$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa File: AS147121.roa (raw, json) Hash identifier: I339oztP+A3ff5hPqq0gOln0yLnqRGwv10ds3IQOb5M= Subject key identifier: FF:83:56:F4:78:11:E8:16:AA:F1:82:F7:C9:A3:C5:91:5E:3F:DB:F1 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5AB29ED5BDDBF0727D474F886E757D19729AA965 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa Signing time: Sun 03 May 2026 05:38:29 +0000 ROA not before: Sun 03 May 2026 05:33:29 +0000 ROA not after: Sun 02 May 2027 05:38:29 +0000 asID: 147121 IP address blocks: 103.141.196.0/23 maxlen: 24 103.175.236.0/23 maxlen: 23 103.175.236.0/24 maxlen: 24 103.175.237.0/24 maxlen: 24 2001:df1:17c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:b2:9e:d5:bd:db:f0:72:7d:47:4f:88:6e:75:7d:19:72:9a:a9:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 05:33:29 2026 GMT Not After : May 2 05:38:29 2027 GMT Subject: CN=FF8356F47811E816AAF182F7C9A3C5915E3FDBF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:4b:6f:54:c2:6f:b0:55:8a:6d:5b:d8:18:2d: df:1d:28:f6:dd:69:ff:81:fe:40:2c:ef:fd:85:36: dd:4b:1e:c6:d3:6a:91:f5:12:f1:49:17:e2:80:38: 09:3d:b5:f6:94:32:e0:4e:03:4f:be:0e:03:60:84: 65:d7:c0:8d:26:b1:38:4c:36:44:83:e0:c8:49:fa: 5b:a8:2c:9b:6b:f5:08:8c:6e:8d:eb:f6:83:24:39: 44:59:c5:0f:58:72:a8:0c:5a:11:52:f9:28:79:92: 22:c2:9c:b5:cf:1e:9e:62:67:15:be:9c:bf:07:2f: 7e:45:c7:08:2b:91:35:01:fb:12:34:34:fe:d2:b4: 3c:e9:80:49:36:d2:10:3b:b9:f3:d1:91:83:9b:52: 95:4a:68:25:77:69:23:8a:45:34:c6:fc:b6:9f:aa: 63:f5:dd:9c:b0:aa:f8:ca:80:e6:80:87:84:04:0e: 4e:61:33:86:da:bf:c3:10:14:79:e7:f9:75:a0:2d: 44:0c:83:0f:06:b0:5c:17:15:40:ba:30:64:4e:66: 81:78:2e:74:56:1d:4b:ff:13:fb:de:9b:c1:97:cd: 01:93:52:40:da:f7:60:ff:2c:59:af:da:eb:77:a7: 9e:15:90:bf:fb:4b:d6:33:0d:95:ef:77:21:c1:7e: f2:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:83:56:F4:78:11:E8:16:AA:F1:82:F7:C9:A3:C5:91:5E:3F:DB:F1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS147121.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.141.196.0/23 103.175.236.0/23 IPv6: 2001:df1:17c0::/48 Signature Algorithm: sha256WithRSAEncryption 32:e8:37:a3:aa:a0:57:23:11:64:d2:a4:40:d0:7c:c1:9c:42: c7:c0:42:6d:fa:16:d5:39:bc:b1:be:c6:ab:91:c9:00:26:e6: 05:47:0d:f5:4d:bc:db:ae:7a:a4:d2:0c:94:3f:3d:86:d8:d0: 67:26:4a:35:7b:16:cd:a7:ae:5b:ad:1e:15:07:5b:f1:ee:a4: 28:8f:89:07:17:d4:51:b6:67:32:f7:01:e5:11:b3:f2:b3:6c: 2d:bd:46:e4:7c:b5:ba:a9:e7:16:00:50:4a:36:4f:ad:1b:e5: 46:eb:54:4e:91:c7:50:65:c6:8c:18:1f:f1:5e:e4:b1:de:c1: f3:3f:3c:43:5b:42:f7:bf:7b:0e:43:d7:44:a1:bc:6e:89:01: be:03:9a:fc:cd:b7:df:de:d3:34:31:83:cd:d8:96:23:17:5d: c3:4f:83:0b:a0:d4:f3:7f:74:df:f5:02:c3:5c:51:4e:ab:64: 7e:0e:b0:cc:7c:94:39:1a:17:88:4e:a6:d5:e4:6d:9f:34:7d: 5c:62:47:77:41:8d:9c:67:23:8b:45:e5:9c:de:fa:64:7e:80: f9:47:a6:0d:08:f0:35:fd:5d:54:61:ad:d1:a4:c9:72:65:78: d0:f8:1d:9b:3c:e2:a3:ec:12:49:f1:20:ed:ca:2d:d1:68:72: b0:b3:fa:7c -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIUWrKe1b3b8HJ9R0+IbnV9GXKaqWUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA1MzMyOVoX DTI3MDUwMjA1MzgyOVowMzExMC8GA1UEAxMoRkY4MzU2RjQ3ODExRTgxNkFBRjE4 MkY3QzlBM0M1OTE1RTNGREJGMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANlLb1TCb7BVim1b2Bgt3x0o9t1p/4H+QCzv/YU23UsextNqkfUS8UkX4oA4 CT219pQy4E4DT74OA2CEZdfAjSaxOEw2RIPgyEn6W6gsm2v1CIxujev2gyQ5RFnF D1hyqAxaEVL5KHmSIsKctc8enmJnFb6cvwcvfkXHCCuRNQH7EjQ0/tK0POmASTbS EDu589GRg5tSlUpoJXdpI4pFNMb8tp+qY/XdnLCq+MqA5oCHhAQOTmEzhtq/wxAU eef5daAtRAyDDwawXBcVQLowZE5mgXgudFYdS/8T+96bwZfNAZNSQNr3YP8sWa/a 63ennhWQv/tL1jMNle93IcF+8u8CAwEAAaOCAeMwggHfMB0GA1UdDgQWBBT/g1b0 eBHoFqrxgvfJo8WRXj/b8TAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ3MTIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIA ATAMAwQBZ43EAwQBZ6/sMA8EAgACMAkDBwAgAQ3xF8AwDQYJKoZIhvcNAQELBQAD ggEBADLoN6OqoFcjEWTSpEDQfMGcQsfAQm36FtU5vLG+xquRyQAm5gVHDfVNvNuu eqTSDJQ/PYbY0GcmSjV7Fs2nrlutHhUHW/HupCiPiQcX1FG2ZzL3AeURs/KzbC29 RuR8tbqp5xYAUEo2T60b5UbrVE6Rx1BlxowYH/Fe5LHewfM/PENbQve/ew5D10Sh vG6JAb4DmvzNt9/e0zQxg83YliMXXcNPgwug1PN/dN/1AsNcUU6rZH4OsMx8lDka F4hOptXkbZ80fVxiR3dBjZxnI4tF5Zze+mR+gPlHpg0I8DX9XVRhrdGkyXJleND4 HZs84qPsEknxIO3KLdFocrCz+nw= -----END CERTIFICATE-----Generated at Tue May 12 22:43:01 2026 by rpki-client