$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS139955.roa File: AS139955.roa (raw, json) Hash identifier: 78MnAcShrHLl1yrvEBYhCTsUjb10HB91aA5aODzP+AI= Subject key identifier: FC:1B:28:DD:9D:FF:72:66:BA:C7:A7:3B:8F:7D:DD:9B:63:8B:CE:34 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 378868B70A4B7B47580C6A2B250415A01B3A86B2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139955.roa Signing time: Sun 03 May 2026 08:11:24 +0000 ROA not before: Sun 03 May 2026 08:06:24 +0000 ROA not after: Sun 02 May 2027 08:11:24 +0000 asID: 139955 IP address blocks: 103.53.28.0/24 maxlen: 24 103.53.29.0/24 maxlen: 24 103.147.84.0/23 maxlen: 23 103.147.84.0/23 maxlen: 24 2405:b340::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:88:68:b7:0a:4b:7b:47:58:0c:6a:2b:25:04:15:a0:1b:3a:86:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 08:06:24 2026 GMT Not After : May 2 08:11:24 2027 GMT Subject: CN=FC1B28DD9DFF7266BAC7A73B8F7DDD9B638BCE34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:7b:42:44:5b:5a:b6:13:ee:4a:ec:54:6f:95: d9:67:a1:44:57:0b:1f:e5:dc:b3:61:0b:f4:44:a5: 7a:5e:cd:49:bf:99:8e:70:36:5a:71:e0:3a:ca:e3: ae:40:33:5f:8b:d0:ee:38:14:88:c8:98:15:3f:22: 4d:63:23:33:dc:4f:ad:4b:51:fa:b8:3a:4d:48:43: 3e:63:c1:6f:7a:29:7f:c9:a2:1c:d8:5f:dc:8f:fa: 23:da:88:98:ee:ad:ba:9d:18:cb:15:f8:41:ee:b3: 67:df:6b:a9:c8:23:24:ea:9d:0a:90:f3:ff:60:41: 57:b6:3c:f6:43:7c:a3:86:fa:46:79:ad:06:21:49: f7:18:d5:29:30:eb:e0:bc:ca:da:43:52:e3:cf:dc: be:43:00:ab:cd:bc:e2:c9:fb:07:7d:35:63:6c:cd: d1:37:03:fb:65:2f:8f:6a:c8:1e:51:2e:04:1d:6d: 6d:8b:91:1e:7e:98:da:d3:5b:ff:c6:78:5f:af:ce: 39:3e:bd:35:4b:ec:4e:85:01:2f:99:a1:35:40:41: 00:da:28:90:3a:6a:9f:9b:a6:70:2f:b1:1d:f8:5e: 21:c9:b6:b5:6a:36:8a:e8:bd:88:d6:2f:9b:76:65: a9:fe:4a:13:25:8f:a2:89:46:bc:05:a3:37:d4:4a: a2:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:1B:28:DD:9D:FF:72:66:BA:C7:A7:3B:8F:7D:DD:9B:63:8B:CE:34 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS139955.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.53.28.0/23 103.147.84.0/23 IPv6: 2405:b340::/32 Signature Algorithm: sha256WithRSAEncryption 60:b3:34:c1:2b:47:61:01:86:b6:23:cc:f1:8d:86:71:cb:71: 76:f5:ea:b6:71:45:b0:8a:06:a0:6e:af:6d:33:9e:5e:bd:20: 05:ca:3b:71:44:24:0a:f9:dd:94:c5:23:f5:84:ac:8d:72:48: 29:45:f2:16:7b:a0:c5:c7:78:2b:8d:ab:ce:90:52:81:b6:f9: 46:1b:15:27:8b:8a:7e:89:77:c2:58:a5:61:52:27:37:6a:2c: bd:f7:68:f1:95:50:73:13:da:5e:5e:2e:63:8b:84:5b:c5:37: b6:1f:57:df:e9:a8:38:08:0f:54:32:75:27:c2:fb:14:ad:46: 23:dc:3c:5e:00:47:46:97:70:9a:4c:89:07:c6:d1:c0:da:a2: 28:0d:27:9a:72:d7:69:b6:4a:8e:5e:75:dd:29:ed:89:8a:be: 43:33:ce:59:a0:37:45:7c:64:5b:47:fc:72:10:4f:55:25:25: 1a:28:23:e9:67:18:5c:cb:48:3d:35:1b:52:ff:5a:26:19:10: 68:b5:89:42:79:eb:f8:5c:9b:90:a4:69:2c:5e:fb:c5:e4:40: e6:90:6b:5a:72:47:28:f1:59:10:7f:d0:51:19:f6:a1:98:2a: 79:93:05:be:17:b3:2b:b3:63:3d:c0:ba:b7:c3:2a:c3:0b:46: 07:06:3e:4d -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUN4hotwpLe0dYDGorJQQVoBs6hrIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA4MDYyNFoX DTI3MDUwMjA4MTEyNFowMzExMC8GA1UEAxMoRkMxQjI4REQ5REZGNzI2NkJBQzdB NzNCOEY3REREOUI2MzhCQ0UzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJp7QkRbWrYT7krsVG+V2WehRFcLH+Xcs2EL9ESlel7NSb+ZjnA2WnHgOsrj rkAzX4vQ7jgUiMiYFT8iTWMjM9xPrUtR+rg6TUhDPmPBb3opf8miHNhf3I/6I9qI mO6tup0YyxX4Qe6zZ99rqcgjJOqdCpDz/2BBV7Y89kN8o4b6RnmtBiFJ9xjVKTDr 4LzK2kNS48/cvkMAq8284sn7B301Y2zN0TcD+2Uvj2rIHlEuBB1tbYuRHn6Y2tNb /8Z4X6/OOT69NUvsToUBL5mhNUBBANookDpqn5umcC+xHfheIcm2tWo2iui9iNYv m3Zlqf5KEyWPoolGvAWjN9RKojUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBT8Gyjd nf9yZrrHpzuPfd2bY4vONDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM5OTU1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIA ATAMAwQBZzUcAwQBZ5NUMA0EAgACMAcDBQAkBbNAMA0GCSqGSIb3DQEBCwUAA4IB AQBgszTBK0dhAYa2I8zxjYZxy3F29eq2cUWwigagbq9tM55evSAFyjtxRCQK+d2U xSP1hKyNckgpRfIWe6DFx3grjavOkFKBtvlGGxUni4p+iXfCWKVhUic3aiy992jx lVBzE9peXi5ji4RbxTe2H1ff6ag4CA9UMnUnwvsUrUYj3DxeAEdGl3CaTIkHxtHA 2qIoDSeactdptkqOXnXdKe2Jir5DM85ZoDdFfGRbR/xyEE9VJSUaKCPpZxhcy0g9 NRtS/1omGRBotYlCeev4XJuQpGksXvvF5EDmkGtackco8VkQf9BRGfahmCp5kwW+ F7Mrs2M9wLq3wyrDC0YHBj5N -----END CERTIFICATE-----Generated at Tue May 12 22:42:10 2026 by rpki-client