$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140009.roa File: AS140009.roa (raw, json) Hash identifier: iNzSBScihsa2G6jbIPF1zDbpNqBidKG47RkqF+SPPJM= Subject key identifier: 8A:5A:39:AE:79:DE:71:51:B8:58:AD:F1:32:DD:A8:59:45:36:48:57 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 02126CCD109BCE5831B72A2CE7741FB7B9B753AC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140009.roa Signing time: Sat 02 May 2026 21:08:51 +0000 ROA not before: Sat 02 May 2026 21:03:51 +0000 ROA not after: Sat 01 May 2027 21:08:51 +0000 asID: 140009 IP address blocks: 103.149.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:12:6c:cd:10:9b:ce:58:31:b7:2a:2c:e7:74:1f:b7:b9:b7:53:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:03:51 2026 GMT Not After : May 1 21:08:51 2027 GMT Subject: CN=8A5A39AE79DE7151B858ADF132DDA85945364857 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:39:9a:fd:12:7e:97:70:74:8f:28:a2:23:b4: 3a:e2:e2:30:6e:39:6d:3a:6e:fc:46:ef:6b:7c:22: b8:27:22:68:7d:7d:93:1e:87:6c:42:75:b9:fb:4e: 94:de:e7:41:de:08:b3:6d:d3:b1:ef:2f:28:b1:84: 4f:65:79:c8:be:ef:a0:57:63:4e:bd:91:4d:03:81: ad:e2:83:62:6d:fa:8d:43:61:1b:3f:dd:90:55:dc: 2a:ba:45:8b:c1:70:a6:0b:92:16:4a:a4:07:fd:53: f9:fa:45:27:2a:18:e8:65:0d:ef:56:ea:2b:83:3c: 5b:47:d2:49:09:c4:0e:59:02:23:ed:5f:62:28:7e: cc:d2:96:72:42:ab:cc:f5:9d:4e:f2:28:5b:65:fc: 32:92:03:eb:d4:18:45:d5:2b:49:06:3a:00:68:bb: 2f:eb:c4:7f:8c:8b:6c:9d:1b:9a:dd:20:19:5c:0f: 4b:5c:aa:9c:bc:7d:a1:0b:74:62:96:15:8f:a0:ed: c3:f4:17:6e:59:09:dd:cc:22:60:3c:e2:c8:5a:db: e2:54:d9:08:c5:fa:f1:fb:55:57:6f:4d:ce:89:d2: 66:17:a3:d9:12:a3:50:df:d8:00:bf:b3:7b:37:dc: b4:6c:ca:6a:4d:ff:a5:6c:67:51:e9:5b:d9:15:f8: 76:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5A:39:AE:79:DE:71:51:B8:58:AD:F1:32:DD:A8:59:45:36:48:57 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.149.18.0/23 Signature Algorithm: sha256WithRSAEncryption 34:e0:3d:0b:7d:4a:42:94:9c:96:04:9b:73:f2:0d:a4:04:88: 7f:6c:05:9f:b9:e3:90:ba:2f:ad:62:81:d8:11:bc:e5:cd:9c: 30:50:be:f0:43:90:ad:40:3e:5f:37:e4:34:bd:0b:42:e8:38: 45:5e:b1:68:90:eb:42:7d:50:32:1f:65:7b:e4:e3:69:da:f6: 00:ba:d0:f7:a9:af:31:99:bb:6e:cb:fa:6c:54:3d:28:8b:8a: 74:90:db:09:26:6e:ce:ae:e8:6d:a3:1f:3a:ce:ca:b2:6d:a3: b8:a1:ee:fb:72:e0:3b:ee:e0:08:5d:25:56:3d:5e:3d:b6:89: a1:a0:9c:ab:f4:c7:35:a1:26:15:1d:1e:ed:dd:78:bc:bd:30: 11:9c:ba:d2:67:6e:84:ce:b3:d8:c9:95:37:ac:da:3f:11:b6: f8:3a:ee:c9:4f:50:07:b9:cb:66:48:a9:4f:8c:c7:e3:93:53: 82:29:0f:b2:c3:bc:c3:32:fb:e3:38:44:0c:78:fb:26:bf:48: ad:a9:58:6d:e6:78:f2:64:11:a5:f6:d9:54:76:29:64:65:76: 01:d0:87:d8:e6:0e:e1:f3:02:b7:2f:66:9a:51:9d:da:43:6a: fe:ef:4a:83:49:8c:d6:43:5d:95:71:db:6b:06:bf:d7:f8:f3: 9c:2a:33:67 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUAhJszRCbzlgxtyos53Qft7m3U6wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDM1MVoX DTI3MDUwMTIxMDg1MVowMzExMC8GA1UEAxMoOEE1QTM5QUU3OURFNzE1MUI4NThB REYxMzJEREE4NTk0NTM2NDg1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQ5mv0SfpdwdI8ooiO0OuLiMG45bTpu/Ebva3wiuCciaH19kx6HbEJ1uftO lN7nQd4Is23Tse8vKLGET2V5yL7voFdjTr2RTQOBreKDYm36jUNhGz/dkFXcKrpF i8FwpguSFkqkB/1T+fpFJyoY6GUN71bqK4M8W0fSSQnEDlkCI+1fYih+zNKWckKr zPWdTvIoW2X8MpID69QYRdUrSQY6AGi7L+vEf4yLbJ0bmt0gGVwPS1yqnLx9oQt0 YpYVj6Dtw/QXblkJ3cwiYDziyFrb4lTZCMX68ftVV29NzonSZhej2RKjUN/YAL+z ezfctGzKak3/pWxnUelb2RX4di0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSKWjmu ed5xUbhYrfEy3ahZRTZIVzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMDA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ5USMA0GCSqGSIb3DQEBCwUAA4IBAQA04D0LfUpClJyWBJtz8g2kBIh/ bAWfueOQui+tYoHYEbzlzZwwUL7wQ5CtQD5fN+Q0vQtC6DhFXrFokOtCfVAyH2V7 5ONp2vYAutD3qa8xmbtuy/psVD0oi4p0kNsJJm7Oruhtox86zsqybaO4oe77cuA7 7uAIXSVWPV49tomhoJyr9Mc1oSYVHR7t3Xi8vTARnLrSZ26EzrPYyZU3rNo/Ebb4 Ou7JT1AHuctmSKlPjMfjk1OCKQ+yw7zDMvvjOEQMePsmv0itqVht5njyZBGl9tlU dilkZXYB0IfY5g7h8wK3L2aaUZ3aQ2r+70qDSYzWQ12VcdtrBr/X+POcKjNn -----END CERTIFICATE-----Generated at Sun May 3 00:42:18 2026 by rpki-client