$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS139370.roa File: AS139370.roa (raw, json) Hash identifier: wq7CuWhEbGjxBppkzx7jxtAryo6HmL2uG3MpRmr6BTc= Subject key identifier: 89:F3:CA:36:1F:7B:A5:41:7E:DB:80:AD:A5:44:C6:57:40:3E:F7:F2 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5AF801E3469D80DE65AA0E0DA33DC3B1A18682DF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139370.roa Signing time: Sat 02 May 2026 21:34:24 +0000 ROA not before: Sat 02 May 2026 21:29:24 +0000 ROA not after: Sat 01 May 2027 21:34:24 +0000 asID: 139370 IP address blocks: 103.142.94.0/23 maxlen: 24 103.157.144.0/23 maxlen: 24 2405:3040::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:f8:01:e3:46:9d:80:de:65:aa:0e:0d:a3:3d:c3:b1:a1:86:82:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:29:24 2026 GMT Not After : May 1 21:34:24 2027 GMT Subject: CN=89F3CA361F7BA5417EDB80ADA544C657403EF7F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:4c:d7:9c:1b:30:a4:38:eb:d7:5d:46:02:cb: fa:9e:9f:d1:1f:f1:d9:92:68:f1:ba:10:53:14:22: 2c:33:da:18:e4:dd:08:37:4b:2f:2b:97:20:9d:0d: 26:7d:b3:c2:32:dc:5c:fe:87:cf:55:d1:90:15:86: fd:4e:ab:c2:3e:be:39:a6:e4:ac:02:1f:39:83:80: 4e:09:ba:cf:70:7f:b6:9e:97:a6:d1:a6:d0:5f:1f: 2f:ba:85:81:4f:6b:b1:cb:aa:51:fe:44:8b:c9:c4: 6d:08:49:63:e6:e0:74:2b:75:61:b0:32:b5:0a:d7: 6d:c8:6e:ed:d5:e0:f9:79:1e:e7:da:39:f4:85:40: a5:18:38:76:0a:62:1b:54:d1:3c:5d:56:f8:30:23: 14:7e:72:9c:53:0e:1d:32:2e:5d:8e:1c:f1:54:11: 1d:2d:57:50:9d:a1:ca:8e:07:6c:39:f3:fc:03:78: 3f:d6:44:b5:da:cc:94:b4:12:59:1e:61:e7:62:5c: b0:e3:4a:00:ba:e4:0a:1f:a8:d8:dc:72:49:7d:d6: b0:24:03:22:50:42:48:89:de:c4:73:21:7d:4f:c2: 7d:92:65:48:47:6b:87:b1:34:b1:72:fe:62:54:19: 57:36:c1:25:45:dd:c3:99:83:1a:28:65:d6:2f:e3: cd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:F3:CA:36:1F:7B:A5:41:7E:DB:80:AD:A5:44:C6:57:40:3E:F7:F2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139370.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.142.94.0/23 103.157.144.0/23 IPv6: 2405:3040::/32 Signature Algorithm: sha256WithRSAEncryption 1d:f8:7f:ff:9d:3d:15:a5:ea:ca:16:85:a8:44:ac:3b:6c:87: 1a:9f:f7:ea:7f:d9:bd:05:06:93:d1:5c:22:bd:b3:32:9d:c7: da:0c:7c:6a:0f:dc:02:4b:fb:ed:20:08:0f:40:1c:5f:e7:6d: 78:bd:c3:79:08:17:86:5b:8e:99:ec:50:15:f4:3d:aa:19:ab: f4:bf:d5:28:fc:92:18:81:b3:b4:f6:84:e6:9f:0a:52:6d:61: 67:c2:01:88:cd:51:00:7c:47:c8:78:bb:47:3b:20:bb:dc:88: eb:5f:8f:82:16:fd:10:07:80:0c:78:c5:7f:5a:46:d3:f6:b6: f0:3d:5b:7f:15:38:82:ee:ca:15:3d:ae:8f:92:4e:19:8e:cd: 11:4a:6e:fd:3f:a3:36:9c:4c:36:a3:a8:a0:28:71:28:8d:25: 0b:49:ea:fa:d8:a1:2f:4c:ad:e2:5c:38:df:07:98:bd:f8:e7: 1c:2e:60:c4:1a:2d:07:aa:95:34:95:c5:36:d9:09:d7:b0:b1: 3a:92:54:70:21:b3:2e:51:ab:aa:61:94:e7:96:e9:6d:32:62: df:76:1b:36:b0:61:8b:f0:a5:a9:b7:c3:d0:e4:a1:ca:5a:ac: 87:73:56:10:a8:88:cd:f3:71:98:32:c3:a3:e7:f4:d9:bf:0d: df:be:72:86 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUWvgB40adgN5lqg4Noz3DsaGGgt8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjkyNFoX DTI3MDUwMTIxMzQyNFowMzExMC8GA1UEAxMoODlGM0NBMzYxRjdCQTU0MTdFREI4 MEFEQTU0NEM2NTc0MDNFRjdGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMhM15wbMKQ469ddRgLL+p6f0R/x2ZJo8boQUxQiLDPaGOTdCDdLLyuXIJ0N Jn2zwjLcXP6Hz1XRkBWG/U6rwj6+OabkrAIfOYOATgm6z3B/tp6XptGm0F8fL7qF gU9rscuqUf5Ei8nEbQhJY+bgdCt1YbAytQrXbchu7dXg+Xke59o59IVApRg4dgpi G1TRPF1W+DAjFH5ynFMOHTIuXY4c8VQRHS1XUJ2hyo4HbDnz/AN4P9ZEtdrMlLQS WR5h52JcsONKALrkCh+o2NxySX3WsCQDIlBCSInexHMhfU/CfZJlSEdrh7E0sXL+ YlQZVzbBJUXdw5mDGihl1i/jzdECAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSJ88o2 H3ulQX7bgK2lRMZXQD738jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM5MzcwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIA ATAMAwQBZ45eAwQBZ52QMA0EAgACMAcDBQAkBTBAMA0GCSqGSIb3DQEBCwUAA4IB AQAd+H//nT0VperKFoWoRKw7bIcan/fqf9m9BQaT0VwivbMyncfaDHxqD9wCS/vt IAgPQBxf5214vcN5CBeGW46Z7FAV9D2qGav0v9Uo/JIYgbO09oTmnwpSbWFnwgGI zVEAfEfIeLtHOyC73IjrX4+CFv0QB4AMeMV/WkbT9rbwPVt/FTiC7soVPa6Pkk4Z js0RSm79P6M2nEw2o6igKHEojSULSer62KEvTK3iXDjfB5i9+OccLmDEGi0HqpU0 lcU22QnXsLE6klRwIbMuUauqYZTnlultMmLfdhs2sGGL8KWpt8PQ5KHKWqyHc1YQ qIjN83GYMsOj5/TZvw3fvnKG -----END CERTIFICATE-----Generated at Sun May 3 01:44:42 2026 by rpki-client