$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa File: AS149400.roa (raw, json) Hash identifier: 4xWhllyfaORmdOPobtNcMiYuaIW/m/kFsmXSJQPXXnM= Subject key identifier: 54:53:77:CC:66:8E:B7:09:AC:D7:41:A5:3A:8F:C8:44:04:44:CB:85 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2F2438E7CC8786E141F65D7B5DDFBE42AA7FE5C4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa Signing time: Tue 10 Feb 2026 03:00:00 +0000 ROA not before: Tue 10 Feb 2026 02:55:00 +0000 ROA not after: Tue 09 Feb 2027 03:00:00 +0000 asID: 149400 IP address blocks: 103.70.94.0/23 maxlen: 24 202.164.220.0/23 maxlen: 24 2401:15a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:17:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:24:38:e7:cc:87:86:e1:41:f6:5d:7b:5d:df:be:42:aa:7f:e5:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 10 02:55:00 2026 GMT Not After : Feb 9 03:00:00 2027 GMT Subject: CN=545377CC668EB709ACD741A53A8FC8440444CB85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:59:f9:91:b2:55:f7:f8:d6:31:a2:33:cf:76: d2:eb:d3:54:1f:7a:93:19:44:b5:d0:50:c6:a6:fb: c7:99:6f:25:e4:20:76:b6:54:56:57:d0:65:c2:a0: 87:38:34:b0:f4:09:e9:4b:10:68:75:07:50:30:d8: f9:42:68:86:b9:18:04:ee:b1:f8:b9:e5:40:70:0e: c6:a6:86:17:c4:16:06:d8:c6:0e:c9:8a:f1:a2:83: 79:56:24:b5:e1:17:b1:83:f1:05:46:75:4b:49:87: e9:02:66:d5:b5:c7:99:a8:60:83:34:9b:82:24:84: 75:30:43:77:df:f7:61:e8:ae:79:6b:6b:08:9f:85: 07:2d:f4:2f:1e:e7:6d:7e:df:ee:64:9e:c6:1e:62: 65:f7:0e:80:c4:60:95:f1:2b:9b:89:f9:7e:a1:ec: 08:c7:e5:79:56:49:7f:5a:1e:22:e3:2c:20:a6:3e: 9a:9d:91:da:61:d6:ae:90:d0:85:dd:c2:4f:35:dd: 27:1a:1a:39:dc:89:f1:49:1b:1a:7e:94:f2:2c:a2: 39:23:ec:94:12:4c:db:7c:5d:30:f4:14:df:ba:d7: a2:30:be:f0:bc:dc:8d:a0:f3:4e:31:da:f9:c9:0c: f5:3a:2a:3e:17:26:b6:7b:64:5d:66:32:07:a6:f8: ac:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:53:77:CC:66:8E:B7:09:AC:D7:41:A5:3A:8F:C8:44:04:44:CB:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149400.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.70.94.0/23 202.164.220.0/23 IPv6: 2401:15a0::/32 Signature Algorithm: sha256WithRSAEncryption 89:9b:f6:4e:b3:27:5d:5f:25:f8:44:76:f9:5f:89:ed:96:db: ef:1c:f5:54:a5:c6:20:8c:ef:af:f1:76:23:f9:ef:99:6d:32: ba:7c:f0:ea:2e:e2:1f:24:2f:eb:e6:4a:03:c4:9d:7b:64:fa: ac:45:04:3b:59:fa:b3:e2:9c:2f:43:ef:9e:b8:b7:65:48:32: c7:b2:a1:f8:ce:31:ea:4c:de:90:18:e3:e7:36:ab:ad:76:c0: f1:12:25:dd:3b:4e:a9:bc:a2:ee:7a:b0:76:83:d9:c7:30:bf: 9c:93:90:c2:73:40:43:b3:e1:fe:3f:b4:6b:67:01:44:c9:7f: 1a:38:5c:93:30:50:b9:b6:8d:38:08:c8:94:b3:81:77:86:4b: db:c8:b7:d6:c0:b3:72:98:b6:f0:33:a1:99:5c:4e:51:e9:32: 6c:c0:9c:d7:04:f4:1a:de:6e:d5:74:3d:14:1d:6c:38:d8:40: 70:61:17:d6:e7:ab:c0:37:c2:06:cf:36:43:fb:d9:b6:f3:a0: a0:0c:0b:51:ac:aa:ba:a9:b7:a0:93:2e:62:4c:ff:92:ca:ff: 4f:e1:52:08:c0:57:ff:84:78:91:2e:97:ca:37:43:b1:06:c8: 4b:98:3a:c8:c2:48:c9:d7:d2:08:04:12:aa:6c:b8:07:01:a7: 7c:74:44:6a -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIULyQ458yHhuFB9l17Xd++Qqp/5cQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDIxMDAyNTUwMFoX DTI3MDIwOTAzMDAwMFowMzExMC8GA1UEAxMoNTQ1Mzc3Q0M2NjhFQjcwOUFDRDc0 MUE1M0E4RkM4NDQwNDQ0Q0I4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALlZ+ZGyVff41jGiM8920uvTVB96kxlEtdBQxqb7x5lvJeQgdrZUVlfQZcKg hzg0sPQJ6UsQaHUHUDDY+UJohrkYBO6x+LnlQHAOxqaGF8QWBtjGDsmK8aKDeVYk teEXsYPxBUZ1S0mH6QJm1bXHmahggzSbgiSEdTBDd9/3YeiueWtrCJ+FBy30Lx7n bX7f7mSexh5iZfcOgMRglfErm4n5fqHsCMfleVZJf1oeIuMsIKY+mp2R2mHWrpDQ hd3CTzXdJxoaOdyJ8UkbGn6U8iyiOSPslBJM23xdMPQU37rXojC+8LzcjaDzTjHa +ckM9ToqPhcmtntkXWYyB6b4rHECAwEAAaOCAeUwggHhMB0GA1UdDgQWBBRUU3fM Zo63CazXQaU6j8hEBETLhTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTQwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAWdGXgMEAcqk3DANBAIAAjAHAwUAJAEVoDANBgkqhkiG9w0BAQsF AAOCAQEAiZv2TrMnXV8l+ER2+V+J7Zbb7xz1VKXGIIzvr/F2I/nvmW0yunzw6i7i HyQv6+ZKA8Sde2T6rEUEO1n6s+KcL0Pvnri3ZUgyx7Kh+M4x6kzekBjj5zarrXbA 8RIl3TtOqbyi7nqwdoPZxzC/nJOQwnNAQ7Ph/j+0a2cBRMl/GjhckzBQubaNOAjI lLOBd4ZL28i31sCzcpi28DOhmVxOUekybMCc1wT0Gt5u1XQ9FB1sONhAcGEX1uer wDfCBs82Q/vZtvOgoAwLUayquqm3oJMuYkz/ksr/T+FSCMBX/4R4kS6XyjdDsQbI S5g6yMJIydfSCAQSqmy4BwGnfHREag== -----END CERTIFICATE-----Generated at Sun Mar 1 23:39:47 2026 by rpki-client