$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa File: AS141947.roa (raw, json) Hash identifier: juRkwyDa3uRf6eANPIjdI+jUbPaMMbpTM5d+ewbkcsY= Subject key identifier: 46:29:FE:12:EE:8D:24:72:38:5D:7A:C4:2F:C6:24:43:4F:9A:77:FE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0194D0C43C6FAE98EAC8BFD8640CD51552CF3023 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa Signing time: Wed 11 Mar 2026 04:00:00 +0000 ROA not before: Wed 11 Mar 2026 03:55:00 +0000 ROA not after: Wed 10 Mar 2027 04:00:00 +0000 asID: 141947 IP address blocks: 2001:df2:6c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:51:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:94:d0:c4:3c:6f:ae:98:ea:c8:bf:d8:64:0c:d5:15:52:cf:30:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 11 03:55:00 2026 GMT Not After : Mar 10 04:00:00 2027 GMT Subject: CN=4629FE12EE8D2472385D7AC42FC624434F9A77FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:de:28:c1:c3:0c:2c:cb:84:3f:d9:51:87:57: 68:e8:7d:f3:5b:a7:03:f9:fe:22:e7:a3:77:b3:c5: 39:28:71:75:d3:d2:9c:94:d0:9a:ab:32:58:ad:d9: c6:92:da:c7:3f:be:9b:94:be:0f:14:65:92:dd:33: 02:e1:bf:cc:29:41:c8:f4:ef:40:60:5b:2f:5c:3d: b3:e7:8a:cf:53:a5:31:65:f4:8a:1f:f2:78:31:c2: 07:ef:75:09:5c:e3:03:80:ce:68:f5:27:0f:48:b0: 61:95:74:6c:6a:9b:be:a7:ff:62:b2:bd:70:24:51: 78:34:5c:0e:79:ab:7d:4b:b7:14:ff:6a:ca:ee:f3: 08:72:dc:9a:ac:2a:3c:a8:a5:13:09:01:06:1e:e0: 4b:5e:bd:1e:65:55:dc:9f:68:a3:d6:a7:ef:ed:87: 54:e0:b4:56:1d:1d:80:50:68:07:3a:b0:4c:26:4e: 05:fc:72:e8:a0:27:6a:89:01:e3:55:8c:06:a0:db: 71:72:73:7d:2f:8a:fe:30:d4:5b:dc:72:ac:34:3f: 69:12:7e:50:e5:c0:d9:a9:72:e5:96:6a:26:49:85: 61:f9:a3:d7:ad:25:4e:c1:f3:c3:c4:5e:ca:bd:cd: 67:bd:ec:fd:22:aa:e8:2c:1d:79:e9:a2:e1:15:e3: c0:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:29:FE:12:EE:8D:24:72:38:5D:7A:C4:2F:C6:24:43:4F:9A:77:FE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df2:6c0::/48 Signature Algorithm: sha256WithRSAEncryption 8c:f6:a5:ea:bd:ac:67:f1:bd:92:fb:f6:7a:81:82:a0:17:89: e5:d2:9e:98:0b:8b:f5:7d:6f:ac:28:90:0c:dd:cc:30:aa:2f: 88:8d:43:bd:26:af:ec:16:41:9b:2a:ff:7a:ce:b0:ff:2b:52: 16:e9:a8:f2:a3:7c:ad:90:71:a3:a8:dd:65:71:2a:8a:7d:9b: 13:d8:99:47:75:b3:e8:52:cd:dd:57:4f:69:6f:0a:0b:da:f6: 48:5d:5c:7e:f6:a7:80:28:7b:7b:00:18:2f:02:c3:83:d2:78: 16:51:73:9d:bc:3f:91:ab:01:22:6a:23:dc:cf:69:c0:e6:8d: 81:78:32:4f:76:ea:b9:7f:63:c6:86:50:e8:ee:74:39:32:f4: 2c:81:0c:99:7e:ba:83:cb:b5:1d:34:e2:e5:44:24:87:db:17: 2f:63:1e:3c:22:59:fa:29:e9:9e:a1:d7:f4:69:90:f8:41:95: b1:52:d6:05:8b:be:59:9c:fe:55:b6:85:82:02:f6:d2:41:20: b1:d9:7e:06:ec:2d:69:e8:23:79:79:67:bc:b1:b8:a5:f7:4d: 91:d2:0b:b5:de:f6:57:0c:d2:04:59:86:24:d7:a7:bb:99:b7: c0:10:0f:0e:0f:f8:4a:a6:1c:12:2b:ce:5d:dd:4c:dc:51:06: 05:0a:4f:97 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUAZTQxDxvrpjqyL/YZAzVFVLPMCMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMxMTAzNTUwMFoX DTI3MDMxMDA0MDAwMFowMzExMC8GA1UEAxMoNDYyOUZFMTJFRThEMjQ3MjM4NUQ3 QUM0MkZDNjI0NDM0RjlBNzdGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN7eKMHDDCzLhD/ZUYdXaOh981unA/n+Iuejd7PFOShxddPSnJTQmqsyWK3Z xpLaxz++m5S+DxRlkt0zAuG/zClByPTvQGBbL1w9s+eKz1OlMWX0ih/yeDHCB+91 CVzjA4DOaPUnD0iwYZV0bGqbvqf/YrK9cCRReDRcDnmrfUu3FP9qyu7zCHLcmqwq PKilEwkBBh7gS169HmVV3J9oo9an7+2HVOC0Vh0dgFBoBzqwTCZOBfxy6KAnaokB 41WMBqDbcXJzfS+K/jDUW9xyrDQ/aRJ+UOXA2aly5ZZqJkmFYfmj160lTsHzw8Re yr3NZ73s/SKq6Cwdeemi4RXjwA8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRGKf4S 7o0kcjhdesQvxiRDT5p3/jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTk0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfIGwDANBgkqhkiG9w0BAQsFAAOCAQEAjPal6r2sZ/G9kvv2 eoGCoBeJ5dKemAuL9X1vrCiQDN3MMKoviI1DvSav7BZBmyr/es6w/ytSFumo8qN8 rZBxo6jdZXEqin2bE9iZR3Wz6FLN3VdPaW8KC9r2SF1cfvangCh7ewAYLwLDg9J4 FlFznbw/kasBImoj3M9pwOaNgXgyT3bquX9jxoZQ6O50OTL0LIEMmX66g8u1HTTi 5UQkh9sXL2MePCJZ+inpnqHX9GmQ+EGVsVLWBYu+WZz+VbaFggL20kEgsdl+Buwt aegjeXlnvLG4pfdNkdILtd72VwzSBFmGJNenu5m3wBAPDg/4SqYcEivOXd1M3FEG BQpPlw== -----END CERTIFICATE-----Generated at Thu Mar 26 07:11:00 2026 by rpki-client