$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149925.roa File: AS149925.roa (raw, json) Hash identifier: F4+vzFtow9gX1GEcZqu8ivT+phSMOmCyApbAnG7kGh0= Subject key identifier: 88:EC:08:40:3E:33:22:6E:58:25:22:9C:00:1D:21:8D:81:63:B7:D4 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2ECAC259A1A2F65D88CCB1434B24F7856F7BE20D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149925.roa Signing time: Sat 02 May 2026 16:38:37 +0000 ROA not before: Sat 02 May 2026 16:33:37 +0000 ROA not after: Sat 01 May 2027 16:38:37 +0000 asID: 149925 IP address blocks: 103.115.20.0/24 maxlen: 24 103.191.165.0/24 maxlen: 24 202.133.66.0/23 maxlen: 24 2001:df2:7a40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:ca:c2:59:a1:a2:f6:5d:88:cc:b1:43:4b:24:f7:85:6f:7b:e2:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 16:33:37 2026 GMT Not After : May 1 16:38:37 2027 GMT Subject: CN=88EC08403E33226E5825229C001D218D8163B7D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:9c:89:d9:b0:4c:08:d2:29:29:ca:67:c5:48: f1:ba:f7:37:2c:5a:2b:ef:44:f1:26:92:a8:75:25: 3f:3e:c2:02:28:23:02:28:23:50:92:2e:82:98:83: 11:42:43:93:a0:e4:a6:b5:29:a3:02:b6:01:76:cf: a5:2f:4a:66:31:5e:41:0c:87:dd:90:99:33:55:15: e6:6a:cf:19:70:d1:f8:e7:21:7d:b3:37:1e:db:e9: 7e:36:da:bc:0c:9c:72:dd:20:3c:e6:85:dc:e4:91: 0e:87:ab:c8:a5:61:b8:08:90:87:7f:46:c7:01:41: b7:8b:03:f5:5e:db:52:11:80:33:77:8b:cf:3e:97: 89:cd:30:d3:f4:12:b9:23:27:15:4e:23:e3:4c:c3: 81:92:03:75:b5:a8:9e:f1:e2:ef:92:b6:3f:c5:0a: 06:d0:75:09:64:9f:02:c0:22:5f:a2:01:b5:6f:a7: cb:f8:dc:4b:ec:f2:b7:70:82:92:a2:7f:6c:2c:d4: a7:e1:83:fd:45:03:90:5b:ea:ce:5f:61:da:92:27: 89:1a:e4:5b:8f:e0:1e:6d:7b:0a:a2:39:e2:1b:7b: e9:1f:1d:8b:ff:9c:e2:f9:23:d7:e3:49:7f:35:80: 6b:97:c8:6b:cd:59:78:ad:f4:40:5f:49:bb:93:e3: 37:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:EC:08:40:3E:33:22:6E:58:25:22:9C:00:1D:21:8D:81:63:B7:D4 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149925.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.115.20.0/24 103.191.165.0/24 202.133.66.0/23 IPv6: 2001:df2:7a40::/48 Signature Algorithm: sha256WithRSAEncryption 26:3b:bb:db:53:f8:6c:3e:b6:04:9a:24:f0:30:3a:97:70:b6: d5:06:80:d7:d3:35:ee:fd:cf:c1:e4:16:14:cf:ce:ca:5b:f0: a4:38:41:e8:ec:8e:88:8c:08:38:0c:fa:89:ff:73:64:fe:c9: 2b:c4:a2:ed:73:ec:3f:2a:17:71:7d:21:19:b0:a3:d6:35:b4: 66:c2:b7:c6:60:30:8a:d6:d2:65:26:9c:89:1b:db:55:14:7f: 48:d3:35:92:55:71:55:a1:e6:80:ea:21:ea:e9:9c:f9:a9:25: 4b:6d:f8:4e:88:f3:bc:4a:9d:f2:d3:7f:f4:87:56:13:31:f3: 9f:3c:20:07:02:b8:06:15:c5:89:bc:90:8f:59:40:8e:62:2b: 05:78:58:1b:69:c0:4a:da:c7:fb:0a:cd:93:7f:61:44:2b:da: f0:b7:a8:7a:7e:d4:88:d6:12:a3:cc:7d:cd:16:01:00:d5:84: 73:28:ab:cd:82:f1:00:66:33:73:b7:b2:04:75:ab:b3:2f:80: a6:fc:29:4a:04:e9:91:4d:d8:19:fe:01:29:f1:a2:dc:1d:1f: 7b:ca:29:d8:b8:f3:12:66:8f:9b:7e:c7:7a:f0:70:9a:98:60: f8:28:28:60:f2:e6:ca:d3:e8:0d:77:02:c3:68:f4:ea:17:b4: 2b:dc:27:27 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIULsrCWaGi9l2IzLFDSyT3hW974g0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjE2MzMzN1oX DTI3MDUwMTE2MzgzN1owMzExMC8GA1UEAxMoODhFQzA4NDAzRTMzMjI2RTU4MjUy MjlDMDAxRDIxOEQ4MTYzQjdENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ2cidmwTAjSKSnKZ8VI8br3NyxaK+9E8SaSqHUlPz7CAigjAigjUJIugpiD EUJDk6DkprUpowK2AXbPpS9KZjFeQQyH3ZCZM1UV5mrPGXDR+OchfbM3Htvpfjba vAycct0gPOaF3OSRDoeryKVhuAiQh39GxwFBt4sD9V7bUhGAM3eLzz6Xic0w0/QS uSMnFU4j40zDgZIDdbWonvHi75K2P8UKBtB1CWSfAsAiX6IBtW+ny/jcS+zyt3CC kqJ/bCzUp+GD/UUDkFvqzl9h2pIniRrkW4/gHm17CqI54ht76R8di/+c4vkj1+NJ fzWAa5fIa81ZeK30QF9Ju5PjN60CAwEAAaOCAekwggHlMB0GA1UdDgQWBBSI7AhA PjMiblglIpwAHSGNgWO31DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIA ATASAwQAZ3MUAwQAZ7+lAwQByoVCMA8EAgACMAkDBwAgAQ3yekAwDQYJKoZIhvcN AQELBQADggEBACY7u9tT+Gw+tgSaJPAwOpdwttUGgNfTNe79z8HkFhTPzspb8KQ4 QejsjoiMCDgM+on/c2T+ySvEou1z7D8qF3F9IRmwo9Y1tGbCt8ZgMIrW0mUmnIkb 21UUf0jTNZJVcVWh5oDqIerpnPmpJUtt+E6I87xKnfLTf/SHVhMx8588IAcCuAYV xYm8kI9ZQI5iKwV4WBtpwErax/sKzZN/YUQr2vC3qHp+1IjWEqPMfc0WAQDVhHMo q82C8QBmM3O3sgR1q7MvgKb8KUoE6ZFN2Bn+ASnxotwdH3vKKdi48xJmj5t+x3rw cJqYYPgoKGDy5srT6A13AsNo9OoXtCvcJyc= -----END CERTIFICATE-----Generated at Sun May 3 01:44:41 2026 by rpki-client