$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS140396.roa File: AS140396.roa (raw, json) Hash identifier: +sBn0ucy4oQUfclDFduUSis95ospob8Ue4/keLiQubU= Subject key identifier: 7D:0A:B8:28:00:AA:3C:11:32:7A:65:C6:ED:F4:D2:23:B6:FE:C3:5B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7B07963C8D3FD0737A06A0791E6E2FF93DC21A0F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140396.roa Signing time: Wed 06 May 2026 12:01:18 +0000 ROA not before: Wed 06 May 2026 11:56:18 +0000 ROA not after: Wed 05 May 2027 12:01:18 +0000 asID: 140396 IP address blocks: 103.150.174.0/23 maxlen: 24 103.162.130.0/23 maxlen: 24 2406:6c0::/32 maxlen: 32 2406:6c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:07:96:3c:8d:3f:d0:73:7a:06:a0:79:1e:6e:2f:f9:3d:c2:1a:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 6 11:56:18 2026 GMT Not After : May 5 12:01:18 2027 GMT Subject: CN=7D0AB82800AA3C11327A65C6EDF4D223B6FEC35B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e8:a6:8c:ce:d0:ad:2c:3c:a6:b3:51:c6:e2: 8e:1b:ab:5a:56:c3:b4:61:23:fa:04:a1:42:4e:bb: 84:13:4a:d6:3f:7a:08:c0:2d:72:2e:a6:4d:c1:4a: 1e:05:1c:d3:e7:26:75:d9:da:90:32:01:2b:fe:03: 18:75:09:9c:cb:f6:8a:10:0b:1a:0b:4c:03:38:08: fe:39:a0:f4:9e:b2:4a:61:0e:0b:f5:d2:52:61:e6: b2:4f:10:10:bc:a5:a7:dc:4a:7f:9d:07:da:bf:f5: fa:9a:c8:f0:0f:06:ad:a8:54:93:2b:0a:3c:b4:e3: 79:3a:da:4b:10:05:36:72:5e:51:2f:6a:e7:fc:45: 74:d2:42:81:11:42:e6:98:96:b6:ae:63:11:55:88: 7b:1c:7c:4b:6b:b1:96:a8:b6:b9:14:2d:a7:d8:33: 43:40:65:69:db:26:2c:2a:44:b8:23:e5:04:08:08: 75:df:b7:53:07:69:32:9a:26:3b:ef:80:a9:b7:c4: 0e:05:74:e8:b5:f8:b6:c0:35:99:75:6c:07:1c:64: 87:f5:ca:75:32:60:46:71:ba:07:2c:cb:8a:b6:b2: b4:62:75:57:c8:c7:86:5a:60:6a:a1:20:91:f8:3f: b3:da:90:5f:b9:32:76:2d:16:d9:d7:09:cf:b7:b5: de:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:0A:B8:28:00:AA:3C:11:32:7A:65:C6:ED:F4:D2:23:B6:FE:C3:5B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS140396.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.150.174.0/23 103.162.130.0/23 IPv6: 2406:6c0::/32 Signature Algorithm: sha256WithRSAEncryption 17:c6:fb:3d:39:f5:a6:ff:2a:55:5f:22:7b:5d:0a:04:c6:5a: 32:bf:73:f1:8e:8b:dc:d5:d1:43:a8:f6:bb:a2:b9:ef:9f:66: 27:13:b0:0f:18:ff:85:8b:ad:18:80:72:b8:8e:8e:38:f0:99: b4:73:60:85:81:84:da:cc:25:8f:b8:a6:e1:33:5a:f5:14:40: 08:c3:88:8d:f9:39:3d:05:c1:01:3d:c6:ec:d0:41:41:bd:9f: 12:cd:23:60:68:12:8e:4d:70:bf:d6:ce:ae:3c:32:6b:45:92: 9c:a0:93:d2:ab:2e:72:07:8c:01:9c:0f:9f:8e:59:75:56:cf: 35:22:9c:86:e0:e6:a5:5a:a0:26:83:b4:36:fe:a1:65:5b:f4: 7e:46:f8:96:59:b4:ca:3e:3b:ef:c8:cf:5f:90:06:36:3c:5d: d5:f5:96:35:51:06:33:05:d7:70:44:b5:8a:e6:9d:8d:40:d4: a5:b3:0c:5e:83:08:57:39:f9:31:1b:cf:7d:76:b4:6b:4f:c6: ba:db:7f:ac:e3:ea:50:ae:3e:a6:31:76:96:9e:c4:b7:c0:88: 18:76:f9:82:c0:ad:4f:e1:81:d5:4f:7f:6a:20:c7:85:0e:31: 29:bf:cb:f9:1d:a0:1d:21:c5:67:15:3f:c8:05:aa:4b:17:01: 16:92:d3:51 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUeweWPI0/0HN6BqB5Hm4v+T3CGg8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNjExNTYxOFoX DTI3MDUwNTEyMDExOFowMzExMC8GA1UEAxMoN0QwQUI4MjgwMEFBM0MxMTMyN0E2 NUM2RURGNEQyMjNCNkZFQzM1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALHopozO0K0sPKazUcbijhurWlbDtGEj+gShQk67hBNK1j96CMAtci6mTcFK HgUc0+cmddnakDIBK/4DGHUJnMv2ihALGgtMAzgI/jmg9J6ySmEOC/XSUmHmsk8Q ELylp9xKf50H2r/1+prI8A8GrahUkysKPLTjeTraSxAFNnJeUS9q5/xFdNJCgRFC 5piWtq5jEVWIexx8S2uxlqi2uRQtp9gzQ0BladsmLCpEuCPlBAgIdd+3UwdpMpom O++AqbfEDgV06LX4tsA1mXVsBxxkh/XKdTJgRnG6ByzLiraytGJ1V8jHhlpgaqEg kfg/s9qQX7kydi0W2dcJz7e13kcCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBR9Crgo AKo8ETJ6Zcbt9NIjtv7DWzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQwMzk2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIA ATAMAwQBZ5auAwQBZ6KCMA0EAgACMAcDBQAkBgbAMA0GCSqGSIb3DQEBCwUAA4IB AQAXxvs9OfWm/ypVXyJ7XQoExloyv3Pxjovc1dFDqPa7ornvn2YnE7APGP+Fi60Y gHK4jo448Jm0c2CFgYTazCWPuKbhM1r1FEAIw4iN+Tk9BcEBPcbs0EFBvZ8SzSNg aBKOTXC/1s6uPDJrRZKcoJPSqy5yB4wBnA+fjll1Vs81IpyG4OalWqAmg7Q2/qFl W/R+RviWWbTKPjvvyM9fkAY2PF3V9ZY1UQYzBddwRLWK5p2NQNSlswxegwhXOfkx G899drRrT8a623+s4+pQrj6mMXaWnsS3wIgYdvmCwK1P4YHVT39qIMeFDjEpv8v5 HaAdIcVnFT/IBapLFwEWktNR -----END CERTIFICATE-----Generated at Tue May 12 22:43:00 2026 by rpki-client