$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS139977.roa File: AS139977.roa (raw, json) Hash identifier: BTIzKXMRyCbf/poZgjLDCg035F03U3e8JreCLMKnc2w= Subject key identifier: F1:C2:35:AE:03:01:B9:E7:9D:7B:D1:EF:CB:E4:CD:02:1B:A7:09:88 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3815D07E4D1CA31938E1E8BEDF245B3328009FFE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139977.roa Signing time: Sat 02 May 2026 08:37:06 +0000 ROA not before: Sat 02 May 2026 08:32:06 +0000 ROA not after: Sat 01 May 2027 08:37:06 +0000 asID: 139977 IP address blocks: 103.148.2.0/23 maxlen: 24 2405:c640::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:15:d0:7e:4d:1c:a3:19:38:e1:e8:be:df:24:5b:33:28:00:9f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:32:06 2026 GMT Not After : May 1 08:37:06 2027 GMT Subject: CN=F1C235AE0301B9E79D7BD1EFCBE4CD021BA70988 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:fe:62:8a:05:9f:26:69:35:cb:78:13:43:c1: 3d:c4:f6:0a:32:8d:2a:70:20:57:4d:4e:18:76:ab: 00:92:b6:eb:e9:15:aa:14:91:b8:f2:03:07:fc:e0: cd:92:27:91:d3:81:ae:62:eb:2c:49:ca:96:31:54: 9c:e6:44:8f:95:b8:3d:33:ba:fa:09:cf:41:5c:e2: 2d:77:cc:87:2a:3f:6c:f6:8c:3c:d8:7b:33:14:c0: 86:08:b7:79:5f:92:f0:2c:67:aa:61:04:26:ca:6a: 71:11:dc:0d:dd:a8:1c:0e:3f:61:bb:24:b2:08:b0: 2b:96:7e:78:26:c6:80:7a:22:2a:25:bf:37:97:05: 92:92:15:b3:92:8c:29:f8:ef:3e:4e:23:bc:f7:87: fa:f5:dc:7e:21:71:12:71:83:08:96:a0:fa:ee:19: f9:69:da:02:6d:82:4e:e9:9f:50:77:83:e1:a3:0d: fb:61:50:92:2f:71:9e:fd:dd:00:cd:d4:d0:54:84: 86:ca:07:9e:72:c9:ca:3a:7d:7b:18:b6:76:0b:fd: eb:23:1f:13:da:6e:77:1b:f8:f6:5b:38:1e:b7:0d: 0b:f3:31:2a:ea:9a:9a:5c:c0:89:14:89:6e:ac:08: d9:51:50:b2:7f:96:43:af:c0:09:36:4c:14:76:13: 77:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:C2:35:AE:03:01:B9:E7:9D:7B:D1:EF:CB:E4:CD:02:1B:A7:09:88 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139977.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.148.2.0/23 IPv6: 2405:c640::/32 Signature Algorithm: sha256WithRSAEncryption 51:7b:21:a7:cf:8f:a1:66:74:44:bd:99:20:8d:25:66:1b:b7: 98:29:9d:81:a5:c8:f3:c2:62:76:68:ab:8c:69:2d:8c:f6:00: e9:70:4a:57:37:0c:d7:cb:96:c8:e5:6e:d6:98:6a:39:15:4d: e8:4c:69:1e:17:71:2c:0b:7d:fd:34:b4:0a:59:06:f7:41:a1: 10:78:fd:1e:3e:4e:dd:4c:5d:a9:71:49:4f:a4:82:7c:6a:8f: b2:b3:e8:aa:f2:b0:63:eb:8d:9e:a1:22:b3:4a:b7:04:89:6b: 81:1e:a6:87:4f:aa:a9:00:e9:f8:17:ed:17:c9:91:3f:57:41: 0a:08:e4:39:6d:71:94:4e:e4:76:0d:71:cc:d3:ab:3c:b2:6b: 07:08:d6:70:3e:d5:d2:8e:f8:ba:bb:3c:56:85:e7:e2:f8:9b: 49:8d:65:47:64:8c:b1:cf:29:27:45:92:36:97:5c:c4:5c:cd: 9e:97:94:0c:58:18:a7:9e:8c:c2:c0:72:56:58:cd:91:40:12: 42:77:2a:2b:10:c2:d6:b5:c3:15:f0:2c:86:26:b4:70:fc:66: 74:e5:a7:dc:78:d9:ce:46:4f:bc:70:b6:e3:f8:44:c5:6a:95: 31:bf:97:07:b7:bb:1f:7e:ba:b4:63:2c:08:a1:1d:cc:8a:d6: 07:e5:ce:13 -----BEGIN CERTIFICATE----- MIIE6DCCA9CgAwIBAgIUOBXQfk0coxk44ei+3yRbMygAn/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzIwNloX DTI3MDUwMTA4MzcwNlowMzExMC8GA1UEAxMoRjFDMjM1QUUwMzAxQjlFNzlEN0JE MUVGQ0JFNENEMDIxQkE3MDk4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/+YooFnyZpNct4E0PBPcT2CjKNKnAgV01OGHarAJK26+kVqhSRuPIDB/zg zZInkdOBrmLrLEnKljFUnOZEj5W4PTO6+gnPQVziLXfMhyo/bPaMPNh7MxTAhgi3 eV+S8CxnqmEEJspqcRHcDd2oHA4/YbsksgiwK5Z+eCbGgHoiKiW/N5cFkpIVs5KM KfjvPk4jvPeH+vXcfiFxEnGDCJag+u4Z+WnaAm2CTumfUHeD4aMN+2FQki9xnv3d AM3U0FSEhsoHnnLJyjp9exi2dgv96yMfE9pudxv49ls4HrcNC/MxKuqamlzAiRSJ bqwI2VFQsn+WQ6/ACTZMFHYTdzUCAwEAAaOCAdswggHXMB0GA1UdDgQWBBTxwjWu AwG555170e/L5M0CG6cJiDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM5OTc3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIA ATAGAwQBZ5QCMA0EAgACMAcDBQAkBcZAMA0GCSqGSIb3DQEBCwUAA4IBAQBReyGn z4+hZnREvZkgjSVmG7eYKZ2BpcjzwmJ2aKuMaS2M9gDpcEpXNwzXy5bI5W7WmGo5 FU3oTGkeF3EsC339NLQKWQb3QaEQeP0ePk7dTF2pcUlPpIJ8ao+ys+iq8rBj642e oSKzSrcEiWuBHqaHT6qpAOn4F+0XyZE/V0EKCOQ5bXGUTuR2DXHM06s8smsHCNZw PtXSjvi6uzxWhefi+JtJjWVHZIyxzyknRZI2l1zEXM2el5QMWBinnozCwHJWWM2R QBJCdyorEMLWtcMV8CyGJrRw/GZ05afceNnORk+8cLbj+ETFapUxv5cHt7sffrq0 YywIoR3MitYH5c4T -----END CERTIFICATE-----Generated at Sun May 3 00:40:33 2026 by rpki-client