$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa File: AS147121.roa (raw, json) Hash identifier: YlrHp39roEWBKNWOOuiqKHTV57D+o31HtAwfBjLCfCk= Subject key identifier: 2F:4A:5F:38:07:8E:49:9E:30:D2:73:98:C6:A6:06:30:6A:E2:38:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5B96CEEDD4628B4A12C9E3025A223020C4B91C41 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa Signing time: Sat 02 May 2026 21:24:34 +0000 ROA not before: Sat 02 May 2026 21:19:34 +0000 ROA not after: Sat 01 May 2027 21:24:34 +0000 asID: 147121 IP address blocks: 103.141.196.0/23 maxlen: 24 2001:df1:17c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:96:ce:ed:d4:62:8b:4a:12:c9:e3:02:5a:22:30:20:c4:b9:1c:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:19:34 2026 GMT Not After : May 1 21:24:34 2027 GMT Subject: CN=2F4A5F38078E499E30D27398C6A606306AE2389E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:75:e8:9a:5c:87:23:f7:40:f0:9c:77:02:15: 11:3f:c0:72:e5:ff:f1:ea:f5:bf:4b:84:f8:2a:db: 89:9e:43:bd:85:c1:ba:bb:8b:5f:42:cb:58:af:73: 8c:6b:b2:2a:0a:30:2d:1f:cc:70:89:44:04:33:05: 7b:6b:b8:13:70:e6:aa:6b:bf:59:e6:d9:fc:6a:95: c1:2a:e8:b9:4b:58:77:a6:f9:f0:76:8d:34:fb:5b: fd:76:32:23:15:03:38:d2:52:14:2c:ed:33:70:93: 0b:d8:9d:84:20:5f:3f:ca:cb:28:bf:ea:dd:e8:37: a0:c0:99:c0:3f:ab:01:23:78:da:8f:56:88:f4:62: ec:89:be:85:cc:71:cf:0e:16:b7:2c:c5:d7:1c:f9: b8:bd:5f:cf:bd:c2:87:6f:a9:ec:d2:1e:96:bf:24: 59:7d:15:12:fa:5c:2c:ab:d1:25:1d:e2:73:9f:68: d9:1d:4d:45:eb:f5:b4:ab:89:0a:c2:e3:c3:78:07: 42:d8:43:20:89:4d:34:9d:18:8d:7b:02:14:2c:4b: 42:4b:60:35:91:d1:b3:af:60:5f:98:90:4a:40:6d: c4:34:21:96:ff:e4:b2:03:e0:fd:77:c6:c0:05:5e: 79:4a:44:01:cd:90:4c:df:83:ef:5b:4e:91:4e:ef: 07:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:4A:5F:38:07:8E:49:9E:30:D2:73:98:C6:A6:06:30:6A:E2:38:9E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.141.196.0/23 IPv6: 2001:df1:17c0::/48 Signature Algorithm: sha256WithRSAEncryption 90:ab:01:3c:df:e2:6e:85:a5:c4:81:7e:ac:e5:12:7b:91:47: dd:ef:d8:b8:62:1b:e6:7f:82:cb:4a:7d:58:f1:cb:c7:73:fd: f7:57:b9:8c:07:1c:ef:2d:9a:0f:c6:38:84:5a:5c:23:50:06: f2:21:04:cb:9b:bb:0d:0b:8a:ed:f3:53:61:00:6e:99:fe:55: a7:c2:77:6d:10:93:b4:c9:0a:c5:33:54:ba:64:00:c8:48:3d: 15:85:d7:25:56:2d:12:0b:d6:49:27:de:5b:21:a4:eb:aa:d4: bb:f0:fd:fc:cc:03:0b:6d:ca:bb:9a:80:5a:92:47:79:0d:b4: 73:34:4b:f2:72:77:7a:0a:98:4b:1a:8e:2b:da:90:e5:ff:86: 7f:2b:76:8c:6e:f1:f3:7e:b9:68:4e:ce:b9:58:17:0f:b3:c0: 56:d6:86:e0:b3:da:7c:6d:39:31:2e:4d:37:42:1d:df:cb:19: 23:2a:d4:c4:3f:20:4c:36:a0:6a:4c:3a:2b:7e:4c:23:82:2e: 37:de:7b:63:af:6b:2d:b4:0c:05:e7:ca:0e:55:0a:e5:49:aa: 47:9e:61:07:24:b8:9e:35:d0:9e:7b:45:6f:44:50:e1:44:45: 5d:a3:35:b1:84:ab:a7:c6:40:f5:53:f7:4e:e4:34:87:4d:79: fd:e2:16:5c -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUW5bO7dRii0oSyeMCWiIwIMS5HEEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTkzNFoX DTI3MDUwMTIxMjQzNFowMzExMC8GA1UEAxMoMkY0QTVGMzgwNzhFNDk5RTMwRDI3 Mzk4QzZBNjA2MzA2QUUyMzg5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANh16JpchyP3QPCcdwIVET/AcuX/8er1v0uE+CrbiZ5DvYXBuruLX0LLWK9z jGuyKgowLR/McIlEBDMFe2u4E3Dmqmu/WebZ/GqVwSrouUtYd6b58HaNNPtb/XYy IxUDONJSFCztM3CTC9idhCBfP8rLKL/q3eg3oMCZwD+rASN42o9WiPRi7Im+hcxx zw4WtyzF1xz5uL1fz73Ch2+p7NIelr8kWX0VEvpcLKvRJR3ic59o2R1NRev1tKuJ CsLjw3gHQthDIIlNNJ0YjXsCFCxLQktgNZHRs69gX5iQSkBtxDQhlv/ksgPg/XfG wAVeeUpEAc2QTN+D71tOkU7vB7kCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBQvSl84 B45JnjDSc5jGpgYwauI4njAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ3MTIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBZ43EMA8EAgACMAkDBwAgAQ3xF8AwDQYJKoZIhvcNAQELBQADggEBAJCr ATzf4m6FpcSBfqzlEnuRR93v2LhiG+Z/gstKfVjxy8dz/fdXuYwHHO8tmg/GOIRa XCNQBvIhBMubuw0Liu3zU2EAbpn+VafCd20Qk7TJCsUzVLpkAMhIPRWF1yVWLRIL 1kkn3lshpOuq1Lvw/fzMAwttyruagFqSR3kNtHM0S/Jyd3oKmEsajivakOX/hn8r doxu8fN+uWhOzrlYFw+zwFbWhuCz2nxtOTEuTTdCHd/LGSMq1MQ/IEw2oGpMOit+ TCOCLjfee2Ovay20DAXnyg5VCuVJqkeeYQckuJ410J57RW9EUOFERV2jNbGEq6fG QPVT907kNIdNef3iFlw= -----END CERTIFICATE-----Generated at Sun May 3 00:39:47 2026 by rpki-client