW/t1Yi Tlu89o6VNRXBA7ZyB8qVx0aYju9XYgYlai8rNvSRs5hs/VMmNWyxfMHUo9H6bP8e w/XeZHPMdBagYJB4riQzu3OOIlq/7BKxjtp/qrAXkINUtT1RVQHApot5bA/r9EQ4 49YP2xYxy65HRCWbSKp793C7XPMCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSJPxY1 AYfiimIHTUG7Q8CHVRdybTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2MTIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIA ATAMAwQBZ5rmAwQBypoSMA0EAgACMAcDBQAkBl3AMA0GCSqGSIb3DQEBCwUAA4IB AQAYJ4BgaP0IFAT+MLEHKG4ccWX6mkm/lk5eL33kfKfrBnuok7WInq742MUgfscz f12Iwo/PhERMvuX2UQ6Wa1clP8lytA6yF3dBQi6OQn1hjK4mIuM/5F7rUsinHxa1 SQUZqXzJM2B1pr8BkanM8b+NP5yAi1OaRbkOrSXY4MDVB5GMK+3Xb/ZTQQ3c//kn +yok6HxLSJhteOiZOHM0rB5nonuSXhfMT32B4eQTgfoM37rMR8UvyLiBPAX5Lr52 D/Gc7NufkMHP3G8lKZPKMWlBcqo11gT0s3KFn0L0HB+992vLRPOMkzhEQk93WRD2 vARbRS/hdolHjulmSCNXqOXA -----END CERTIFICATE-----Generated at Tue May 5 16:54:07 2026 by rpki-client