$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS23947.roa File: AS23947.roa (raw, json) Hash identifier: LrMf/tL5g1MnuQuP+c4IzhKiEnWh+jX2reAUDDqxF/g= Subject key identifier: B8:48:01:D4:9D:42:85:A9:EC:4C:71:F8:85:FF:59:5F:A1:4C:C9:0E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 404E77196E3C6C47E2EB46E10C24D60CC856FAC6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23947.roa Signing time: Sat 02 May 2026 21:02:48 +0000 ROA not before: Sat 02 May 2026 20:57:48 +0000 ROA not after: Sat 01 May 2027 21:02:48 +0000 asID: 23947 IP address blocks: 103.129.216.0/22 maxlen: 24 103.154.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:4e:77:19:6e:3c:6c:47:e2:eb:46:e1:0c:24:d6:0c:c8:56:fa:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 20:57:48 2026 GMT Not After : May 1 21:02:48 2027 GMT Subject: CN=B84801D49D4285A9EC4C71F885FF595FA14CC90E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e5:66:4e:2e:4e:59:26:33:4d:fa:2d:d1:56: c5:ec:97:d4:cf:03:f1:aa:a5:a3:9a:4d:87:86:a6: d0:62:6b:59:d0:cb:42:e3:75:b0:10:06:eb:9d:36: bd:f2:fe:62:ad:e5:50:1f:c0:44:5a:ee:ca:4b:39: cb:bc:22:6e:fd:b4:7c:d7:92:ad:3f:01:e1:9e:5c: 8d:eb:4f:22:ac:33:bd:51:ae:e5:55:a6:d0:ba:8a: 35:59:a4:2a:80:f8:0f:4b:e9:31:83:48:b2:67:97: 88:d6:c7:ff:02:f2:35:8f:85:2b:f7:c8:3e:96:26: a9:06:c9:28:89:89:94:5b:61:07:5f:ae:7f:d3:98: 73:66:0e:6d:de:cc:03:4d:9c:01:08:90:3c:93:6d: cb:3d:67:68:90:ce:fd:3a:b6:3e:a5:14:21:6a:73: ff:d3:ac:41:6d:67:0c:43:75:86:51:8b:9f:57:fd: 56:7f:43:b2:1c:68:c7:6c:cf:44:61:2a:e6:da:35: 7d:42:e6:96:84:f3:d5:e5:d7:a1:1d:5c:11:36:fd: c5:de:48:16:73:d6:9f:af:02:75:d2:a2:f4:f2:51: ec:c2:cf:80:7b:d6:4b:31:7a:ae:76:de:e6:87:ed: eb:15:9f:d5:6b:b7:4c:5c:29:19:36:ab:ad:8e:23: 0d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:48:01:D4:9D:42:85:A9:EC:4C:71:F8:85:FF:59:5F:A1:4C:C9:0E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS23947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.216.0/22 103.154.136.0/24 Signature Algorithm: sha256WithRSAEncryption 66:ad:e9:f5:84:2d:69:4e:f6:7c:ca:cc:f3:61:bd:7e:6f:6d: 64:6c:93:ea:db:89:08:7d:c4:e3:29:e5:de:77:cf:24:fb:8d: f8:96:57:a5:af:00:c0:83:29:cc:b1:0b:68:09:12:48:c1:cb: ce:50:da:66:6d:36:2a:5d:19:d4:24:15:3a:15:0d:f3:61:1d: 45:cf:4a:87:1f:40:50:1f:e1:ea:26:2e:c5:9a:27:54:1c:05: 22:ec:e1:7e:17:0a:38:73:c8:ff:b6:43:d0:62:6a:33:8f:13: 34:83:3a:a1:05:0d:b3:64:1e:b1:61:15:18:e0:c0:d8:59:5d: 7c:da:ff:ca:ba:30:94:07:16:94:c0:05:67:ac:d6:98:8f:27: 91:2d:b7:99:58:af:7c:92:45:55:88:13:3b:6c:a4:c4:ac:1e: 64:1a:57:33:5c:8c:e6:75:fe:9e:11:f9:e4:cd:3f:7c:2d:81: ba:aa:aa:0a:0f:13:7c:85:73:06:cf:0d:74:b7:cd:ba:ee:5a: 4c:c0:0b:72:c2:12:e3:09:b2:55:26:49:29:d9:58:5e:df:79: 67:d3:aa:03:c4:89:17:87:8f:1b:10:6a:b6:3b:64:f2:c8:32: eb:48:9c:b1:59:bf:69:9b:48:e7:34:d6:4d:80:cd:2b:ce:b1: ef:82:b6:21 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUQE53GW48bEfi60bhDCTWDMhW+sYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwNTc0OFoX DTI3MDUwMTIxMDI0OFowMzExMC8GA1UEAxMoQjg0ODAxRDQ5RDQyODVBOUVDNEM3 MUY4ODVGRjU5NUZBMTRDQzkwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMvlZk4uTlkmM036LdFWxeyX1M8D8aqlo5pNh4am0GJrWdDLQuN1sBAG6502 vfL+Yq3lUB/ARFruyks5y7wibv20fNeSrT8B4Z5cjetPIqwzvVGu5VWm0LqKNVmk KoD4D0vpMYNIsmeXiNbH/wLyNY+FK/fIPpYmqQbJKImJlFthB1+uf9OYc2YObd7M A02cAQiQPJNtyz1naJDO/Tq2PqUUIWpz/9OsQW1nDEN1hlGLn1f9Vn9Dshxox2zP RGEq5to1fULmloTz1eXXoR1cETb9xd5IFnPWn68CddKi9PJR7MLPgHvWSzF6rnbe 5oft6xWf1Wu3TFwpGTarrY4jDfcCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBS4SAHU nUKFqexMcfiF/1lfoUzJDjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMjM5NDcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgAB MAwDBAJngdgDBABnmogwDQYJKoZIhvcNAQELBQADggEBAGat6fWELWlO9nzKzPNh vX5vbWRsk+rbiQh9xOMp5d53zyT7jfiWV6WvAMCDKcyxC2gJEkjBy85Q2mZtNipd GdQkFToVDfNhHUXPSocfQFAf4eomLsWaJ1QcBSLs4X4XCjhzyP+2Q9BiajOPEzSD OqEFDbNkHrFhFRjgwNhZXXza/8q6MJQHFpTABWes1piPJ5Ett5lYr3ySRVWIEzts pMSsHmQaVzNcjOZ1/p4R+eTNP3wtgbqqqgoPE3yFcwbPDXS3zbruWkzAC3LCEuMJ slUmSSnZWF7feWfTqgPEiReHjxsQarY7ZPLIMutInLFZv2mbSOc01k2AzSvOse+C tiE= -----END CERTIFICATE-----Generated at Sun May 3 00:39:44 2026 by rpki-client