$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140386.roa File: AS140386.roa (raw, json) Hash identifier: qHX5HVqPq4+jQhsF4lAo8+Qn0dYcrhkHYIEx9xUp0so= Subject key identifier: CD:D7:81:2C:B2:2A:B8:31:4E:00:FD:CF:FD:93:5D:C0:AA:2E:55:A1 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2525E7AE9DA3E2AFFD9E094F8573317E67AE7C81 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140386.roa Signing time: Sat 02 May 2026 08:37:23 +0000 ROA not before: Sat 02 May 2026 08:32:23 +0000 ROA not after: Sat 01 May 2027 08:37:23 +0000 asID: 140386 IP address blocks: 103.149.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:25:e7:ae:9d:a3:e2:af:fd:9e:09:4f:85:73:31:7e:67:ae:7c:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:32:23 2026 GMT Not After : May 1 08:37:23 2027 GMT Subject: CN=CDD7812CB22AB8314E00FDCFFD935DC0AA2E55A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:23:73:13:13:07:f9:f6:a4:4c:da:c3:61:89: 61:a3:a2:9b:f2:46:d5:e1:5e:73:c8:9a:cb:28:58: 6f:f0:10:3e:c0:f2:60:08:8a:12:78:2c:a7:73:97: 4b:60:80:ff:48:7a:4e:63:b7:9e:a4:86:95:e4:70: 76:14:37:90:ff:3b:98:98:10:5b:a0:bc:2e:30:b2: 8c:c2:ea:ce:07:0a:37:e4:5f:d6:85:f7:9e:32:80: 97:13:53:4a:da:2f:34:f5:05:58:c9:a2:36:4a:44: 90:b3:aa:09:1c:41:bc:c4:b0:88:0f:37:e4:1e:f6: b0:26:ba:5c:41:4f:a1:06:b2:2b:fe:04:bd:4f:3e: f6:7e:c8:a9:13:3c:07:d5:f1:f0:2b:39:66:62:fc: 1e:a6:d5:20:d7:52:89:7b:d2:37:7b:f3:a3:e7:b1: 99:0d:27:35:8c:11:8d:51:2f:26:3f:c6:43:0f:fe: 80:c3:8f:a9:ee:98:76:a3:6b:fb:4e:34:fc:b7:bf: 7c:21:cb:88:7e:3f:2a:bd:a8:f3:c5:ae:6c:45:7b: a6:08:8f:ba:d3:0e:02:6d:c3:4c:a4:79:e9:0e:3d: 56:20:1c:cc:bc:bf:a9:c4:15:a2:e1:c3:f7:ef:8e: 11:92:ee:f2:37:57:9e:02:fb:99:e3:28:0a:3c:20: 27:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:D7:81:2C:B2:2A:B8:31:4E:00:FD:CF:FD:93:5D:C0:AA:2E:55:A1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140386.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.149.209.0/24 Signature Algorithm: sha256WithRSAEncryption 84:8e:18:7e:d0:e2:22:36:b9:ce:ef:2b:ab:d0:9c:4e:9f:64: 59:46:d6:67:57:f9:7b:d5:77:a6:dc:e9:66:2c:c2:a2:e3:d7: da:c1:9e:79:3b:cd:f1:f1:3b:0f:79:15:5e:ca:8e:79:b6:83: 2d:ee:95:2c:10:0f:08:4e:4b:57:3a:96:b2:ee:4e:d6:88:7e: 10:97:bc:7c:d0:4f:dd:e0:54:a2:8d:88:61:d5:b5:52:96:27: 9a:6c:0d:80:7c:e2:9f:b0:de:55:b6:c3:c6:72:54:3b:2e:8f: ca:b6:8c:41:5d:32:ae:3a:e4:0d:e4:fe:5c:00:c1:ff:70:68: dc:45:07:0c:f9:fd:2d:77:63:6b:aa:aa:29:3c:3a:d1:34:0d: a1:61:6f:c1:35:7d:50:18:87:6a:4a:5e:0c:c6:83:fb:b0:c4: 6e:17:48:f7:e7:5c:c0:42:f9:03:37:d5:2a:fe:27:40:28:ab: b4:8d:51:55:a9:d6:b4:23:b7:52:af:b2:3d:3e:c8:43:99:c6: cd:1d:29:d8:5e:2e:52:db:ca:99:58:db:52:8c:a9:99:47:70: fa:e4:07:ac:65:47:d6:b0:7c:ce:43:69:66:35:de:47:10:62: d9:a3:9f:bb:d2:79:53:66:03:d3:c6:1b:7e:c5:8b:7e:e4:da: c1:79:0e:3d -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUJSXnrp2j4q/9nglPhXMxfmeufIEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzIyM1oX DTI3MDUwMTA4MzcyM1owMzExMC8GA1UEAxMoQ0RENzgxMkNCMjJBQjgzMTRFMDBG RENGRkQ5MzVEQzBBQTJFNTVBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK0jcxMTB/n2pEzaw2GJYaOim/JG1eFec8iayyhYb/AQPsDyYAiKEngsp3OX S2CA/0h6TmO3nqSGleRwdhQ3kP87mJgQW6C8LjCyjMLqzgcKN+Rf1oX3njKAlxNT StovNPUFWMmiNkpEkLOqCRxBvMSwiA835B72sCa6XEFPoQayK/4EvU8+9n7IqRM8 B9Xx8Cs5ZmL8HqbVINdSiXvSN3vzo+exmQ0nNYwRjVEvJj/GQw/+gMOPqe6YdqNr +040/Le/fCHLiH4/Kr2o88WubEV7pgiPutMOAm3DTKR56Q49ViAczLy/qcQVouHD 9++OEZLu8jdXngL7meMoCjwgJ5ECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTN14Es siq4MU4A/c/9k13Aqi5VoTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMzg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZ5XRMA0GCSqGSIb3DQEBCwUAA4IBAQCEjhh+0OIiNrnO7yur0JxOn2RZ RtZnV/l71Xem3OlmLMKi49fawZ55O83x8TsPeRVeyo55toMt7pUsEA8ITktXOpay 7k7WiH4Ql7x80E/d4FSijYhh1bVSlieabA2AfOKfsN5VtsPGclQ7Lo/KtoxBXTKu OuQN5P5cAMH/cGjcRQcM+f0td2NrqqopPDrRNA2hYW/BNX1QGIdqSl4MxoP7sMRu F0j351zAQvkDN9Uq/idAKKu0jVFVqda0I7dSr7I9PshDmcbNHSnYXi5S28qZWNtS jKmZR3D65AesZUfWsHzOQ2lmNd5HEGLZo5+70nlTZgPTxht+xYt+5NrBeQ49 -----END CERTIFICATE-----Generated at Sun May 3 00:40:38 2026 by rpki-client