$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149670.roa File: AS149670.roa (raw, json) Hash identifier: vU8dS5ebxSoAJHXxxF+UN23HwV4pCQMmLEk4ljibGlc= Subject key identifier: 8E:10:96:D3:AF:EC:43:2E:75:C8:3F:C6:50:8E:35:06:FC:C5:DF:ED Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5248EE0A921D9DDA20E259E66F8E5208D38670DD Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149670.roa Signing time: Sat 02 May 2026 21:26:31 +0000 ROA not before: Sat 02 May 2026 21:21:31 +0000 ROA not after: Sat 01 May 2027 21:26:31 +0000 asID: 149670 IP address blocks: 103.184.66.0/23 maxlen: 24 2001:df2:25c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:48:ee:0a:92:1d:9d:da:20:e2:59:e6:6f:8e:52:08:d3:86:70:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:21:31 2026 GMT Not After : May 1 21:26:31 2027 GMT Subject: CN=8E1096D3AFEC432E75C83FC6508E3506FCC5DFED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:6e:0b:02:c2:ca:87:6b:25:d9:aa:5b:28:34: 8f:70:3a:60:1d:f8:03:75:c9:df:26:9d:b5:fb:91: 96:4a:f8:cc:81:a0:ab:00:e5:90:36:28:a5:d8:31: fa:45:65:d0:7e:ba:c6:07:02:8f:d0:9f:09:8d:d9: 50:4d:3a:97:6a:5a:5a:65:ae:ed:e5:55:24:a9:77: cc:a1:82:bf:74:0d:d8:a2:4c:90:17:7b:12:c6:c8: 10:a3:cd:21:de:16:76:77:79:80:a6:2c:65:d0:35: ca:a2:47:3f:7c:8c:c9:39:ad:57:39:7f:79:26:40: ce:8a:2d:68:4e:d0:27:59:53:fa:c2:bb:74:f8:27: fb:cb:6f:a9:21:00:94:b5:76:4d:d7:b7:08:9e:8d: 5f:0b:77:eb:4b:96:ca:2e:59:bd:a7:b4:d2:81:ac: be:50:b9:0b:51:d0:9b:dd:d4:05:5a:66:fb:f3:7e: 3c:54:80:ec:5f:1f:af:65:b1:d4:23:fb:7a:52:28: f4:01:cb:6d:02:04:d6:5d:03:0d:67:2e:26:63:7e: 8e:50:33:fc:a6:52:66:2c:20:0b:2c:18:82:0e:5c: e9:7b:0e:03:e6:30:83:ea:df:8b:06:bd:eb:bf:7a: bb:45:98:19:f2:f5:6f:32:50:e7:a8:b5:7a:38:8b: d9:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:10:96:D3:AF:EC:43:2E:75:C8:3F:C6:50:8E:35:06:FC:C5:DF:ED X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149670.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.66.0/23 IPv6: 2001:df2:25c0::/48 Signature Algorithm: sha256WithRSAEncryption 0d:a1:7a:b6:c4:42:f5:67:9a:1a:5c:56:4e:b6:c7:3e:0e:8f: bc:15:25:57:0a:78:d9:64:57:8f:b3:1d:b6:81:7a:b1:ef:43: 9a:25:d5:7e:39:ce:a0:cd:e1:5b:a3:1f:69:85:a6:a0:9e:14: 10:51:32:37:b2:b9:82:4b:9d:a0:1f:c9:3b:84:ca:06:b9:97: 91:1f:b0:5b:bf:97:83:05:3d:a6:da:ca:aa:7c:1a:c6:e2:0b: b8:4e:c0:90:40:0b:3c:f0:a8:05:a1:ab:90:e7:66:f6:a4:0d: 23:06:33:c2:3e:60:59:0f:d9:83:a3:ba:26:f2:8e:4d:fb:8a: aa:0f:53:b9:65:6a:42:9b:58:77:a0:88:25:4d:1c:e9:4d:9d: 3a:a9:f4:9d:5e:be:3f:90:fd:f9:7f:40:22:e8:d9:54:44:89: 56:43:14:aa:fb:56:03:d4:70:ea:ca:ff:0d:31:cd:5e:93:c3: 81:0c:39:2e:cd:b6:37:3e:76:eb:22:39:19:3a:ab:2a:ca:5c: 13:1f:b2:6c:dc:50:86:a2:30:fe:81:97:28:3c:70:6f:d8:6d: fe:17:cd:b7:09:a2:15:35:c4:bb:93:60:be:28:fb:b9:a1:8c: 0e:54:31:98:7d:ec:30:ea:16:19:b0:05:57:31:cf:19:ca:0b: 9a:07:d5:bf -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUUkjuCpIdndog4lnmb45SCNOGcN0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMjEzMVoX DTI3MDUwMTIxMjYzMVowMzExMC8GA1UEAxMoOEUxMDk2RDNBRkVDNDMyRTc1Qzgz RkM2NTA4RTM1MDZGQ0M1REZFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJVuCwLCyodrJdmqWyg0j3A6YB34A3XJ3yadtfuRlkr4zIGgqwDlkDYopdgx +kVl0H66xgcCj9CfCY3ZUE06l2paWmWu7eVVJKl3zKGCv3QN2KJMkBd7EsbIEKPN Id4Wdnd5gKYsZdA1yqJHP3yMyTmtVzl/eSZAzootaE7QJ1lT+sK7dPgn+8tvqSEA lLV2Tde3CJ6NXwt360uWyi5Zvae00oGsvlC5C1HQm93UBVpm+/N+PFSA7F8fr2Wx 1CP7elIo9AHLbQIE1l0DDWcuJmN+jlAz/KZSZiwgCywYgg5c6XsOA+Ywg+rfiwa9 6796u0WYGfL1bzJQ56i1ejiL2dkCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBSOEJbT r+xDLnXIP8ZQjjUG/MXf7TAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5NjcwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBZ7hCMA8EAgACMAkDBwAgAQ3yJcAwDQYJKoZIhvcNAQELBQADggEBAA2h erbEQvVnmhpcVk62xz4Oj7wVJVcKeNlkV4+zHbaBerHvQ5ol1X45zqDN4VujH2mF pqCeFBBRMjeyuYJLnaAfyTuEyga5l5EfsFu/l4MFPabayqp8GsbiC7hOwJBACzzw qAWhq5DnZvakDSMGM8I+YFkP2YOjuibyjk37iqoPU7llakKbWHegiCVNHOlNnTqp 9J1evj+Q/fl/QCLo2VREiVZDFKr7VgPUcOrK/w0xzV6Tw4EMOS7Ntjc+dusiORk6 qyrKXBMfsmzcUIaiMP6Blyg8cG/Ybf4XzbcJohU1xLuTYL4o+7mhjA5UMZh97DDq FhmwBVcxzxnKC5oH1b8= -----END CERTIFICATE-----Generated at Sun May 3 00:42:16 2026 by rpki-client