$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa File: AS136121.roa (raw, json) Hash identifier: 7VOm/cOUo80W/6ySWyIamnJdahPPnZIPsX4FuBxUJ9c= Subject key identifier: D5:9A:F8:E8:FF:77:DF:25:DA:E6:62:7E:54:12:34:3B:82:C9:A3:53 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 77C5556906FFEA65AEF0CB01708E9DB9D4A0E0F1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa Signing time: Thu 07 May 2026 09:14:07 +0000 ROA not before: Thu 07 May 2026 09:09:07 +0000 ROA not after: Thu 06 May 2027 09:14:07 +0000 asID: 136121 IP address blocks: 103.154.230.0/23 maxlen: 23 103.158.210.0/24 maxlen: 24 202.154.18.0/23 maxlen: 23 2406:5dc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:c5:55:69:06:ff:ea:65:ae:f0:cb:01:70:8e:9d:b9:d4:a0:e0:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 7 09:09:07 2026 GMT Not After : May 6 09:14:07 2027 GMT Subject: CN=D59AF8E8FF77DF25DAE6627E5412343B82C9A353 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:71:04:4d:4c:83:3c:26:4b:f3:d2:3a:f6:69: 01:25:e2:36:4e:d3:cd:4c:08:b5:d5:89:6f:3f:0f: 56:07:11:89:6c:08:71:a4:0d:ca:48:8f:28:59:7b: a3:ce:53:47:aa:6e:2b:68:2d:bc:7a:0e:7c:d6:27: 21:b7:af:68:04:68:ff:9a:41:71:e9:14:9f:ec:91: d3:b1:3e:a9:dc:d4:86:1f:65:f2:57:be:62:8a:41: 21:87:25:66:c5:16:50:0f:da:9d:d9:5b:4c:a1:4e: 03:66:46:4e:78:61:f4:6f:fb:4a:33:f3:ee:ef:34: f0:26:79:bd:f2:0c:7b:e7:8b:8f:40:6e:19:f3:89: 40:68:03:fa:0d:20:12:fd:c3:0f:1e:9f:b9:ef:e1: df:5d:41:d4:e2:bb:1b:b5:3c:c1:5e:71:e8:76:44: 82:56:4e:17:58:e5:c5:49:3c:6c:f6:64:43:bd:c3: df:f7:90:b5:6d:ac:15:20:48:2c:83:ea:71:ae:36: 6a:ba:76:2f:3e:40:b9:70:29:8e:43:80:79:d0:9f: 1c:cc:7b:bf:4f:b5:4a:99:e3:81:08:ae:6b:33:52: 33:75:7c:c5:a0:47:17:db:8d:cc:80:fe:4a:19:67: 56:30:d7:f5:82:0f:5e:74:d3:21:31:13:3b:5a:4d: 2c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:9A:F8:E8:FF:77:DF:25:DA:E6:62:7E:54:12:34:3B:82:C9:A3:53 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136121.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.154.230.0/23 103.158.210.0/24 202.154.18.0/23 IPv6: 2406:5dc0::/32 Signature Algorithm: sha256WithRSAEncryption 94:58:5f:f1:9e:77:ad:ba:eb:c9:9e:78:a6:00:ab:81:b7:51: 41:76:3a:10:da:0a:a5:74:5c:a6:03:b8:7c:8e:e3:2a:88:a2: 81:69:24:fb:16:1d:9b:43:96:ac:c2:c1:65:80:5b:97:be:3e: a3:c1:39:5b:df:bd:25:35:08:be:77:57:3d:87:e8:33:bc:9d: 16:b1:8f:54:2c:07:ae:39:3c:9d:61:36:75:ef:f4:24:d6:0c: fc:2c:9f:07:61:2d:4e:65:27:11:74:06:dc:61:85:b7:3b:f8: 69:ec:45:1c:d9:a1:04:53:57:03:f7:55:19:51:aa:d4:c2:cd: f8:98:d2:a6:e2:6c:88:64:26:af:a2:cc:18:f5:35:80:a7:de: ab:b5:f0:08:ca:6f:7a:01:2c:d7:5c:20:c5:2c:c5:1c:aa:fc: 2e:b6:b8:b2:f0:7a:48:b8:05:30:8f:13:fe:0d:66:4b:bf:fc: 45:ed:f1:d8:6c:02:1e:69:ba:20:c3:7f:c3:b1:0e:a5:0e:d8: be:c2:ff:97:99:ed:53:d2:68:c3:b6:3b:a9:89:c9:9b:43:aa: 71:5b:a1:67:b9:d5:0e:df:81:12:12:82:f3:67:4e:97:14:2e: 8a:c0:df:59:5e:6e:e7:02:24:e4:c2:19:a0:dc:49:70:c0:54: e3:c2:f2:d9 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUd8VVaQb/6mWu8MsBcI6dudSg4PEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNzA5MDkwN1oX DTI3MDUwNjA5MTQwN1owMzExMC8GA1UEAxMoRDU5QUY4RThGRjc3REYyNURBRTY2 MjdFNTQxMjM0M0I4MkM5QTM1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJxBE1MgzwmS/PSOvZpASXiNk7TzUwItdWJbz8PVgcRiWwIcaQNykiPKFl7 o85TR6puK2gtvHoOfNYnIbevaARo/5pBcekUn+yR07E+qdzUhh9l8le+YopBIYcl ZsUWUA/andlbTKFOA2ZGTnhh9G/7SjPz7u808CZ5vfIMe+eLj0BuGfOJQGgD+g0g Ev3DDx6fue/h311B1OK7G7U8wV5x6HZEglZOF1jlxUk8bPZkQ73D3/eQtW2sFSBI LIPqca42arp2Lz5AuXApjkOAedCfHMx7v0+1SpnjgQiuazNSM3V8xaBHF9uNzID+ ShlnVjDX9YIPXnTTITETO1pNLO0CAwEAAaOCAecwggHjMB0GA1UdDgQWBBTVmvjo /3ffJdrmYn5UEjQ7gsmjUzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2MTIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIA ATASAwQBZ5rmAwQAZ57SAwQBypoSMA0EAgACMAcDBQAkBl3AMA0GCSqGSIb3DQEB CwUAA4IBAQCUWF/xnnetuuvJnnimAKuBt1FBdjoQ2gqldFymA7h8juMqiKKBaST7 Fh2bQ5aswsFlgFuXvj6jwTlb370lNQi+d1c9h+gzvJ0WsY9ULAeuOTydYTZ17/Qk 1gz8LJ8HYS1OZScRdAbcYYW3O/hp7EUc2aEEU1cD91UZUarUws34mNKm4myIZCav oswY9TWAp96rtfAIym96ASzXXCDFLMUcqvwutriy8HpIuAUwjxP+DWZLv/xF7fHY bAIeabogw3/DsQ6lDti+wv+Xme1T0mjDtjupicmbQ6pxW6FnudUO34ESEoLzZ06X FC6KwN9ZXm7nAiTkwhmg3ElwwFTjwvLZ -----END CERTIFICATE-----Generated at Tue May 12 22:43:16 2026 by rpki-client