$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149969.roa File: AS149969.roa (raw, json) Hash identifier: Xa0geyjUD9DTOHl78VBZFMGR24aayJRoEho19K8NGdI= Subject key identifier: 85:8C:7C:57:F4:98:46:52:37:42:31:1E:6F:CB:8E:68:48:13:25:CD Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 627BA2057B960835ECE4378BD43CBD531673E9AC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149969.roa Signing time: Sat 02 May 2026 21:16:27 +0000 ROA not before: Sat 02 May 2026 21:11:27 +0000 ROA not after: Sat 01 May 2027 21:16:27 +0000 asID: 149969 IP address blocks: 103.23.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:7b:a2:05:7b:96:08:35:ec:e4:37:8b:d4:3c:bd:53:16:73:e9:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:11:27 2026 GMT Not After : May 1 21:16:27 2027 GMT Subject: CN=858C7C57F49846523742311E6FCB8E68481325CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:65:9d:f6:91:e1:ad:a6:89:31:b6:70:2a:b8: 1f:e3:67:32:3d:41:a5:15:6a:1c:ab:d9:f7:f0:a1: 8a:6f:70:f6:b0:fc:00:b8:e8:44:5b:3d:e7:74:a0: 83:12:38:1a:62:0d:2a:f3:9f:b9:f2:a1:f2:a9:96: c4:0a:b8:d0:7a:f2:4d:b0:1f:d4:b6:84:ea:b4:5b: 6b:e5:ac:40:16:16:84:9d:8c:c8:f9:2a:66:e6:cb: 6e:4e:f6:40:94:0b:01:bc:f9:49:d9:0f:37:84:fe: e1:1f:8e:e3:80:59:72:6e:43:88:92:ba:6b:e1:6b: 13:d9:93:f3:02:75:fb:8d:5d:5c:cb:1f:04:30:67: a2:8c:b8:9e:05:48:78:42:96:0f:77:d8:fc:d6:63: 2e:7b:7c:b7:00:19:01:07:d0:68:25:de:d6:c5:97: 7a:55:58:05:e1:84:19:60:06:70:9b:d4:64:b4:89: 1f:d0:1c:cf:96:fb:27:2d:b3:2c:bf:27:12:ad:d7: 14:64:ea:e2:f3:8f:a7:71:3b:41:5a:8f:4a:ec:27: c2:72:95:34:33:28:51:bf:b1:59:cd:72:06:8a:7b: 90:6c:5e:58:72:14:40:ad:d2:8e:e7:41:05:9f:96: 84:16:db:b6:7c:c1:3c:18:0b:7e:b6:01:80:fb:6b: 03:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:8C:7C:57:F4:98:46:52:37:42:31:1E:6F:CB:8E:68:48:13:25:CD X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149969.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.23.28.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:ed:21:a5:aa:c3:28:57:ce:97:63:b8:9e:ab:e4:9e:fb:5a: 48:6d:22:bf:d4:ac:80:d1:5c:8e:9c:bb:5c:7e:bc:fc:9f:10: 51:e9:58:d1:61:48:1f:b3:d4:b8:35:ba:80:ac:e9:ec:e0:ca: 02:0d:3f:c3:d6:df:0f:97:1b:a2:82:7d:6a:53:b8:97:4d:4c: ad:9f:25:32:0e:26:ab:eb:63:e9:17:9d:71:b5:de:42:fb:2b: 73:ef:67:1d:54:49:2b:32:86:51:04:f7:d8:7b:bd:95:1b:89: 1b:2c:21:d5:49:85:62:e7:af:17:2e:f8:d0:e4:e6:15:20:cb: fc:f8:76:52:29:18:f6:6b:23:51:99:0d:09:07:42:1c:ff:62: f3:eb:ca:24:5d:0b:98:39:c7:89:68:6e:39:61:bc:bd:17:40: 69:91:c6:98:21:01:e0:85:92:ff:2f:83:6b:c5:e1:a1:da:ec: bc:fa:52:fc:9a:bc:f6:e1:99:3b:4d:14:c6:25:7a:3b:f3:a1: 79:2b:f0:4c:a9:56:48:22:92:c2:9d:c9:40:ca:45:56:b6:da: 08:31:f0:68:36:e7:57:16:7f:83:08:b6:01:d0:21:d7:7f:f0: 31:ff:fa:40:48:2a:1c:e5:5b:05:1e:0b:af:4d:32:fd:53:0f: 80:21:88:b8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUYnuiBXuWCDXs5DeL1Dy9UxZz6awwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTEyN1oX DTI3MDUwMTIxMTYyN1owMzExMC8GA1UEAxMoODU4QzdDNTdGNDk4NDY1MjM3NDIz MTFFNkZDQjhFNjg0ODEzMjVDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5lnfaR4a2miTG2cCq4H+NnMj1BpRVqHKvZ9/Chim9w9rD8ALjoRFs953Sg gxI4GmINKvOfufKh8qmWxAq40HryTbAf1LaE6rRba+WsQBYWhJ2MyPkqZubLbk72 QJQLAbz5SdkPN4T+4R+O44BZcm5DiJK6a+FrE9mT8wJ1+41dXMsfBDBnooy4ngVI eEKWD3fY/NZjLnt8twAZAQfQaCXe1sWXelVYBeGEGWAGcJvUZLSJH9Acz5b7Jy2z LL8nEq3XFGTq4vOPp3E7QVqPSuwnwnKVNDMoUb+xWc1yBop7kGxeWHIUQK3SjudB BZ+WhBbbtnzBPBgLfrYBgPtrAwcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSFjHxX 9JhGUjdCMR5vy45oSBMlzTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5OTY5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZxccMA0GCSqGSIb3DQEBCwUAA4IBAQAa7SGlqsMoV86XY7ieq+Se+1pI bSK/1KyA0VyOnLtcfrz8nxBR6VjRYUgfs9S4NbqArOns4MoCDT/D1t8Plxuign1q U7iXTUytnyUyDiar62PpF51xtd5C+ytz72cdVEkrMoZRBPfYe72VG4kbLCHVSYVi 568XLvjQ5OYVIMv8+HZSKRj2ayNRmQ0JB0Ic/2Lz68okXQuYOceJaG45Yby9F0Bp kcaYIQHghZL/L4NrxeGh2uy8+lL8mrz24Zk7TRTGJXo786F5K/BMqVZIIpLCnclA ykVWttoIMfBoNudXFn+DCLYB0CHXf/Ax//pASCoc5VsFHguvTTL9Uw+AIYi4 -----END CERTIFICATE-----Generated at Sun May 3 00:40:36 2026 by rpki-client