$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS136868.roa File: AS136868.roa (raw, json) Hash identifier: MOVm01atNeLLVs4va6g09omjgn1tfC3+lCyIkRUEl2A= Subject key identifier: C8:DE:C8:B0:13:B8:DC:11:B9:B5:1C:90:C7:CE:14:A9:CA:EA:CF:95 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2336F50129A7D86F773547CA36FBF1D3607CAB7A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136868.roa Signing time: Sun 03 May 2026 04:30:27 +0000 ROA not before: Sun 03 May 2026 04:25:27 +0000 ROA not after: Sun 02 May 2027 04:30:27 +0000 asID: 136868 IP address blocks: 103.105.98.0/24 maxlen: 24 103.105.99.0/24 maxlen: 24 103.133.20.0/24 maxlen: 24 103.133.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:36:f5:01:29:a7:d8:6f:77:35:47:ca:36:fb:f1:d3:60:7c:ab:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 04:25:27 2026 GMT Not After : May 2 04:30:27 2027 GMT Subject: CN=C8DEC8B013B8DC11B9B51C90C7CE14A9CAEACF95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:bb:77:9a:98:9b:3b:d1:38:0c:0f:9f:19:19: b2:3d:32:2f:5e:ea:ae:95:2d:95:4e:64:fd:b8:a2: 44:d3:1c:a0:57:44:7f:22:ac:a4:a3:ef:25:33:8c: 8b:87:13:dc:89:b2:65:38:3e:10:8d:83:4d:18:81: 2a:28:90:a7:a9:17:c0:4c:cd:c4:2b:02:52:0a:52: d4:24:7f:aa:93:5e:71:6d:71:54:04:06:d2:b6:43: bf:bd:38:8d:68:8e:d1:fa:bd:81:a4:ef:c4:a3:f6: 7e:f0:af:23:ac:5b:5d:2d:0e:82:cc:a9:3c:27:48: 70:1f:38:8f:19:b4:40:61:cf:63:e7:d5:26:64:c5: 8f:c9:84:a1:1a:26:ac:1c:88:d5:aa:84:35:ac:2b: a7:17:58:b4:d1:70:47:0b:d1:26:e0:cd:be:2b:e7: b6:72:11:15:82:78:3c:50:c5:e4:a3:aa:a3:98:65: cb:ba:71:02:56:5e:3f:11:2d:8a:28:23:60:6a:38: 44:59:4a:15:a6:1f:95:28:11:a5:e8:f3:ce:aa:a3: 7a:c7:08:77:57:88:ec:26:93:70:30:fd:cc:aa:d3: 8e:ff:53:86:89:85:bf:ec:ba:01:d3:88:4e:24:dc: 14:84:6f:f2:ca:4b:45:58:5c:25:70:91:a5:4c:06: 05:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:DE:C8:B0:13:B8:DC:11:B9:B5:1C:90:C7:CE:14:A9:CA:EA:CF:95 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS136868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.105.98.0/23 103.133.20.0/23 Signature Algorithm: sha256WithRSAEncryption 26:02:16:a7:d1:c6:39:5b:a7:65:54:4c:d3:6e:c1:f8:81:bc: 7c:09:21:27:56:ca:04:6d:ed:f2:3c:a2:9c:06:55:ab:a9:3a: 9e:78:ce:f9:12:6e:42:be:d7:d2:0f:56:ed:2b:bf:56:bb:18: a3:d4:e3:c4:b5:e4:a6:71:67:e0:c8:89:61:58:8d:c7:84:4f: 1b:47:ac:11:5a:b8:09:44:15:86:80:2a:70:ef:d7:e0:f4:5a: 23:4b:8a:3e:b8:77:e6:32:dc:78:47:e3:93:a7:49:12:90:d2: 07:a1:e8:c9:e1:12:81:43:d3:41:fe:e2:c2:aa:ad:f1:9a:a0: 71:df:30:af:de:62:73:b7:8b:88:3c:e3:4e:5d:63:7b:cb:f2: e6:52:a1:b2:f3:51:2b:f0:d2:10:c9:0c:5e:fd:77:23:77:2a: f6:8d:6a:61:6c:38:0e:ff:2e:82:87:79:4b:95:12:41:89:25: 64:0e:a2:ac:51:a0:1d:1c:47:f7:39:9c:51:96:d9:a5:21:46: 2f:9f:4e:aa:01:18:c0:5d:48:4d:09:88:3a:39:48:d3:a4:12: 7a:cb:59:0c:17:21:8c:d6:db:89:fb:f2:1e:0e:fa:84:94:28: 37:65:59:2e:15:4d:29:df:4a:5e:8e:bf:53:da:57:3d:62:6c: 53:aa:21:16 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUIzb1ASmn2G93NUfKNvvx02B8q3owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA0MjUyN1oX DTI3MDUwMjA0MzAyN1owMzExMC8GA1UEAxMoQzhERUM4QjAxM0I4REMxMUI5QjUx QzkwQzdDRTE0QTlDQUVBQ0Y5NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALK7d5qYmzvROAwPnxkZsj0yL17qrpUtlU5k/biiRNMcoFdEfyKspKPvJTOM i4cT3ImyZTg+EI2DTRiBKiiQp6kXwEzNxCsCUgpS1CR/qpNecW1xVAQG0rZDv704 jWiO0fq9gaTvxKP2fvCvI6xbXS0OgsypPCdIcB84jxm0QGHPY+fVJmTFj8mEoRom rByI1aqENawrpxdYtNFwRwvRJuDNvivntnIRFYJ4PFDF5KOqo5hly7pxAlZePxEt iigjYGo4RFlKFaYflSgRpejzzqqjescId1eI7CaTcDD9zKrTjv9ThomFv+y6AdOI TiTcFIRv8spLRVhcJXCRpUwGBc0CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBTI3siw E7jcEbm1HJDHzhSpyurPlTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM2ODY4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQBZ2liAwQBZ4UUMA0GCSqGSIb3DQEBCwUAA4IBAQAmAhan0cY5W6dlVEzT bsH4gbx8CSEnVsoEbe3yPKKcBlWrqTqeeM75Em5CvtfSD1btK79Wuxij1OPEteSm cWfgyIlhWI3HhE8bR6wRWrgJRBWGgCpw79fg9FojS4o+uHfmMtx4R+OTp0kSkNIH oejJ4RKBQ9NB/uLCqq3xmqBx3zCv3mJzt4uIPONOXWN7y/LmUqGy81Er8NIQyQxe /Xcjdyr2jWphbDgO/y6Ch3lLlRJBiSVkDqKsUaAdHEf3OZxRltmlIUYvn06qARjA XUhNCYg6OUjTpBJ6y1kMFyGM1tuJ+/IeDvqElCg3ZVkuFU0p30pejr9T2lc9YmxT qiEW -----END CERTIFICATE-----Generated at Tue May 12 22:57:04 2026 by rpki-client