$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136841.roa File: AS136841.roa (raw, json) Hash identifier: hB8wsUBWXzWWbU1Rj7ylovzFZs1IOr5ol07TmPcU7DA= Subject key identifier: 03:BA:0C:DE:3E:1E:51:8E:2D:F6:00:B7:D8:FE:89:8D:C6:D4:96:D5 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 27F02CB27111A32BF353636A9B027852CB62485E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136841.roa Signing time: Sat 02 May 2026 21:10:23 +0000 ROA not before: Sat 02 May 2026 21:05:23 +0000 ROA not after: Sat 01 May 2027 21:10:23 +0000 asID: 136841 IP address blocks: 103.151.36.0/24 maxlen: 24 103.151.37.0/24 maxlen: 24 103.175.212.0/23 maxlen: 24 103.175.214.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:f0:2c:b2:71:11:a3:2b:f3:53:63:6a:9b:02:78:52:cb:62:48:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:05:23 2026 GMT Not After : May 1 21:10:23 2027 GMT Subject: CN=03BA0CDE3E1E518E2DF600B7D8FE898DC6D496D5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:40:cf:27:a7:7f:50:a2:25:c0:e8:2d:a0:24: 6e:48:47:c4:b3:80:a5:8b:39:32:81:d4:a8:4a:ed: e9:62:0c:0f:98:a8:df:26:ae:10:c5:50:6c:e2:bf: ef:1c:e0:d2:1f:2f:21:7d:ba:e0:3d:1f:df:9e:0e: 5e:82:05:8e:9a:6f:8b:4a:37:f5:25:c8:8d:da:16: 3b:41:62:f3:9a:de:be:2c:62:55:18:a1:8e:b2:c3: fa:6e:c1:8b:b6:c0:e7:ac:84:36:3a:11:63:6e:5b: 3f:ca:34:79:94:f5:95:14:7d:b9:3e:95:a9:04:68: 4d:a6:7b:c9:17:f2:bf:d0:85:7d:2c:55:98:22:fe: d2:3d:58:4c:ec:b1:44:c8:ea:29:46:ef:3b:81:e0: 19:65:3e:f1:30:73:e3:24:83:da:b2:87:c6:c5:bc: 64:08:94:e1:22:d8:a6:fa:10:94:c7:d3:18:2d:8a: e1:11:c5:c5:01:b5:bc:1e:f4:89:d9:e9:9f:7b:fe: d0:f4:cb:13:a1:64:1b:5b:30:0f:9c:e3:e8:fb:3e: f8:73:0f:f1:d2:d0:87:c5:ee:30:6c:a7:a7:ef:9b: 9b:9a:e9:c5:17:cf:8a:0f:60:6f:ca:b1:66:cc:9e: 16:2d:7b:b1:ba:8d:ff:89:c5:68:d7:3f:fc:94:5b: e5:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:BA:0C:DE:3E:1E:51:8E:2D:F6:00:B7:D8:FE:89:8D:C6:D4:96:D5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136841.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.151.36.0/23 103.175.212.0/22 Signature Algorithm: sha256WithRSAEncryption 22:4a:c0:5d:f7:fa:8e:88:43:af:ad:92:49:71:36:15:22:e9: 8f:16:19:ea:36:52:2a:5d:70:bb:85:c9:cd:a0:96:50:dc:77: 30:fe:99:b9:88:f0:54:f2:d7:31:42:73:92:20:ab:94:44:93: af:cd:a2:5c:e8:09:ab:d8:b4:7c:b1:7c:1b:9a:30:58:9b:98: ab:e7:e3:8a:f0:6b:ef:71:ec:4c:54:bd:fd:e0:65:fc:16:2c: b5:43:e5:59:d2:07:a9:1c:16:88:65:e1:18:95:be:b8:da:9c: 69:db:d2:f3:a5:b1:79:fb:2a:0e:c5:37:40:ed:79:e8:49:bc: ff:d4:23:2c:2f:02:94:2f:b2:43:f0:43:ad:e4:ec:48:e2:39: 7a:84:73:02:14:c1:d5:5d:aa:d8:07:14:8e:1d:fd:87:c3:11: b3:99:f0:31:b0:22:ec:6b:0a:e6:1d:26:8b:0a:4f:b3:fc:3f: 1b:76:73:c5:ce:5b:50:5d:ad:fc:12:4a:fc:55:b6:47:35:50: 95:a7:7e:a8:49:81:7c:87:47:0d:a6:e2:bf:3a:e6:13:1b:3f: 0a:63:7b:6d:19:96:8d:97:10:e0:46:48:a6:20:ca:bd:68:47: 64:a8:64:36:b5:11:66:de:cc:86:a6:dd:da:bf:7f:68:85:0b: 88:00:4a:f3 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUJ/AssnERoyvzU2NqmwJ4UstiSF4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDUyM1oX DTI3MDUwMTIxMTAyM1owMzExMC8GA1UEAxMoMDNCQTBDREUzRTFFNTE4RTJERjYw MEI3RDhGRTg5OERDNkQ0OTZENTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI1Azyenf1CiJcDoLaAkbkhHxLOApYs5MoHUqErt6WIMD5io3yauEMVQbOK/ 7xzg0h8vIX264D0f354OXoIFjppvi0o39SXIjdoWO0Fi85revixiVRihjrLD+m7B i7bA56yENjoRY25bP8o0eZT1lRR9uT6VqQRoTaZ7yRfyv9CFfSxVmCL+0j1YTOyx RMjqKUbvO4HgGWU+8TBz4ySD2rKHxsW8ZAiU4SLYpvoQlMfTGC2K4RHFxQG1vB70 idnpn3v+0PTLE6FkG1swD5zj6Ps++HMP8dLQh8XuMGynp++bm5rpxRfPig9gb8qx ZsyeFi17sbqN/4nFaNc//JRb5c8CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQDugze Ph5Rji32ALfY/omNxtSW1TAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2ODQxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQBZ5ckAwQCZ6/UMA0GCSqGSIb3DQEBCwUAA4IBAQAiSsBd9/qOiEOvrZJJ cTYVIumPFhnqNlIqXXC7hcnNoJZQ3Hcw/pm5iPBU8tcxQnOSIKuURJOvzaJc6Amr 2LR8sXwbmjBYm5ir5+OK8GvvcexMVL394GX8Fiy1Q+VZ0gepHBaIZeEYlb642pxp 29LzpbF5+yoOxTdA7XnoSbz/1CMsLwKUL7JD8EOt5OxI4jl6hHMCFMHVXarYBxSO Hf2HwxGzmfAxsCLsawrmHSaLCk+z/D8bdnPFzltQXa38Ekr8VbZHNVCVp36oSYF8 h0cNpuK/OuYTGz8KY3ttGZaNlxDgRkimIMq9aEdkqGQ2tRFm3syGpt3av39ohQuI AErz -----END CERTIFICATE-----Generated at Sun May 3 01:44:03 2026 by rpki-client