$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140389.roa File: AS140389.roa (raw, json) Hash identifier: bUXWRydQ1972r9toqTi+E8v4kl/OZMlaql3Gja39SGk= Subject key identifier: 5C:AA:90:00:B1:B1:02:FC:7B:F1:40:CC:F2:BA:0D:8C:07:35:E8:4C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 48F5D93522E2C30AB89ACE036B2F23A2EB5A557C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140389.roa Signing time: Sat 02 May 2026 21:18:58 +0000 ROA not before: Sat 02 May 2026 21:13:58 +0000 ROA not after: Sat 01 May 2027 21:18:58 +0000 asID: 140389 IP address blocks: 103.7.184.0/23 maxlen: 24 103.147.32.0/23 maxlen: 24 103.253.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:f5:d9:35:22:e2:c3:0a:b8:9a:ce:03:6b:2f:23:a2:eb:5a:55:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:13:58 2026 GMT Not After : May 1 21:18:58 2027 GMT Subject: CN=5CAA9000B1B102FC7BF140CCF2BA0D8C0735E84C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:4f:a3:e0:fd:b7:19:d8:87:38:5e:01:8a:4b: 5a:a6:15:97:5d:c8:ed:f6:61:e7:9e:f3:f7:1d:58: 34:77:e3:2f:fd:e3:8b:a9:27:73:a6:05:eb:4f:9a: 55:21:bf:7b:18:6e:93:61:99:e1:69:bb:03:55:9d: 5e:5c:47:86:8e:dd:56:48:10:e9:c0:c0:86:c9:e7: 7f:56:a9:50:d6:8d:81:36:38:12:15:8b:6d:f1:0a: 18:ba:4d:f9:c9:1b:9e:57:7b:48:8a:ed:5c:51:26: 23:d5:e8:ff:b1:fb:a9:c0:22:c2:88:d0:91:99:1c: d6:47:3b:77:87:72:66:15:cc:d2:79:4a:e4:90:94: 67:c0:3a:00:f5:98:c3:be:39:04:c0:86:a7:84:f2: f5:c9:53:d3:7d:34:fe:91:9e:ef:44:4f:e3:77:71: 78:5d:07:ae:1c:11:9b:42:4b:1f:24:ff:d4:52:66: 21:b1:61:20:60:60:8b:4e:e7:d1:8f:33:0f:c7:1e: 33:fd:62:16:c2:1e:4d:1f:ef:d6:4a:14:ed:7a:b3: 29:78:e4:33:8a:a3:31:b5:d6:4c:6b:90:59:7a:84: 3c:ca:86:da:bc:e9:10:a8:6a:63:50:60:92:e3:c0: fe:fd:d3:32:2b:32:6d:56:08:b0:69:6e:a9:b6:b0: 03:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AA:90:00:B1:B1:02:FC:7B:F1:40:CC:F2:BA:0D:8C:07:35:E8:4C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.7.184.0/23 103.147.32.0/23 103.253.244.0/23 Signature Algorithm: sha256WithRSAEncryption 9c:53:b1:eb:4c:e1:2a:15:d5:bd:8a:2f:8b:34:ab:b4:20:b4: b4:4d:0f:d4:5c:e0:5c:8a:7b:28:ec:2a:a2:98:a6:1a:64:35: 92:91:75:13:c9:a6:31:c9:31:4a:b4:a2:fc:a9:3b:7c:66:84: 39:e1:18:dd:1e:91:ac:2d:fd:bc:94:ef:48:e6:a6:ca:5f:79: 7c:44:9f:3f:2f:84:3c:79:22:93:35:2e:2a:9e:71:20:d9:9d: 47:b3:a0:63:ee:e9:60:bc:50:e3:79:1b:60:ff:39:05:a2:82: 20:f3:a4:69:32:d7:fc:56:68:a2:21:1c:30:19:62:c0:6f:c6: 45:e7:ed:a1:cf:0e:e8:68:af:4d:7d:ff:9d:88:0c:db:78:29: 99:cb:0c:cb:9b:a5:c0:a2:ea:7d:44:10:62:22:54:cf:bd:7e: 68:9a:24:d5:76:57:84:11:13:4a:90:5b:ab:fc:00:99:3c:7c: fc:86:fe:1c:86:f5:0c:08:af:86:b6:d8:c3:5c:39:49:08:5d: a1:43:f6:f4:3b:ad:8e:95:ab:20:48:1c:f0:92:aa:61:82:2f: 1f:3b:5d:a7:ba:11:df:13:80:1c:92:4b:ad:ba:14:f9:fe:1b: 53:6f:16:42:b0:1e:36:5a:66:6a:43:c0:fa:f6:38:e8:18:cd: 72:4c:ca:5b -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUSPXZNSLiwwq4ms4Day8joutaVXwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTM1OFoX DTI3MDUwMTIxMTg1OFowMzExMC8GA1UEAxMoNUNBQTkwMDBCMUIxMDJGQzdCRjE0 MENDRjJCQTBEOEMwNzM1RTg0QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKNPo+D9txnYhzheAYpLWqYVl13I7fZh557z9x1YNHfjL/3ji6knc6YF60+a VSG/exhuk2GZ4Wm7A1WdXlxHho7dVkgQ6cDAhsnnf1apUNaNgTY4EhWLbfEKGLpN +ckbnld7SIrtXFEmI9Xo/7H7qcAiwojQkZkc1kc7d4dyZhXM0nlK5JCUZ8A6APWY w745BMCGp4Ty9clT0300/pGe70RP43dxeF0HrhwRm0JLHyT/1FJmIbFhIGBgi07n 0Y8zD8ceM/1iFsIeTR/v1koU7XqzKXjkM4qjMbXWTGuQWXqEPMqG2rzpEKhqY1Bg kuPA/v3TMisybVYIsGluqbawA4kCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBRcqpAA sbEC/HvxQMzyug2MBzXoTDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMzg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIA ATASAwQBZwe4AwQBZ5MgAwQBZ/30MA0GCSqGSIb3DQEBCwUAA4IBAQCcU7HrTOEq FdW9ii+LNKu0ILS0TQ/UXOBcinso7CqimKYaZDWSkXUTyaYxyTFKtKL8qTt8ZoQ5 4RjdHpGsLf28lO9I5qbKX3l8RJ8/L4Q8eSKTNS4qnnEg2Z1Hs6Bj7ulgvFDjeRtg /zkFooIg86RpMtf8VmiiIRwwGWLAb8ZF5+2hzw7oaK9Nff+diAzbeCmZywzLm6XA oup9RBBiIlTPvX5omiTVdleEERNKkFur/ACZPHz8hv4chvUMCK+GttjDXDlJCF2h Q/b0O62OlasgSBzwkqphgi8fO12nuhHfE4AckkutuhT5/htTbxZCsB42WmZqQ8D6 9jjoGM1yTMpb -----END CERTIFICATE-----Generated at Sun May 3 00:41:11 2026 by rpki-client