$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS139949.roa File: AS139949.roa (raw, json) Hash identifier: uVjFrMa+VvEW+7f0ogo3gZUrieNvhEi/XONd5iM8rP4= Subject key identifier: E2:85:0B:0F:FE:A1:14:7C:90:12:E1:B1:20:2A:84:90:0F:DC:D1:0C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 25C72CE6A0363FC9F8B83C953DBA478E6DFFC4A4 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139949.roa Signing time: Sat 02 May 2026 21:34:51 +0000 ROA not before: Sat 02 May 2026 21:29:51 +0000 ROA not after: Sat 01 May 2027 21:34:51 +0000 asID: 139949 IP address blocks: 103.147.52.0/23 maxlen: 24 2405:aac0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:c7:2c:e6:a0:36:3f:c9:f8:b8:3c:95:3d:ba:47:8e:6d:ff:c4:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:29:51 2026 GMT Not After : May 1 21:34:51 2027 GMT Subject: CN=E2850B0FFEA1147C9012E1B1202A84900FDCD10C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b8:55:3a:a5:52:cf:42:7e:aa:a5:35:be:4e: bb:99:89:de:89:f3:d7:74:0e:35:3d:6f:94:d9:57: f5:94:4e:6f:9b:4f:aa:2c:cc:b3:94:a4:e6:a5:a7: 90:56:f2:aa:6a:50:04:2a:8d:2f:2d:4d:12:e8:d3: 28:b5:0d:00:52:1d:fb:b3:fe:db:af:87:a7:1a:33: a5:dd:13:2a:af:63:11:60:b3:3a:d1:64:3f:cc:e3: e0:5d:70:57:8d:be:24:2f:08:b0:5c:92:24:b5:35: e5:3a:f0:17:cd:aa:fa:57:c0:34:f7:5d:78:cb:11: fa:9a:22:8a:1c:da:af:ee:96:49:dc:49:bf:5d:16: 37:b5:d2:da:9d:4d:59:7b:4c:7e:ab:5e:8f:b3:4b: 39:e6:4b:ed:dd:1f:d4:af:3c:57:10:00:15:89:6f: 95:a0:be:9a:37:74:13:60:60:35:ea:fc:b3:11:72: 75:b3:d2:ec:59:00:4a:79:07:c0:29:a9:20:38:07: 3f:40:9b:84:cc:d9:96:3b:a5:24:26:cc:6c:1f:bd: 0e:32:7e:1d:be:cc:c2:29:ce:e9:6f:1c:f1:08:df: 45:97:5f:33:93:c8:f5:8f:d2:6a:9f:77:3a:21:56: b9:5b:75:8b:3f:19:55:3f:df:6f:a5:18:d6:29:cd: 20:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:85:0B:0F:FE:A1:14:7C:90:12:E1:B1:20:2A:84:90:0F:DC:D1:0C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139949.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.147.52.0/23 IPv6: 2405:aac0::/32 Signature Algorithm: sha256WithRSAEncryption 86:b4:7a:c6:8c:fa:88:1d:a4:05:56:28:9c:25:09:ed:a2:b5: f1:6b:e2:8b:dc:11:2f:8a:9c:9d:70:eb:e6:3f:75:26:a4:04: 1c:e2:c1:19:67:9b:cb:72:54:4e:56:61:ea:dc:38:9a:e7:a9: 81:aa:01:88:f3:65:d0:2c:dd:5c:ad:1a:48:18:b9:6b:f9:a6: 06:aa:05:70:3c:7d:0c:a6:ea:dd:b1:53:e1:87:00:dc:03:16: 96:a7:a0:0b:f5:a0:67:ab:ba:fd:79:7a:ba:8a:08:89:54:a3: e9:f7:b3:ed:b9:ff:0e:60:d5:0e:db:dd:55:7e:2c:80:56:05: 93:ae:dc:d1:6a:52:82:c8:2b:0c:5b:63:31:a5:7d:8c:82:d1: 57:a2:1a:8f:46:b7:60:2d:bc:9a:b2:dc:9f:7f:68:e8:07:14: 93:7c:9c:c7:5c:18:10:b9:b2:58:67:ef:71:f2:ee:96:b7:4a: d3:0f:a4:38:9c:4e:fa:2c:1b:fa:13:87:8a:58:1c:48:2b:f8: 79:f3:83:2c:ca:6c:ee:04:b4:8a:28:3f:8c:7e:f5:f4:3b:f4: ac:8a:76:8d:69:24:59:52:99:a8:80:f1:2d:0a:77:d5:10:c6: 6a:d2:41:bb:cd:7c:d0:49:6c:ee:1f:b3:b4:91:7e:57:b5:c8: 96:f6:e2:01 -----BEGIN CERTIFICATE----- MIIE6DCCA9CgAwIBAgIUJccs5qA2P8n4uDyVPbpHjm3/xKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjk1MVoX DTI3MDUwMTIxMzQ1MVowMzExMC8GA1UEAxMoRTI4NTBCMEZGRUExMTQ3QzkwMTJF MUIxMjAyQTg0OTAwRkRDRDEwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+4VTqlUs9CfqqlNb5Ou5mJ3onz13QONT1vlNlX9ZROb5tPqizMs5Sk5qWn kFbyqmpQBCqNLy1NEujTKLUNAFId+7P+26+Hpxozpd0TKq9jEWCzOtFkP8zj4F1w V42+JC8IsFySJLU15TrwF82q+lfANPddeMsR+poiihzar+6WSdxJv10WN7XS2p1N WXtMfqtej7NLOeZL7d0f1K88VxAAFYlvlaC+mjd0E2BgNer8sxFydbPS7FkASnkH wCmpIDgHP0CbhMzZljulJCbMbB+9DjJ+Hb7MwinO6W8c8QjfRZdfM5PI9Y/Sap93 OiFWuVt1iz8ZVT/fb6UY1inNIA0CAwEAAaOCAdswggHXMB0GA1UdDgQWBBTihQsP /qEUfJAS4bEgKoSQD9zRDDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM5OTQ5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIA ATAGAwQBZ5M0MA0EAgACMAcDBQAkBarAMA0GCSqGSIb3DQEBCwUAA4IBAQCGtHrG jPqIHaQFViicJQntorXxa+KL3BEvipydcOvmP3UmpAQc4sEZZ5vLclROVmHq3Dia 56mBqgGI82XQLN1crRpIGLlr+aYGqgVwPH0MpurdsVPhhwDcAxaWp6AL9aBnq7r9 eXq6igiJVKPp97Ptuf8OYNUO291VfiyAVgWTrtzRalKCyCsMW2MxpX2MgtFXohqP RrdgLbyastyff2joBxSTfJzHXBgQubJYZ+9x8u6Wt0rTD6Q4nE76LBv6E4eKWBxI K/h584MsymzuBLSKKD+MfvX0O/SsinaNaSRZUpmogPEtCnfVEMZq0kG7zXzQSWzu H7O0kX5XtciW9uIB -----END CERTIFICATE-----Generated at Sun May 3 00:40:36 2026 by rpki-client