$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS147089.roa File: AS147089.roa (raw, json) Hash identifier: Az+joYKMeq+FVRtuWZnDNnwVMSXtl+HEEvLTKZBoSdw= Subject key identifier: A2:96:3A:14:4E:6D:25:59:C1:8E:DF:2A:D9:4B:18:B6:4F:73:40:F0 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3CB8FE9324BD26A9EBF93B0B21E86600CE09AB6C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147089.roa Signing time: Sun 03 May 2026 01:33:14 +0000 ROA not before: Sun 03 May 2026 01:28:14 +0000 ROA not after: Sun 02 May 2027 01:33:14 +0000 asID: 147089 IP address blocks: 103.173.232.0/23 maxlen: 24 103.173.232.0/24 maxlen: 24 103.173.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:b8:fe:93:24:bd:26:a9:eb:f9:3b:0b:21:e8:66:00:ce:09:ab:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:28:14 2026 GMT Not After : May 2 01:33:14 2027 GMT Subject: CN=A2963A144E6D2559C18EDF2AD94B18B64F7340F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1c:90:d6:47:ea:54:25:1a:e1:6c:a3:ba:f1: b9:bb:3c:a1:b3:a8:19:21:9a:21:f8:2b:4f:f2:58: fa:16:90:90:66:ff:06:51:b6:cd:5f:34:62:df:9e: a3:f5:01:70:71:73:80:76:2e:7c:2f:4c:f3:a2:37: 39:71:1a:ea:8c:f0:eb:70:0e:eb:b2:2b:a8:b3:84: 84:f8:03:bf:dd:14:a4:0e:21:cc:3f:db:52:d2:a6: a2:0a:3e:d2:ed:40:4e:ca:ab:d8:2b:19:31:e2:61: 51:8f:05:ad:40:6e:84:44:47:9a:dd:0f:2e:25:43: e7:bc:b3:f3:79:16:a6:3a:2d:99:e8:a3:df:0d:e2: 75:ba:27:7b:f2:c9:b3:1b:de:c7:f7:10:3d:d0:aa: 6a:ca:c5:43:77:d3:c9:f7:a1:5e:46:d3:f0:88:11: ac:78:8b:18:4a:9d:45:c2:45:c2:d6:7c:a7:95:6b: 1b:f9:b4:79:34:25:67:a1:f0:03:db:41:3e:2b:2c: 66:5d:7a:ab:c6:9f:de:a1:75:85:f6:30:ea:11:90: 2c:54:d7:84:8c:91:05:30:f3:6e:28:6d:12:8c:ee: 00:fe:35:03:78:d1:19:7f:d9:c9:b8:2d:f4:37:ac: dd:2f:9c:8c:6d:33:dc:88:17:31:fd:7d:d8:14:cf: f2:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:96:3A:14:4E:6D:25:59:C1:8E:DF:2A:D9:4B:18:B6:4F:73:40:F0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.173.232.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:26:44:4e:1b:e1:5f:04:7f:ae:c5:15:12:fb:dc:9b:28:6e: 53:ae:e0:f2:d0:e1:9e:a8:35:45:ec:74:df:ae:45:57:d9:c4: ce:a4:a7:da:ae:04:46:37:da:30:61:cd:af:6b:26:b4:e0:c8: 63:59:db:8d:1c:bc:d5:b1:fc:74:62:37:66:ce:38:5f:ba:b6: 61:f0:5a:e1:ec:02:7a:39:ba:33:56:03:09:5b:fd:51:a6:81: 4e:7d:2d:56:c4:c8:a4:e6:f4:b7:32:a4:d1:0a:90:a1:29:21: b8:fa:47:42:05:3c:a1:5a:2c:bc:3b:95:4d:63:78:43:f5:4a: 11:fc:3a:f3:54:70:83:ba:a9:eb:82:2f:38:60:b9:cf:64:89: c4:23:16:46:59:68:28:b3:ec:16:49:cc:9e:0c:24:03:6d:9d: 3e:da:f2:57:52:92:2f:a9:5b:d8:0f:92:2d:2e:47:35:d1:64: 31:ac:33:5f:ed:cd:2e:80:bf:c0:61:c0:ca:f3:e8:91:82:8a: 1c:3e:64:dd:9f:72:95:78:10:8b:69:2f:33:76:69:23:82:9c: ea:7f:b8:55:68:69:93:6e:89:74:76:a9:20:45:8a:07:27:95: 2e:47:5a:e0:36:78:68:be:78:c6:0a:d2:31:b1:4e:18:39:4c: 1d:f2:20:79 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUPLj+kyS9Jqnr+TsLIehmAM4Jq2wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMjgxNFoX DTI3MDUwMjAxMzMxNFowMzExMC8GA1UEAxMoQTI5NjNBMTQ0RTZEMjU1OUMxOEVE RjJBRDk0QjE4QjY0RjczNDBGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYckNZH6lQlGuFso7rxubs8obOoGSGaIfgrT/JY+haQkGb/BlG2zV80Yt+e o/UBcHFzgHYufC9M86I3OXEa6ozw63AO67IrqLOEhPgDv90UpA4hzD/bUtKmogo+ 0u1ATsqr2CsZMeJhUY8FrUBuhERHmt0PLiVD57yz83kWpjotmeij3w3idbone/LJ sxvex/cQPdCqasrFQ3fTyfehXkbT8IgRrHiLGEqdRcJFwtZ8p5VrG/m0eTQlZ6Hw A9tBPissZl16q8af3qF1hfYw6hGQLFTXhIyRBTDzbihtEozuAP41A3jRGX/Zybgt 9Des3S+cjG0z3IgXMf192BTP8hkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSiljoU Tm0lWcGO3yrZSxi2T3NA8DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ3MDg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ63oMA0GCSqGSIb3DQEBCwUAA4IBAQBsJkROG+FfBH+uxRUS+9ybKG5T ruDy0OGeqDVF7HTfrkVX2cTOpKfargRGN9owYc2vaya04MhjWduNHLzVsfx0Yjdm zjhfurZh8Frh7AJ6ObozVgMJW/1RpoFOfS1WxMik5vS3MqTRCpChKSG4+kdCBTyh Wiy8O5VNY3hD9UoR/DrzVHCDuqnrgi84YLnPZInEIxZGWWgos+wWScyeDCQDbZ0+ 2vJXUpIvqVvYD5ItLkc10WQxrDNf7c0ugL/AYcDK8+iRgoocPmTdn3KVeBCLaS8z dmkjgpzqf7hVaGmTbol0dqkgRYoHJ5UuR1rgNnhovnjGCtIxsU4YOUwd8iB5 -----END CERTIFICATE-----Generated at Tue May 12 22:42:05 2026 by rpki-client