$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149964.roa File: AS149964.roa (raw, json) Hash identifier: XXGYxiEAJ/PPeKMbGIjvgWP8BVjXHjgxOOoleJblgGo= Subject key identifier: 9B:F1:8F:BC:F7:6D:F7:83:2B:CA:3F:3B:79:14:C9:DE:85:36:4D:9F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 651B24C6A124FF847D43B37775BF1E753D8D1134 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149964.roa Signing time: Sat 02 May 2026 21:05:18 +0000 ROA not before: Sat 02 May 2026 21:00:18 +0000 ROA not after: Sat 01 May 2027 21:05:18 +0000 asID: 149964 IP address blocks: 103.139.126.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:1b:24:c6:a1:24:ff:84:7d:43:b3:77:75:bf:1e:75:3d:8d:11:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:00:18 2026 GMT Not After : May 1 21:05:18 2027 GMT Subject: CN=9BF18FBCF76DF7832BCA3F3B7914C9DE85364D9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f7:61:6f:e8:9e:96:3b:28:89:d9:f4:c8:1b: aa:64:55:e5:9d:39:60:e4:94:fb:d3:84:b0:2d:12: a6:23:44:9a:a1:ce:ed:a5:bb:e9:eb:4d:b3:03:4f: 8b:22:fb:35:30:21:4b:15:0e:83:e8:ef:38:83:e4: 82:ef:13:a7:fa:59:0e:df:25:e5:16:20:bb:ad:0e: be:4e:25:36:e1:7f:97:df:d4:b4:69:a6:34:43:fb: d2:7a:3f:63:6f:78:23:40:1d:92:d4:9d:b7:29:e4: 75:00:ba:9d:f8:db:ba:bc:cf:d6:8e:62:15:61:14: 43:8a:bd:f3:63:d8:8f:a3:cd:47:b0:f3:ba:8a:66: ac:29:53:b2:87:95:41:74:f2:f1:d9:a1:76:ee:cc: 37:b2:8f:08:68:ef:e4:7e:75:b8:09:e8:c7:4f:bd: 83:2f:a4:90:58:3f:51:11:aa:3a:4d:25:3e:c7:3c: 5a:f5:2e:05:c5:39:93:c6:6d:3c:43:a6:83:86:b7: 7d:8c:e3:a8:e3:08:22:cf:a9:44:82:fc:cb:02:e4: d9:e6:01:74:a0:6e:54:ca:8c:51:b6:63:d1:d4:00: 00:09:10:1b:4b:0d:61:bf:d3:60:dd:85:ff:cd:f2: 51:0c:af:a1:66:93:bf:3f:80:24:58:aa:92:3e:22: 84:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:F1:8F:BC:F7:6D:F7:83:2B:CA:3F:3B:79:14:C9:DE:85:36:4D:9F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149964.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.139.126.0/23 Signature Algorithm: sha256WithRSAEncryption a5:55:79:ce:cd:55:ca:1a:d0:b4:52:be:91:5b:04:16:ff:60: 6f:ed:68:7c:c8:a7:b6:96:f4:9c:18:ec:a4:5f:0b:7a:af:84: 7d:ca:ad:5a:b2:b1:d3:4f:ea:be:26:0b:4e:b1:72:bd:e9:94: c8:ce:61:73:35:72:da:77:b8:dd:d7:57:1e:97:5b:b3:5b:60: e9:cf:cd:46:1e:b9:d1:6d:31:b7:e8:db:e6:fc:12:41:06:0d: 71:9a:99:12:99:0e:d3:9c:58:75:b2:b7:b0:93:57:a6:b5:12: 99:4d:c0:d2:91:a4:c5:69:eb:8f:c1:c1:e1:07:5e:0c:a2:e6: e6:5a:74:35:1e:b6:78:65:45:da:17:b8:89:e7:e5:f8:c7:bb: a7:f7:cc:71:83:12:5d:45:69:4f:b4:6f:66:bd:2f:67:87:2b: d1:c9:f0:90:0c:43:d2:95:b1:9d:25:4a:22:95:71:a4:37:7f: 1e:c5:e9:09:ce:d7:73:65:5e:0c:73:fc:06:fd:27:28:0f:08: 59:05:ed:b4:d2:90:24:14:93:54:41:81:65:bc:2a:32:9f:ab: cb:10:e2:86:b8:d2:0c:48:eb:7b:84:c4:a9:38:60:34:d7:ae: b6:8b:bb:20:19:8c:1c:c0:93:02:c6:f6:06:92:ac:7f:eb:b6: ef:89:f4:e3 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUZRskxqEk/4R9Q7N3db8edT2NETQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDAxOFoX DTI3MDUwMTIxMDUxOFowMzExMC8GA1UEAxMoOUJGMThGQkNGNzZERjc4MzJCQ0Ez RjNCNzkxNEM5REU4NTM2NEQ5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMr3YW/onpY7KInZ9MgbqmRV5Z05YOSU+9OEsC0SpiNEmqHO7aW76etNswNP iyL7NTAhSxUOg+jvOIPkgu8Tp/pZDt8l5RYgu60Ovk4lNuF/l9/UtGmmNEP70no/ Y294I0AdktSdtynkdQC6nfjburzP1o5iFWEUQ4q982PYj6PNR7DzuopmrClTsoeV QXTy8dmhdu7MN7KPCGjv5H51uAnox0+9gy+kkFg/URGqOk0lPsc8WvUuBcU5k8Zt PEOmg4a3fYzjqOMIIs+pRIL8ywLk2eYBdKBuVMqMUbZj0dQAAAkQG0sNYb/TYN2F /83yUQyvoWaTvz+AJFiqkj4ihGECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSb8Y+8 9233gyvKPzt5FMnehTZNnzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTY0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ4t+MA0GCSqGSIb3DQEBCwUAA4IBAQClVXnOzVXKGtC0Ur6RWwQW/2Bv 7Wh8yKe2lvScGOykXwt6r4R9yq1asrHTT+q+JgtOsXK96ZTIzmFzNXLad7jd11ce l1uzW2Dpz81GHrnRbTG36Nvm/BJBBg1xmpkSmQ7TnFh1srewk1emtRKZTcDSkaTF aeuPwcHhB14MoubmWnQ1HrZ4ZUXaF7iJ5+X4x7un98xxgxJdRWlPtG9mvS9nhyvR yfCQDEPSlbGdJUoilXGkN38exekJztdzZV4Mc/wG/ScoDwhZBe200pAkFJNUQYFl vCoyn6vLEOKGuNIMSOt7hMSpOGA01662i7sgGYwcwJMCxvYGkqx/67bvifTj -----END CERTIFICATE-----Generated at Sun May 3 01:44:05 2026 by rpki-client