$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133789.roa File: AS133789.roa (raw, json) Hash identifier: F5WjdAnis54P8cpYOc7JNMuOLknzV8Ng+VfYUZXfhv4= Subject key identifier: 28:CC:2A:BC:5B:94:60:D3:9A:16:2B:2B:79:FA:21:DD:AD:E2:1F:43 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2E2196193928B8FFACBC3D0CF833896080FA2E52 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133789.roa Signing time: Wed 10 Sep 2025 09:00:08 +0000 ROA not before: Wed 10 Sep 2025 08:55:08 +0000 ROA not after: Wed 09 Sep 2026 09:00:08 +0000 asID: 133789 IP address blocks: 103.143.98.0/23 maxlen: 24 103.143.100.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:21:96:19:39:28:b8:ff:ac:bc:3d:0c:f8:33:89:60:80:fa:2e:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 10 08:55:08 2025 GMT Not After : Sep 9 09:00:08 2026 GMT Subject: CN=28CC2ABC5B9460D39A162B2B79FA21DDADE21F43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:30:f6:3f:26:30:6c:a4:de:df:80:29:16:69: 05:4e:9c:4d:cf:6d:9e:7d:49:79:5e:fe:28:ed:f7: 4d:6f:e8:f1:c7:bf:62:18:7c:fd:37:f0:60:8d:aa: 84:3d:53:4f:d3:fc:91:18:24:69:44:49:f8:86:16: ff:02:fd:fa:3e:b2:76:3e:93:bd:71:09:d5:5b:a1: 1d:49:ed:83:ed:40:15:0b:70:a5:a6:4f:b9:5e:0f: ee:07:0a:6e:21:4d:88:82:58:d3:5d:b2:48:4a:23: 55:90:cc:73:f2:6c:b2:98:ae:d7:32:ca:7b:59:b2: 97:e0:f1:48:c3:b9:b4:84:49:c0:1f:e3:e5:c6:29: 46:b8:0a:70:1b:53:eb:7a:65:78:54:06:b1:c5:5f: c2:c8:9f:9e:6c:4a:91:e1:7c:b0:77:86:89:83:ce: 06:d0:23:d5:2a:96:0e:08:f7:80:f1:13:4e:7d:c6: da:a2:04:d9:76:14:66:03:e8:91:05:7b:af:bd:1f: ce:6e:68:8c:46:d0:43:c0:81:e9:77:d7:60:44:01: 2f:c3:f0:dd:68:db:49:1e:e1:39:c6:43:0e:ef:61: b6:93:5f:fe:99:86:10:b8:db:3b:cb:51:03:60:ed: 3c:4c:b8:c6:13:c7:14:6c:8d:1f:d9:1e:6c:6b:d8: 84:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:CC:2A:BC:5B:94:60:D3:9A:16:2B:2B:79:FA:21:DD:AD:E2:1F:43 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133789.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.143.98.0-103.143.101.255 Signature Algorithm: sha256WithRSAEncryption 84:4d:d8:1f:2f:ad:c1:a2:06:f2:5b:bb:85:ef:4f:22:b4:a5: 8d:e1:3f:d1:e0:52:d8:d4:e3:25:9d:71:f1:a5:41:7b:7f:be: c7:f1:c3:e2:10:b2:2a:f5:64:40:4a:a0:51:3c:7b:2f:c6:18: a9:42:6d:ec:38:34:85:f9:db:f0:ef:75:73:52:05:13:42:5b: ec:cd:b3:f2:c8:19:8b:1d:bc:89:b5:d0:97:b3:09:4b:a6:50: f8:d2:06:91:a1:40:e9:e2:0a:0d:07:b2:cc:4f:b0:c9:e7:53: 27:41:9b:ff:69:90:08:bc:57:ec:0a:b6:69:bf:28:79:77:47: 70:ff:90:b7:f6:2b:ff:55:3a:17:69:84:9e:2d:33:5b:b4:ca: da:55:54:c6:5b:78:73:56:92:60:e8:13:03:59:00:d0:14:9a: 56:2b:4d:42:97:49:2a:de:91:83:e0:47:29:0e:4d:83:07:e0: e4:d1:29:10:69:ff:9d:7b:c4:2b:68:e6:1b:25:2f:20:b1:07: 9f:38:b7:63:6d:bb:77:e5:84:51:24:df:27:da:fe:ea:d5:b6: a8:61:18:18:4a:80:a9:70:9a:d4:1f:05:49:2a:8f:63:7f:2c: b4:ed:0e:69:91:d8:91:3a:79:99:a6:87:c1:e9:f6:48:f6:4b: 7b:81:47:ab -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIULiGWGTkouP+svD0M+DOJYID6LlIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxMDA4NTUwOFoX DTI2MDkwOTA5MDAwOFowMzExMC8GA1UEAxMoMjhDQzJBQkM1Qjk0NjBEMzlBMTYy QjJCNzlGQTIxRERBREUyMUY0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAw9j8mMGyk3t+AKRZpBU6cTc9tnn1JeV7+KO33TW/o8ce/Yhh8/TfwYI2q hD1TT9P8kRgkaURJ+IYW/wL9+j6ydj6TvXEJ1VuhHUntg+1AFQtwpaZPuV4P7gcK biFNiIJY012ySEojVZDMc/Jsspiu1zLKe1myl+DxSMO5tIRJwB/j5cYpRrgKcBtT 63pleFQGscVfwsifnmxKkeF8sHeGiYPOBtAj1SqWDgj3gPETTn3G2qIE2XYUZgPo kQV7r70fzm5ojEbQQ8CB6XfXYEQBL8Pw3WjbSR7hOcZDDu9htpNf/pmGELjbO8tR A2DtPEy4xhPHFGyNH9kebGvYhCkCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBQozCq8 W5Rg05oWKyt5+iHdreIfQzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzc4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYw FAQCAAEwDjAMAwQBZ49iAwQBZ49kMA0GCSqGSIb3DQEBCwUAA4IBAQCETdgfL63B ogbyW7uF708itKWN4T/R4FLY1OMlnXHxpUF7f77H8cPiELIq9WRASqBRPHsvxhip Qm3sODSF+dvw73VzUgUTQlvszbPyyBmLHbyJtdCXswlLplD40gaRoUDp4goNB7LM T7DJ51MnQZv/aZAIvFfsCrZpvyh5d0dw/5C39iv/VToXaYSeLTNbtMraVVTGW3hz VpJg6BMDWQDQFJpWK01Cl0kq3pGD4EcpDk2DB+Dk0SkQaf+de8QraOYbJS8gsQef OLdjbbt35YRRJN8n2v7q1baoYRgYSoCpcJrUHwVJKo9jfyy07Q5pkdiROnmZpofB 6fZI9kt7gUer -----END CERTIFICATE-----Generated at Mon Oct 20 03:03:51 2025 by rpki-client