$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149940.roa File: AS149940.roa (raw, json) Hash identifier: 4oAAbs0Y/aJ/0C6WpizU4lcehGpLbxRtPSTTYF+x+fw= Subject key identifier: 6A:C1:7F:A8:90:51:26:63:09:2C:94:6A:9D:F9:B2:0A:B5:8F:3A:33 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 36759B983AEBA2AAD5D39FE05EAFB853C47BC692 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149940.roa Signing time: Sat 02 May 2026 09:21:07 +0000 ROA not before: Sat 02 May 2026 09:16:07 +0000 ROA not after: Sat 01 May 2027 09:21:07 +0000 asID: 149940 IP address blocks: 103.191.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:75:9b:98:3a:eb:a2:aa:d5:d3:9f:e0:5e:af:b8:53:c4:7b:c6:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:07 2026 GMT Not After : May 1 09:21:07 2027 GMT Subject: CN=6AC17FA890512663092C946A9DF9B20AB58F3A33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:15:f3:b1:69:d7:02:6c:34:5c:32:1e:b8:ba: 5c:22:16:0d:4c:cb:43:26:f4:82:1e:8d:48:b7:cc: df:4e:c2:6b:10:e0:7e:2c:d1:45:0b:01:41:5a:31: c0:cc:7e:28:d0:40:3e:3a:ef:3d:76:a6:bf:9a:4e: 67:d0:fc:dc:d1:8a:3c:3d:5d:11:90:44:7c:67:75: 30:74:c6:2a:d9:28:ea:5d:c6:db:a1:87:19:dd:48: 14:6f:0b:28:3e:a8:42:3e:be:03:0b:3a:fa:06:63: ea:87:cf:78:83:53:bb:39:95:60:82:73:4e:c0:0d: fd:53:5f:56:cd:5b:0b:85:0b:83:92:9b:4f:43:f2: d7:fa:01:96:5d:7a:a1:b4:6f:01:30:0c:98:4f:38: a3:4f:c3:3f:b0:92:b5:a9:0c:17:9e:9f:46:d3:18: e8:58:c2:36:65:56:64:55:29:34:4f:f2:9b:b3:c1: f9:59:40:d6:f2:38:40:c2:5a:16:28:21:9d:3e:b7: 3a:1b:51:40:df:54:e4:cd:8d:2c:87:39:59:18:75: c9:50:73:47:31:ca:d3:0c:7f:e7:76:d8:61:b9:69: 00:1c:41:8f:07:c2:fd:2f:55:9e:1c:98:52:6f:63: 1b:49:db:87:5a:f9:b4:d0:74:e1:15:37:1e:b7:fb: c1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:C1:7F:A8:90:51:26:63:09:2C:94:6A:9D:F9:B2:0A:B5:8F:3A:33 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149940.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.250.0/23 Signature Algorithm: sha256WithRSAEncryption 20:b3:55:0d:2b:5d:38:d5:10:54:28:cc:d8:9b:84:9d:8d:88: 25:5b:51:9d:d4:d1:b1:4a:b3:52:4e:00:18:fe:32:d5:a3:d7: 0c:f6:bb:32:fa:54:a1:0f:28:de:28:94:54:6b:45:a3:51:47: e6:32:0b:59:ef:af:3e:48:43:29:cf:e1:f4:fb:f5:66:eb:fe: b8:49:f5:f7:ff:06:09:d1:b1:0c:33:82:72:fd:3a:14:c1:e3: fb:35:aa:80:07:75:e0:c8:9f:ea:30:90:f6:4b:9a:a7:da:42: 4e:77:43:a7:c2:d2:87:dd:20:d3:bc:e2:af:57:c5:31:5a:2d: aa:28:78:d7:45:72:b5:38:31:36:9c:53:1c:2d:f6:f5:32:8f: 46:86:17:c8:92:02:4f:94:43:aa:ee:bc:40:b4:2c:64:a4:18: 06:35:4c:9c:30:e2:cf:f4:79:eb:82:22:00:94:df:b5:1f:19: 50:cf:9c:f7:1e:fa:50:46:6c:5d:d8:0e:4f:42:b9:00:be:db: 28:fc:ef:e7:ae:34:d8:8c:43:86:7d:0d:90:f3:42:ae:f4:09: 8b:20:f8:3d:bb:6d:3d:b7:08:97:11:03:d4:b1:9a:cf:bd:2a: d6:aa:f0:59:67:17:b2:4b:70:cf:a0:17:bb:8f:64:ee:1f:74: 8a:98:bb:db -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUNnWbmDrroqrV05/gXq+4U8R7xpIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTYwN1oX DTI3MDUwMTA5MjEwN1owMzExMC8GA1UEAxMoNkFDMTdGQTg5MDUxMjY2MzA5MkM5 NDZBOURGOUIyMEFCNThGM0EzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOEV87Fp1wJsNFwyHri6XCIWDUzLQyb0gh6NSLfM307CaxDgfizRRQsBQVox wMx+KNBAPjrvPXamv5pOZ9D83NGKPD1dEZBEfGd1MHTGKtko6l3G26GHGd1IFG8L KD6oQj6+Aws6+gZj6ofPeINTuzmVYIJzTsAN/VNfVs1bC4ULg5KbT0Py1/oBll16 obRvATAMmE84o0/DP7CStakMF56fRtMY6FjCNmVWZFUpNE/ym7PB+VlA1vI4QMJa FighnT63OhtRQN9U5M2NLIc5WRh1yVBzRzHK0wx/53bYYblpABxBjwfC/S9VnhyY Um9jG0nbh1r5tNB04RU3Hrf7wV8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRqwX+o kFEmYwkslGqd+bIKtY86MzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTQwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ7/6MA0GCSqGSIb3DQEBCwUAA4IBAQAgs1UNK1041RBUKMzYm4SdjYgl W1Gd1NGxSrNSTgAY/jLVo9cM9rsy+lShDyjeKJRUa0WjUUfmMgtZ768+SEMpz+H0 +/Vm6/64SfX3/wYJ0bEMM4Jy/ToUweP7NaqAB3XgyJ/qMJD2S5qn2kJOd0OnwtKH 3SDTvOKvV8UxWi2qKHjXRXK1ODE2nFMcLfb1Mo9GhhfIkgJPlEOq7rxAtCxkpBgG NUycMOLP9HnrgiIAlN+1HxlQz5z3HvpQRmxd2A5PQrkAvtso/O/nrjTYjEOGfQ2Q 80Ku9AmLIPg9u209twiXEQPUsZrPvSrWqvBZZxeyS3DPoBe7j2TuH3SKmLvb -----END CERTIFICATE-----Generated at Sun May 3 00:42:15 2026 by rpki-client