$ rpki-client -vvf rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS139994.roa File: AS139994.roa (raw, json) Hash identifier: yvMW+tHCsBkuY1gG/yGlJ6JOSC3lCz//Xfli/4HGudE= Subject key identifier: BF:C8:A3:37:29:0E:18:E2:D5:97:CA:D9:66:FD:EA:58:37:26:BD:94 Certificate issuer: /CN=8076C56477B8FD54606E8F7BB95C1BCD953296A6 Certificate serial: 11DAE006E87E5413D28E92CF1F555E099F1710A9 Authority key identifier: 80:76:C5:64:77:B8:FD:54:60:6E:8F:7B:B9:5C:1B:CD:95:32:96:A6 Authority info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS139994.roa Signing time: Sun 03 May 2026 02:31:46 +0000 ROA not before: Sun 03 May 2026 02:26:46 +0000 ROA not after: Sun 02 May 2027 02:31:46 +0000 asID: 139994 IP address blocks: 103.3.220.0/22 maxlen: 22 103.3.220.0/24 maxlen: 24 103.3.221.0/24 maxlen: 24 103.3.222.0/24 maxlen: 24 2400:9800:6011::/48 maxlen: 48 2400:9800:6012::/48 maxlen: 48 2400:9800:6013::/48 maxlen: 48 2400:9800:6014::/48 maxlen: 48 2400:9800:6015::/48 maxlen: 48 2400:9800:6026::/48 maxlen: 48 2400:9800:6027::/48 maxlen: 48 2400:9800:6030::/47 maxlen: 47 2400:9800:6032::/47 maxlen: 47 2400:9800:6034::/47 maxlen: 47 2400:9800:6036::/47 maxlen: 47 2400:9800:6040::/47 maxlen: 47 2400:9800:6042::/47 maxlen: 47 2400:9800:6050::/47 maxlen: 47 2400:9800:6052::/47 maxlen: 47 2400:9800:6060::/48 maxlen: 48 2400:9800:6061::/48 maxlen: 48 2400:9800:6065::/48 maxlen: 48 2400:9800:6066::/48 maxlen: 48 2400:9800:6070::/48 maxlen: 48 2400:9800:6073::/48 maxlen: 48 2400:9800:6074::/48 maxlen: 48 2400:9800:6077::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.crl rsync://rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.mft rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.cer rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:da:e0:06:e8:7e:54:13:d2:8e:92:cf:1f:55:5e:09:9f:17:10:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8076C56477B8FD54606E8F7BB95C1BCD953296A6 Validity Not Before: May 3 02:26:46 2026 GMT Not After : May 2 02:31:46 2027 GMT Subject: CN=BFC8A337290E18E2D597CAD966FDEA583726BD94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:41:c2:2e:6a:90:78:86:18:f8:7a:6f:a2:c8: b9:89:0a:87:56:47:f4:c3:8e:6d:80:ed:3a:47:7f: 3f:3b:f2:e9:3a:ea:f8:f3:b6:93:c3:b3:67:be:aa: 6c:a5:b3:8b:8d:b6:10:12:cb:95:07:1d:71:36:17: ea:77:02:f0:bd:6f:b0:78:2f:53:72:3d:c8:e2:b4: f1:17:ef:52:db:de:f9:ae:82:84:bb:91:0a:ef:ac: c1:b3:65:28:8b:55:64:c7:8a:76:af:8e:09:f3:d2: 83:25:eb:e1:3d:86:a1:0d:06:9f:b0:6f:46:ba:49: 17:98:84:ff:76:fc:0f:34:f0:32:cb:ac:0a:3e:05: 5c:6e:d7:f9:90:2e:64:e3:90:1d:36:88:2e:d4:62: 47:9f:00:e9:5c:51:c3:59:ba:c5:a5:7d:3e:82:b5: 8d:d4:26:7c:bc:b2:df:67:82:b0:e4:4e:80:be:91: c2:ce:b0:8d:f9:b3:8d:00:07:53:73:5a:84:7d:7c: d0:71:d8:c2:81:a4:4a:4e:60:64:e0:bd:d3:ad:63: e7:41:d6:75:3a:ec:fa:d2:52:b1:a4:d6:cf:89:70: 44:f1:48:36:34:eb:42:3f:a0:6b:ff:22:10:66:ea: a6:5a:e8:48:eb:3c:65:d9:80:73:18:e4:f8:a5:e5: ca:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:C8:A3:37:29:0E:18:E2:D5:97:CA:D9:66:FD:EA:58:37:26:BD:94 X509v3 Authority Key Identifier: keyid:80:76:C5:64:77:B8:FD:54:60:6E:8F:7B:B9:5C:1B:CD:95:32:96:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/8076C56477B8FD54606E8F7BB95C1BCD953296A6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS139994.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.220.0/22 IPv6: 2400:9800:6011::-2400:9800:6015:ffff:ffff:ffff:ffff:ffff 2400:9800:6026::/47 2400:9800:6030::/45 2400:9800:6040::/46 2400:9800:6050::/46 2400:9800:6060::/47 2400:9800:6065::-2400:9800:6066:ffff:ffff:ffff:ffff:ffff 2400:9800:6070::/48 2400:9800:6073::-2400:9800:6074:ffff:ffff:ffff:ffff:ffff 2400:9800:6077::/48 Signature Algorithm: sha256WithRSAEncryption 2c:74:66:9a:f7:66:82:a5:c7:dd:be:52:af:e1:0b:e1:50:47: b3:6a:23:e5:cb:8b:5f:4a:66:a3:2e:21:bc:8c:f7:bc:4e:7e: a1:39:98:35:8d:e3:92:15:d3:72:e0:18:9f:80:95:65:7d:70: 12:2d:18:fb:ea:cb:f2:31:94:45:4c:40:5a:f0:e3:e7:6e:42: 00:fb:f4:96:76:b0:0b:77:22:27:93:0e:46:52:e7:e9:14:0e: 07:6f:54:69:20:39:42:b6:9d:6e:08:24:fe:10:a8:c4:f4:b1: af:a2:bc:93:38:c7:60:4f:54:04:99:a4:05:21:a9:9d:93:b7: 96:73:c0:e4:16:b8:09:17:21:bf:5d:60:1e:02:b0:c3:46:46: f4:9e:af:e9:f7:51:72:74:90:cd:6d:5a:77:fb:0d:23:a2:ec: 40:f5:e9:af:58:0e:28:31:3c:57:17:58:3c:e4:1e:8c:66:72: 89:80:e4:65:20:2b:04:95:7b:39:b9:d4:c1:f7:93:22:11:32: c4:98:ac:38:2f:8b:58:98:d2:14:a1:ff:0a:b3:81:57:02:9f: c2:09:76:f0:f7:9c:f5:78:b8:00:08:de:73:13:d6:b8:81:18: 5d:f4:6f:62:a1:3e:b2:5a:df:de:e4:95:01:ad:00:dd:2d:06: 25:5e:20:70 -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIUEdrgBuh+VBPSjpLPH1VeCZ8XEKkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODA3NkM1NjQ3N0I4RkQ1NDYwNkU4RjdCQjk1QzFCQ0Q5 NTMyOTZBNjAeFw0yNjA1MDMwMjI2NDZaFw0yNzA1MDIwMjMxNDZaMDMxMTAvBgNV BAMTKEJGQzhBMzM3MjkwRTE4RTJENTk3Q0FEOTY2RkRFQTU4MzcyNkJEOTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QcIuapB4hhj4em+iyLmJCodW R/TDjm2A7TpHfz878uk66vjztpPDs2e+qmyls4uNthASy5UHHXE2F+p3AvC9b7B4 L1NyPcjitPEX71Lb3vmugoS7kQrvrMGzZSiLVWTHinavjgnz0oMl6+E9hqENBp+w b0a6SReYhP92/A808DLLrAo+BVxu1/mQLmTjkB02iC7UYkefAOlcUcNZusWlfT6C tY3UJny8st9ngrDkToC+kcLOsI35s40AB1NzWoR9fNBx2MKBpEpOYGTgvdOtY+dB 1nU67PrSUrGk1s+JcETxSDY060I/oGv/IhBm6qZa6EjrPGXZgHMY5Pil5crtAgMB AAGjggKGMIICgjAdBgNVHQ4EFgQUv8ijNykOGOLVl8rZZv3qWDcmvZQwHwYDVR0j BBgwFoAUgHbFZHe4/VRgbo97uVwbzZUylqYwDgYDVR0PAQH/BAQDAgeAMIGGBgNV HR8EfzB9MHugeaB3hnVyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8v NGJkYjFlMGEtYTRlYy00OWRiLWJlODktOGQ3ZTdmYzJjMjI3LzEvODA3NkM1NjQ3 N0I4RkQ1NDYwNkU4RjdCQjk1QzFCQ0Q5NTMyOTZBNi5jcmwwcgYIKwYBBQUHAQEE ZjBkMGIGCCsGAQUFBzAChlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3Jl cG8vSUROSUMvMS84MDc2QzU2NDc3QjhGRDU0NjA2RThGN0JCOTVDMUJDRDk1MzI5 NkE2LmNlcjBxBggrBgEFBQcBCwRlMGMwYQYIKwYBBQUHMAuGVXJzeW5jOi8vcnBr aS1yc3luYy5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMS9BUzEzOTk5NC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF BQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwDAQCAAEwBgMEAmcD3DCBgQQCAAIw ezASAwcAJACYAGARAwcBJACYAGAUAwcBJACYAGAmAwcDJACYAGAwAwcCJACYAGBA AwcCJACYAGBQAwcBJACYAGBgMBIDBwAkAJgAYGUDBwAkAJgAYGYDBwAkAJgAYHAw EgMHACQAmABgcwMHACQAmABgdAMHACQAmABgdzANBgkqhkiG9w0BAQsFAAOCAQEA LHRmmvdmgqXH3b5Sr+EL4VBHs2oj5cuLX0pmoy4hvIz3vE5+oTmYNY3jkhXTcuAY n4CVZX1wEi0Y++rL8jGURUxAWvDj525CAPv0lnawC3ciJ5MORlLn6RQOB29UaSA5 Qradbggk/hCoxPSxr6K8kzjHYE9UBJmkBSGpnZO3lnPA5Ba4CRchv11gHgKww0ZG 9J6v6fdRcnSQzW1ad/sNI6LsQPXpr1gOKDE8VxdYPOQejGZyiYDkZSArBJV7ObnU wfeTIhEyxJisOC+LWJjSFKH/CrOBVwKfwgl28Pec9Xi4AAjecxPWuIEYXfRvYqE+ slrf3uSVAa0A3S0GJV4gcA== -----END CERTIFICATE-----Generated at Wed May 13 00:32:34 2026 by rpki-client