$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149966.roa File: AS149966.roa (raw, json) Hash identifier: GJM0hfYRlBndpj8ne5YvDlu0lupJOCCkBu8s6ltfM/s= Subject key identifier: 1C:4A:E9:E9:96:5F:D9:F3:12:38:D5:33:05:56:EB:06:3D:BC:25:2B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5964A5A3CD65CDCCC374D1403246C8B8139BB156 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149966.roa Signing time: Sat 02 May 2026 09:21:24 +0000 ROA not before: Sat 02 May 2026 09:16:24 +0000 ROA not after: Sat 01 May 2027 09:21:24 +0000 asID: 149966 IP address blocks: 103.191.152.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:64:a5:a3:cd:65:cd:cc:c3:74:d1:40:32:46:c8:b8:13:9b:b1:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:24 2026 GMT Not After : May 1 09:21:24 2027 GMT Subject: CN=1C4AE9E9965FD9F31238D5330556EB063DBC252B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c3:27:8a:88:45:66:bb:b1:51:b3:b6:f1:a5: dc:ab:32:ae:df:64:c0:d9:6b:69:b3:e8:be:e6:45: 5e:31:78:eb:b0:ec:d0:fa:07:61:ab:95:76:3a:3c: f8:71:03:c2:78:98:92:07:7c:d7:5e:a6:e2:02:4d: 4b:1c:a9:85:27:63:42:c5:29:1a:d0:36:67:7b:3e: 20:61:0b:9a:2e:e4:bf:50:b4:0c:b5:6f:73:63:4a: 71:b3:6b:4a:ea:3d:22:71:da:7e:38:4c:d8:5d:22: c7:3d:d2:a7:90:aa:06:22:ce:b9:cc:36:e0:02:13: 57:bf:b4:95:a6:be:9a:be:8f:0f:2d:6d:65:ae:06: 2e:c3:eb:29:76:e3:2b:7a:0e:4c:c0:30:66:b9:ba: c6:4a:2a:db:ec:36:b0:97:45:c6:ea:5f:85:41:89: e0:cc:53:3c:43:8f:43:cf:1c:68:21:01:81:f5:4a: a9:4a:2c:c5:00:11:12:a4:cc:e1:47:3b:f8:97:0f: 4c:1a:c9:6b:64:61:d5:8f:42:80:7a:0a:42:77:2f: f8:7c:74:fa:8e:9d:b9:08:2d:23:99:90:9e:1e:b9: f9:be:ff:0d:24:69:9a:fb:58:e4:db:d1:ea:24:da: 1b:76:9b:68:7e:71:e1:27:d1:73:6a:25:e3:e4:0c: 9b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:4A:E9:E9:96:5F:D9:F3:12:38:D5:33:05:56:EB:06:3D:BC:25:2B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149966.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.152.0/23 Signature Algorithm: sha256WithRSAEncryption 7b:93:d1:79:e9:e6:1f:98:db:0e:84:50:b6:5a:03:a0:fd:c8: d8:40:d7:fc:94:06:20:72:a3:e3:53:84:31:2c:aa:c4:7c:31: b9:b5:95:75:d9:89:27:43:16:23:98:c4:39:1b:27:bf:36:48: 26:7c:ef:70:37:5b:b8:6a:02:d2:32:94:ae:19:00:52:54:42: 67:97:04:6f:6e:ce:27:7d:df:2b:c2:53:9b:da:c7:fa:a9:d7: 52:2a:9b:48:92:4d:22:30:dd:3e:d6:ba:00:53:84:eb:3d:78: 7c:56:86:a4:9d:29:b1:a7:a2:dd:bd:19:80:d1:be:d4:41:1c: 0c:ba:ac:22:63:bb:b0:b7:da:7e:1b:46:54:b5:16:37:09:7e: b3:93:4a:04:a1:f7:1b:45:23:c2:0c:15:f5:15:0d:ae:15:88: 6f:39:2c:98:56:59:4b:12:5b:6f:cb:f7:51:d4:68:1d:7e:c7: 04:60:8c:8e:64:88:d6:e4:23:5e:4a:61:09:f1:5f:c3:5a:f5: a8:8e:44:43:a9:27:ad:ad:f0:c7:ea:b7:3d:5f:77:bb:70:93: 6c:e6:de:b2:07:b3:7e:ab:2b:87:ae:4e:20:b7:9c:53:99:5c: 59:3f:49:0f:a8:ee:12:38:ce:cd:50:64:4d:f3:f0:ea:69:86: 3d:df:60:da -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUWWSlo81lzczDdNFAMkbIuBObsVYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTYyNFoX DTI3MDUwMTA5MjEyNFowMzExMC8GA1UEAxMoMUM0QUU5RTk5NjVGRDlGMzEyMzhE NTMzMDU1NkVCMDYzREJDMjUyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJrDJ4qIRWa7sVGztvGl3Ksyrt9kwNlrabPovuZFXjF467Ds0PoHYauVdjo8 +HEDwniYkgd8116m4gJNSxyphSdjQsUpGtA2Z3s+IGELmi7kv1C0DLVvc2NKcbNr Suo9InHafjhM2F0ixz3Sp5CqBiLOucw24AITV7+0laa+mr6PDy1tZa4GLsPrKXbj K3oOTMAwZrm6xkoq2+w2sJdFxupfhUGJ4MxTPEOPQ88caCEBgfVKqUosxQAREqTM 4Uc7+JcPTBrJa2Rh1Y9CgHoKQncv+Hx0+o6duQgtI5mQnh65+b7/DSRpmvtY5NvR 6iTaG3abaH5x4SfRc2ol4+QMmw0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQcSunp ll/Z8xI41TMFVusGPbwlKzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTY2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ7+YMA0GCSqGSIb3DQEBCwUAA4IBAQB7k9F56eYfmNsOhFC2WgOg/cjY QNf8lAYgcqPjU4QxLKrEfDG5tZV12YknQxYjmMQ5Gye/NkgmfO9wN1u4agLSMpSu GQBSVEJnlwRvbs4nfd8rwlOb2sf6qddSKptIkk0iMN0+1roAU4TrPXh8VoaknSmx p6LdvRmA0b7UQRwMuqwiY7uwt9p+G0ZUtRY3CX6zk0oEofcbRSPCDBX1FQ2uFYhv OSyYVllLEltvy/dR1GgdfscEYIyOZIjW5CNeSmEJ8V/DWvWojkRDqSetrfDH6rc9 X3e7cJNs5t6yB7N+qyuHrk4gt5xTmVxZP0kPqO4SOM7NUGRN8/DqaYY932Da -----END CERTIFICATE-----Generated at Sun May 3 01:44:55 2026 by rpki-client