$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS133822.roa File: AS133822.roa (raw, json) Hash identifier: ouRHVY3AvsUpB4PurNCkOLGPCxJtSXCLAUPUluewrxY= Subject key identifier: 09:66:A8:F9:38:27:DB:10:0C:90:35:4F:A1:5B:E0:EC:A8:27:36:5F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5FA606454A39299B72622836771A94621BAD2AF7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133822.roa Signing time: Wed 06 May 2026 06:50:33 +0000 ROA not before: Wed 06 May 2026 06:45:33 +0000 ROA not after: Wed 05 May 2027 06:50:33 +0000 asID: 133822 IP address blocks: 103.54.225.0/24 maxlen: 24 103.156.130.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:a6:06:45:4a:39:29:9b:72:62:28:36:77:1a:94:62:1b:ad:2a:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 6 06:45:33 2026 GMT Not After : May 5 06:50:33 2027 GMT Subject: CN=0966A8F93827DB100C90354FA15BE0ECA827365F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e2:0b:b7:b8:0d:4c:54:37:bd:bc:c6:1c:70: ba:7e:f0:54:22:49:6f:35:ed:51:86:8f:a6:d6:6b: c2:37:cf:0f:5e:5d:54:11:b6:95:d0:81:53:58:89: 77:a4:e3:b9:8b:c6:d6:79:1d:c5:1f:52:f5:ac:2b: 78:0d:08:0b:47:0e:da:fa:5f:be:36:83:fd:db:51: 98:ef:a4:c6:64:ef:59:99:b3:e9:7f:ff:bc:13:0b: 23:a1:2d:c3:c5:27:35:a3:b1:8a:c1:41:b1:a7:7f: 52:f4:c1:54:75:84:2b:5f:d5:ab:44:b6:7c:06:32: 00:00:16:85:e8:32:9b:34:3c:cd:e5:fd:ac:ed:f6: 01:2f:89:37:8c:e4:90:9b:f3:81:be:ed:a5:a6:b9: b2:b2:34:16:84:c3:cc:4f:ce:07:c3:a8:34:a3:a4: b2:12:40:c1:ce:3c:29:42:6a:4b:49:5b:93:10:ab: 80:3c:93:86:09:d5:87:99:b7:0c:e6:3f:fa:28:22: c2:e4:1b:b3:ba:cf:5e:d9:75:21:ae:ec:56:7f:ed: 89:60:99:66:83:db:d3:97:35:eb:22:8f:e5:af:8f: d7:8f:d8:0b:66:9c:ca:a2:bb:96:dc:bb:e2:97:9c: 2d:00:ed:cb:82:6b:8a:9c:73:ff:a2:40:8d:69:58: 10:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:66:A8:F9:38:27:DB:10:0C:90:35:4F:A1:5B:E0:EC:A8:27:36:5F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS133822.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.54.225.0/24 103.156.130.0/24 Signature Algorithm: sha256WithRSAEncryption 96:dd:9e:b8:af:15:ae:32:47:26:cc:75:e7:01:8c:30:33:62: f3:3a:84:3f:89:70:c0:cc:02:d5:4c:be:f7:b4:e6:b8:32:8b: 81:19:b5:a7:8b:d2:59:23:bb:ae:90:60:cb:74:88:fa:c3:4c: 59:a8:b1:f1:18:b9:70:e6:0a:1f:f4:1e:e7:85:25:57:07:7d: 54:03:18:55:c5:58:ba:60:e8:5b:6a:d1:2b:44:81:96:8e:05: 11:c0:a6:ad:1c:b4:f7:e9:44:6b:43:0e:38:42:c7:1d:50:7c: b9:07:9e:ef:f9:cc:79:11:a4:1d:a9:0b:35:ff:67:fc:f3:0c: 08:4e:ad:22:47:ac:8c:59:05:0e:ae:12:c6:04:e8:ba:0a:81: eb:29:fd:b1:7e:48:ad:aa:1b:9b:f5:1d:51:3b:7e:c3:81:c2: d5:86:ad:4f:80:a1:d7:f3:e4:74:9c:44:37:2c:95:46:58:1c: fb:4b:fa:d3:b3:7f:d0:13:5f:55:a5:aa:8e:bd:e6:2c:2d:e3: d1:fc:8b:33:82:b7:8c:f8:33:10:87:2c:3b:15:14:44:5a:c4: 68:66:da:c0:89:9c:75:3b:c1:5d:48:c2:32:a4:20:fd:5d:a5: d6:08:70:fd:4a:b4:56:38:98:8a:6d:4b:2a:e5:f0:9f:3e:24: 64:2e:d4:7f -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUX6YGRUo5KZtyYig2dxqUYhutKvcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNjA2NDUzM1oX DTI3MDUwNTA2NTAzM1owMzExMC8GA1UEAxMoMDk2NkE4RjkzODI3REIxMDBDOTAz NTRGQTE1QkUwRUNBODI3MzY1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALniC7e4DUxUN728xhxwun7wVCJJbzXtUYaPptZrwjfPD15dVBG2ldCBU1iJ d6TjuYvG1nkdxR9S9awreA0IC0cO2vpfvjaD/dtRmO+kxmTvWZmz6X//vBMLI6Et w8UnNaOxisFBsad/UvTBVHWEK1/Vq0S2fAYyAAAWhegymzQ8zeX9rO32AS+JN4zk kJvzgb7tpaa5srI0FoTDzE/OB8OoNKOkshJAwc48KUJqS0lbkxCrgDyThgnVh5m3 DOY/+igiwuQbs7rPXtl1Ia7sVn/tiWCZZoPb05c16yKP5a+P14/YC2acyqK7lty7 4pecLQDty4Jripxz/6JAjWlYEC0CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQJZqj5 OCfbEAyQNU+hW+DsqCc2XzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTMzODIyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAZzbhAwQAZ5yCMA0GCSqGSIb3DQEBCwUAA4IBAQCW3Z64rxWuMkcmzHXn AYwwM2LzOoQ/iXDAzALVTL73tOa4MouBGbWni9JZI7uukGDLdIj6w0xZqLHxGLlw 5gof9B7nhSVXB31UAxhVxVi6YOhbatErRIGWjgURwKatHLT36URrQw44QscdUHy5 B57v+cx5EaQdqQs1/2f88wwITq0iR6yMWQUOrhLGBOi6CoHrKf2xfkitqhub9R1R O37DgcLVhq1PgKHX8+R0nEQ3LJVGWBz7S/rTs3/QE19VpaqOveYsLePR/IszgreM +DMQhyw7FRREWsRoZtrAiZx1O8FdSMIypCD9XaXWCHD9SrRWOJiKbUsq5fCfPiRk LtR/ -----END CERTIFICATE-----Generated at Tue May 12 22:56:57 2026 by rpki-client