$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149736.roa File: AS149736.roa (raw, json) Hash identifier: RJMdcP5vct1Zmnd8RkPs59upbLUvKmvkY0FIea9gnA0= Subject key identifier: 90:97:76:D6:70:71:26:5C:6B:53:00:05:F8:AE:A6:69:A6:6B:87:79 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 79749B686DF365A68BBB661F537EC85B98B8877C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149736.roa Signing time: Sat 02 May 2026 21:18:40 +0000 ROA not before: Sat 02 May 2026 21:13:40 +0000 ROA not after: Sat 01 May 2027 21:18:40 +0000 asID: 149736 IP address blocks: 103.188.172.0/23 maxlen: 24 103.215.69.0/24 maxlen: 24 103.251.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:74:9b:68:6d:f3:65:a6:8b:bb:66:1f:53:7e:c8:5b:98:b8:87:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:13:40 2026 GMT Not After : May 1 21:18:40 2027 GMT Subject: CN=909776D67071265C6B530005F8AEA669A66B8779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b4:f7:f6:cf:fa:81:43:9c:5b:c5:94:b6:aa: b7:bf:2f:46:c5:f3:a9:3c:96:e8:6f:3b:9d:bd:f0: 31:a0:cf:08:9c:8c:e0:ee:8c:9e:72:91:bf:85:02: 18:97:4f:63:f2:40:b2:fe:d7:1d:6f:d0:f8:16:ff: 09:63:0e:f1:d2:57:25:ef:fc:9d:d3:10:2a:ba:80: 2f:d9:26:40:41:76:73:be:f8:df:a6:e5:ac:77:31: 7d:df:f8:ed:f5:60:d6:5b:8d:90:aa:3c:43:0d:16: ac:26:fe:41:7e:c1:ac:01:93:99:d8:4a:7a:07:11: 11:fe:0f:45:95:f6:e1:e1:0f:6f:9c:31:fc:04:14: d4:0b:78:bf:27:e8:c9:f3:58:37:a6:9b:8c:45:11: 9d:d2:36:37:3f:4b:65:a5:bc:e4:7f:d2:b3:fc:0f: 49:25:82:ed:66:07:9e:f9:0a:3c:64:07:78:8f:80: 24:45:02:80:c2:e7:c4:31:d7:97:d8:e1:fe:30:a3: d4:21:79:7f:62:72:b1:aa:60:e7:3b:93:86:09:8a: 03:e0:84:80:3c:f5:ad:86:d6:e1:f1:da:27:b3:8b: 55:eb:b9:09:29:2a:24:70:18:d3:1f:0c:52:e1:99: bc:e7:66:27:9b:39:5a:84:8b:7c:9a:7c:7f:0a:e3: 2c:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:97:76:D6:70:71:26:5C:6B:53:00:05:F8:AE:A6:69:A6:6B:87:79 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.188.172.0/23 103.215.69.0/24 103.251.155.0/24 Signature Algorithm: sha256WithRSAEncryption 15:c2:38:2e:48:12:af:5a:78:17:4e:f9:e2:77:8f:bb:fa:eb: 77:2a:16:2f:54:cc:11:b5:37:6f:24:be:92:52:64:97:1a:6e: 87:af:5d:c1:9f:d7:11:63:ce:07:66:c3:8b:21:48:82:fa:61: d5:3f:f9:f7:8c:68:6d:83:cb:2c:d6:12:5d:1e:0f:68:96:67: 07:cc:14:78:05:8b:bc:ac:2b:ec:72:60:1d:c1:c2:ec:71:55: ec:2c:6d:09:f9:8b:33:81:0c:bb:f4:3f:9f:43:25:4c:84:19: e8:d1:7a:cc:27:20:78:8a:bd:f9:4e:37:c8:93:5f:b0:75:c6: ef:47:ee:c6:fb:c8:51:c9:a1:75:66:17:0b:a0:7a:6d:85:ba: 06:33:d5:19:ab:8d:34:50:4b:9b:9b:55:fb:d3:d3:8f:38:a4: 64:b6:11:b1:4d:92:cd:be:24:62:35:81:4e:52:6a:7e:84:ae: bb:1b:6d:57:1a:45:5d:e9:bb:bb:cb:f2:02:c2:65:44:73:87: 24:a7:a4:53:a3:b8:68:35:12:9e:4a:6a:65:29:b2:8a:b0:f9: f8:20:71:ef:c1:47:76:44:7a:76:5a:b0:ff:6f:e7:a6:c3:78: bd:cb:7b:50:94:95:18:b4:2a:3a:32:10:59:27:4b:10:18:a8: f5:c7:b1:3a -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUeXSbaG3zZaaLu2YfU37IW5i4h3wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTM0MFoX DTI3MDUwMTIxMTg0MFowMzExMC8GA1UEAxMoOTA5Nzc2RDY3MDcxMjY1QzZCNTMw MDA1RjhBRUE2NjlBNjZCODc3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKm09/bP+oFDnFvFlLaqt78vRsXzqTyW6G87nb3wMaDPCJyM4O6MnnKRv4UC GJdPY/JAsv7XHW/Q+Bb/CWMO8dJXJe/8ndMQKrqAL9kmQEF2c77436blrHcxfd/4 7fVg1luNkKo8Qw0WrCb+QX7BrAGTmdhKegcREf4PRZX24eEPb5wx/AQU1At4vyfo yfNYN6abjEURndI2Nz9LZaW85H/Ss/wPSSWC7WYHnvkKPGQHeI+AJEUCgMLnxDHX l9jh/jCj1CF5f2Jysapg5zuThgmKA+CEgDz1rYbW4fHaJ7OLVeu5CSkqJHAY0x8M UuGZvOdmJ5s5WoSLfJp8fwrjLC8CAwEAAaOCAdgwggHUMB0GA1UdDgQWBBSQl3bW cHEmXGtTAAX4rqZppmuHeTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5NzM2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIA ATASAwQBZ7ysAwQAZ9dFAwQAZ/ubMA0GCSqGSIb3DQEBCwUAA4IBAQAVwjguSBKv WngXTvnid4+7+ut3KhYvVMwRtTdvJL6SUmSXGm6Hr13Bn9cRY84HZsOLIUiC+mHV P/n3jGhtg8ss1hJdHg9olmcHzBR4BYu8rCvscmAdwcLscVXsLG0J+YszgQy79D+f QyVMhBno0XrMJyB4ir35TjfIk1+wdcbvR+7G+8hRyaF1ZhcLoHpthboGM9UZq400 UEubm1X709OPOKRkthGxTZLNviRiNYFOUmp+hK67G21XGkVd6bu7y/ICwmVEc4ck p6RTo7hoNRKeSmplKbKKsPn4IHHvwUd2RHp2WrD/b+emw3i9y3tQlJUYtCo6MhBZ J0sQGKj1x7E6 -----END CERTIFICATE-----Generated at Sun May 3 01:44:01 2026 by rpki-client