$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS142393.roa File: AS142393.roa (raw, json) Hash identifier: 4dpBW7XaCC0Qy02FB/NGI6cuT9QuavWZ7ICmK6Bob/k= Subject key identifier: BC:EA:E6:B3:49:C0:1E:03:FA:97:77:50:BF:D4:7C:AD:63:E8:D4:C7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 38F8F05A5FC5E12E5A9BF4969B1748FC727AE839 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142393.roa Signing time: Sat 02 May 2026 08:34:49 +0000 ROA not before: Sat 02 May 2026 08:29:49 +0000 ROA not after: Sat 01 May 2027 08:34:49 +0000 asID: 142393 IP address blocks: 103.146.38.0/24 maxlen: 24 103.172.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:f8:f0:5a:5f:c5:e1:2e:5a:9b:f4:96:9b:17:48:fc:72:7a:e8:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:29:49 2026 GMT Not After : May 1 08:34:49 2027 GMT Subject: CN=BCEAE6B349C01E03FA977750BFD47CAD63E8D4C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:59:46:3a:b7:32:2a:05:9e:32:5b:29:63:d4: 9d:42:23:9e:d9:57:97:4d:90:58:86:ba:e2:10:e3: 3d:41:b0:f7:a8:ed:b7:59:54:a5:91:d3:26:36:19: 06:05:2e:79:48:21:fb:23:d2:47:f4:f2:a3:58:9f: 6b:ba:69:d0:52:24:d3:29:10:62:7e:b1:a1:7c:65: f8:d4:fc:36:a8:40:4d:fe:81:72:21:fa:3c:00:bb: d1:9f:b8:1f:f2:9e:d5:42:aa:dd:35:23:dd:f0:8c: 7f:6c:4b:10:53:98:97:b9:6a:c0:b4:1d:d1:8e:ba: 22:f0:a0:2b:5f:60:62:5a:47:39:ae:b0:a8:20:45: 8f:ca:39:5c:13:11:11:8d:4e:6a:b1:99:cb:e3:e3: 01:23:7e:df:c0:0a:0c:23:9b:70:96:35:9e:ff:c2: 9c:62:ea:00:dc:63:7e:f0:2a:ac:7c:7b:a5:e7:2c: 9f:b8:63:f7:83:95:5a:a5:4d:4a:cb:ae:d9:ef:f3: a6:99:55:1b:b9:01:7f:39:b5:a5:4b:a3:e0:20:1f: e4:b6:da:31:c8:7b:c4:4b:64:72:cd:16:29:8a:8a: 2a:0f:02:ed:a8:48:e5:b0:9a:9f:1f:7d:0b:b7:07: 77:36:ce:0e:f2:aa:86:af:6e:b1:d7:98:d3:4e:d4: 65:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:EA:E6:B3:49:C0:1E:03:FA:97:77:50:BF:D4:7C:AD:63:E8:D4:C7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS142393.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.146.38.0/24 103.172.42.0/24 Signature Algorithm: sha256WithRSAEncryption 42:cc:c4:2a:5e:67:f0:8c:ab:29:7f:07:6b:95:0f:25:d6:52: ad:12:b2:db:61:2c:3d:3a:3d:0a:28:c1:57:d5:88:89:e5:cd: ac:c2:3d:27:3d:86:26:59:75:b6:eb:f6:63:d7:a7:23:8a:9d: a1:aa:14:be:1e:8f:ed:17:b1:1e:fd:ed:69:ba:03:e7:11:77: 48:ce:49:93:38:ac:63:23:f2:80:69:66:4e:30:a1:77:9b:ff: f0:f4:77:57:31:7a:96:a8:4c:01:fd:0a:8c:31:af:61:d2:c9: fa:9e:a6:97:82:22:ad:2d:b8:d7:7b:91:4e:d7:c4:d1:f2:c4: 7e:ca:fe:c8:3b:dc:41:00:71:93:38:d2:01:82:79:aa:58:42: c2:4d:7a:ca:22:01:7b:d0:11:dd:64:3e:b8:b0:da:6f:1d:de: 70:c2:92:97:49:90:1d:be:4b:9b:89:fd:70:44:c0:62:e0:af: f7:b3:1e:d0:3b:fa:3a:54:a5:bb:00:6d:9b:c6:80:6d:92:5d: a5:b0:ef:be:6e:79:08:b1:74:c7:25:9b:cb:5e:f2:72:c7:c5: eb:a9:ad:70:42:15:f1:aa:2e:1d:f7:45:c8:46:93:b6:2f:f8: 80:33:e6:05:70:b4:81:9d:d1:a8:57:a7:dc:c2:10:98:d2:3f: ec:b7:8b:4f -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUOPjwWl/F4S5am/SWmxdI/HJ66DkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4Mjk0OVoX DTI3MDUwMTA4MzQ0OVowMzExMC8GA1UEAxMoQkNFQUU2QjM0OUMwMUUwM0ZBOTc3 NzUwQkZENDdDQUQ2M0U4RDRDNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPZZRjq3MioFnjJbKWPUnUIjntlXl02QWIa64hDjPUGw96jtt1lUpZHTJjYZ BgUueUgh+yPSR/Tyo1ifa7pp0FIk0ykQYn6xoXxl+NT8NqhATf6BciH6PAC70Z+4 H/Ke1UKq3TUj3fCMf2xLEFOYl7lqwLQd0Y66IvCgK19gYlpHOa6wqCBFj8o5XBMR EY1OarGZy+PjASN+38AKDCObcJY1nv/CnGLqANxjfvAqrHx7pecsn7hj94OVWqVN Ssuu2e/zpplVG7kBfzm1pUuj4CAf5LbaMch7xEtkcs0WKYqKKg8C7ahI5bCanx99 C7cHdzbODvKqhq9usdeY007UZT0CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBS86uaz ScAeA/qXd1C/1HytY+jUxzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQyMzkzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAZ5ImAwQAZ6wqMA0GCSqGSIb3DQEBCwUAA4IBAQBCzMQqXmfwjKspfwdr lQ8l1lKtErLbYSw9Oj0KKMFX1YiJ5c2swj0nPYYmWXW26/Zj16cjip2hqhS+Ho/t F7Ee/e1pugPnEXdIzkmTOKxjI/KAaWZOMKF3m//w9HdXMXqWqEwB/QqMMa9h0sn6 nqaXgiKtLbjXe5FO18TR8sR+yv7IO9xBAHGTONIBgnmqWELCTXrKIgF70BHdZD64 sNpvHd5wwpKXSZAdvkubif1wRMBi4K/3sx7QO/o6VKW7AG2bxoBtkl2lsO++bnkI sXTHJZvLXvJyx8Xrqa1wQhXxqi4d90XIRpO2L/iAM+YFcLSBndGoV6fcwhCY0j/s t4tP -----END CERTIFICATE-----Generated at Sun May 3 00:42:08 2026 by rpki-client