$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS149320.roa File: AS149320.roa (raw, json) Hash identifier: s6IZIbMaEVeiwOZVl04bJF0Q6xY1SIycHlJhypfnN8M= Subject key identifier: 71:30:66:0D:11:59:F0:29:59:55:60:46:7D:5C:BA:20:BA:0B:B8:D8 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 56818A4E81B8B85E8CD5C6A9340ADA66D4068B73 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149320.roa Signing time: Sun 03 May 2026 05:55:32 +0000 ROA not before: Sun 03 May 2026 05:50:32 +0000 ROA not after: Sun 02 May 2027 05:55:32 +0000 asID: 149320 IP address blocks: 103.178.86.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:81:8a:4e:81:b8:b8:5e:8c:d5:c6:a9:34:0a:da:66:d4:06:8b:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 05:50:32 2026 GMT Not After : May 2 05:55:32 2027 GMT Subject: CN=7130660D1159F029595560467D5CBA20BA0BB8D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:87:c5:8e:e2:e2:8e:09:57:cb:ee:4b:16:40: 10:6a:06:6e:bb:68:14:49:86:11:6b:1f:b3:38:9f: f7:be:80:66:08:38:ad:4b:a8:9a:be:e1:7a:e1:b3: c3:1f:7d:7c:3b:76:f5:2f:05:cd:3d:57:2e:64:97: ea:bb:41:a4:73:25:26:42:c3:cf:a6:9a:5a:f7:6a: 1d:65:5c:3f:cd:2c:98:28:64:0f:ba:b6:51:9e:df: 20:98:50:dc:fa:bf:03:68:87:4e:4c:2c:ad:5f:23: 27:04:c4:98:21:81:aa:d4:60:14:2f:17:69:37:fa: f1:f5:5a:64:12:ee:3b:15:9d:f1:1b:d0:2d:3d:6f: 97:fb:95:d3:ff:23:d8:65:82:82:7c:91:71:6f:f5: 2b:7e:ed:b0:b2:f6:c1:ef:e4:cc:13:71:94:3a:5a: f1:f5:dc:6a:26:33:b2:c7:1a:4c:8f:9b:57:ad:30: e8:36:35:7b:c9:24:58:5a:72:eb:2f:6d:4c:89:04: 50:53:f1:4e:f0:ab:bc:3f:99:57:e3:4c:c1:ad:d1: f9:b8:1d:95:8a:ed:39:ec:fc:31:0a:e1:b9:06:51: 94:ae:ec:d7:47:1a:f1:99:f3:3d:61:c3:f0:fa:79: 6c:2b:14:51:d5:5c:db:6c:62:dd:2f:24:1a:cd:c5: bc:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:30:66:0D:11:59:F0:29:59:55:60:46:7D:5C:BA:20:BA:0B:B8:D8 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS149320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.178.86.0/23 Signature Algorithm: sha256WithRSAEncryption 9e:a0:b8:fe:0d:65:ef:cd:6b:89:9f:18:a6:55:f4:d9:b5:30: 38:3b:98:7b:2a:0a:b9:ba:7a:45:43:47:b2:e5:44:b0:88:4c: 6e:23:2c:2c:0e:68:c7:94:f7:b3:e9:f6:5c:10:7b:13:46:27: 0c:ad:dd:68:f5:11:c4:f6:fc:ad:76:22:8c:d6:77:44:c2:28: 60:83:b2:ae:e2:94:77:42:cf:68:2a:84:1f:4e:c9:e7:0a:b7: f3:e1:f9:b3:91:c5:b2:d8:1f:99:17:79:45:a3:d6:24:fc:bf: d8:a5:11:f0:df:e1:91:42:5f:31:2b:8c:da:ac:bc:01:b6:67: 4b:7f:f3:63:33:b4:98:77:78:45:e0:91:03:95:8e:f7:65:a7: c9:e5:a7:94:09:c0:d5:a7:bd:2e:74:49:1f:78:02:9d:8d:e7: c1:79:57:f0:d7:06:50:2e:e2:d8:49:69:17:53:2d:db:d7:1d: 01:49:82:77:40:e0:b7:ef:8e:f5:3f:05:cc:91:4f:29:49:a8: 23:d6:68:48:2e:66:53:01:1b:c5:b6:ef:71:a3:81:35:d8:13: d0:ba:21:18:cc:0a:05:40:f2:23:92:9d:be:a0:5e:10:d3:44: 4f:34:9e:9e:d1:b4:94:3d:1f:e1:f4:d8:05:96:0d:9a:6f:12: 81:ec:b0:bc -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUVoGKToG4uF6M1capNAraZtQGi3MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA1NTAzMloX DTI3MDUwMjA1NTUzMlowMzExMC8GA1UEAxMoNzEzMDY2MEQxMTU5RjAyOTU5NTU2 MDQ2N0Q1Q0JBMjBCQTBCQjhEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPeHxY7i4o4JV8vuSxZAEGoGbrtoFEmGEWsfszif976AZgg4rUuomr7heuGz wx99fDt29S8FzT1XLmSX6rtBpHMlJkLDz6aaWvdqHWVcP80smChkD7q2UZ7fIJhQ 3Pq/A2iHTkwsrV8jJwTEmCGBqtRgFC8XaTf68fVaZBLuOxWd8RvQLT1vl/uV0/8j 2GWCgnyRcW/1K37tsLL2we/kzBNxlDpa8fXcaiYzsscaTI+bV60w6DY1e8kkWFpy 6y9tTIkEUFPxTvCrvD+ZV+NMwa3R+bgdlYrtOez8MQrhuQZRlK7s10ca8ZnzPWHD 8Pp5bCsUUdVc22xi3S8kGs3FvFMCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRxMGYN EVnwKVlVYEZ9XLogugu42DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTQ5MzIwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ7JWMA0GCSqGSIb3DQEBCwUAA4IBAQCeoLj+DWXvzWuJnximVfTZtTA4 O5h7Kgq5unpFQ0ey5USwiExuIywsDmjHlPez6fZcEHsTRicMrd1o9RHE9vytdiKM 1ndEwihgg7Ku4pR3Qs9oKoQfTsnnCrfz4fmzkcWy2B+ZF3lFo9Yk/L/YpRHw3+GR Ql8xK4zarLwBtmdLf/NjM7SYd3hF4JEDlY73ZafJ5aeUCcDVp70udEkfeAKdjefB eVfw1wZQLuLYSWkXUy3b1x0BSYJ3QOC37471PwXMkU8pSagj1mhILmZTARvFtu9x o4E12BPQuiEYzAoFQPIjkp2+oF4Q00RPNJ6e0bSUPR/h9NgFlg2abxKB7LC8 -----END CERTIFICATE-----Generated at Tue May 12 22:55:54 2026 by rpki-client