$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa File: AS149947.roa (raw, json) Hash identifier: U1+6hwBwfj6VTY/C7N5DPwHULvqp+BZwxJd771U2AFo= Subject key identifier: 52:7B:C0:99:8D:B6:DA:2A:DC:78:8F:91:B4:58:68:E9:FC:16:EC:44 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6852C61BFCE9B1F2DFCDF0A78F245D6F7F106758 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa Signing time: Fri 01 Aug 2025 08:02:29 +0000 ROA not before: Fri 01 Aug 2025 07:57:29 +0000 ROA not after: Fri 31 Jul 2026 08:02:29 +0000 asID: 149947 IP address blocks: 103.88.152.0/23 maxlen: 24 103.88.152.0/24 maxlen: 24 103.88.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 13:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:52:c6:1b:fc:e9:b1:f2:df:cd:f0:a7:8f:24:5d:6f:7f:10:67:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 1 07:57:29 2025 GMT Not After : Jul 31 08:02:29 2026 GMT Subject: CN=527BC0998DB6DA2ADC788F91B45868E9FC16EC44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:f5:12:8b:bb:26:0c:bb:f2:16:e4:a4:3e:a3: 59:d3:e3:3e:99:e3:ba:51:9f:c6:b5:95:9d:6c:c2: b5:3a:49:0e:70:2c:6d:eb:38:f2:8e:0c:72:5d:5e: 08:a0:44:14:4b:1a:d6:c4:c5:f2:91:7c:bc:f0:9a: fa:8d:9c:4b:35:f6:43:6a:c0:34:70:57:13:72:24: b6:89:48:0f:49:5d:02:ca:82:b6:61:8f:b8:30:be: 70:1a:d6:ad:9d:6b:b8:a0:bf:23:fc:4c:8e:95:20: ec:1b:0f:d2:71:26:55:a7:b0:82:29:63:8c:74:e3: a7:43:21:85:e8:be:4a:d0:ca:03:23:ad:f1:fa:38: 19:14:99:85:c3:1e:7d:37:52:cd:18:53:41:55:14: 7f:4d:a3:d7:8f:7f:ab:d1:32:4d:1c:b9:4d:a3:bc: 94:66:5e:ba:c1:21:26:00:dd:10:30:4d:09:24:9f: fb:b6:78:da:03:58:6e:e9:14:e2:67:cd:18:f0:f1: 1b:dd:43:97:84:c7:f8:6b:ac:c0:46:07:75:09:8b: 5b:ed:86:29:55:29:c3:4f:9c:f4:11:58:1b:c0:64: 97:ef:5e:3f:6c:26:18:20:c0:e2:8e:d3:b1:43:04: df:b8:91:10:74:78:d9:ea:42:c0:c6:a5:3f:81:b8: 9c:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:7B:C0:99:8D:B6:DA:2A:DC:78:8F:91:B4:58:68:E9:FC:16:EC:44 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.88.152.0/23 Signature Algorithm: sha256WithRSAEncryption 64:bf:21:79:b6:9e:67:86:9c:3f:99:d5:c0:29:17:52:64:e1: 2d:bb:d9:d7:b9:f4:36:f1:7e:8c:65:8d:98:69:df:45:13:00: 73:47:30:12:7e:00:06:30:64:57:cd:26:83:c5:ef:f7:51:69: ad:fd:1d:54:37:65:31:2a:a8:98:b3:be:78:9c:70:87:92:f2: e4:57:58:d0:a6:c9:b8:00:16:d5:91:c5:34:fd:d6:e8:6c:8c: 19:8d:68:b6:54:7b:fb:24:02:5d:ba:bb:c3:36:72:4a:e0:89: 27:2c:80:f2:aa:ee:24:4d:a6:b8:22:87:99:52:fa:42:ca:51: 47:2e:06:91:7a:51:bf:a7:92:81:03:5c:5a:68:14:9e:94:3c: 1b:61:ee:1e:f6:85:25:9f:75:77:9e:62:6d:69:60:d9:25:6c: 45:ef:bf:0e:ca:ff:ab:0a:14:6b:01:90:99:04:f6:9d:fe:8a: c0:91:c6:ea:9a:1e:64:d0:3d:d6:19:d1:83:8b:bd:d2:82:51: 1e:c3:4e:64:ee:d3:19:84:f4:ec:0a:f0:18:c2:d8:0e:df:23: 52:37:7b:e9:35:e9:97:ad:3d:c8:21:63:5d:46:54:44:bc:4b: 17:9a:cc:a3:f7:48:7f:bb:eb:6e:1f:bf:ee:90:44:f2:94:07: 7b:3e:a6:e9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUaFLGG/zpsfLfzfCnjyRdb38QZ1gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgwMTA3NTcyOVoX DTI2MDczMTA4MDIyOVowMzExMC8GA1UEAxMoNTI3QkMwOTk4REI2REEyQURDNzg4 RjkxQjQ1ODY4RTlGQzE2RUM0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM71Eou7Jgy78hbkpD6jWdPjPpnjulGfxrWVnWzCtTpJDnAsbes48o4Mcl1e CKBEFEsa1sTF8pF8vPCa+o2cSzX2Q2rANHBXE3IktolID0ldAsqCtmGPuDC+cBrW rZ1ruKC/I/xMjpUg7BsP0nEmVaewgiljjHTjp0Mhhei+StDKAyOt8fo4GRSZhcMe fTdSzRhTQVUUf02j149/q9EyTRy5TaO8lGZeusEhJgDdEDBNCSSf+7Z42gNYbukU 4mfNGPDxG91Dl4TH+GuswEYHdQmLW+2GKVUpw0+c9BFYG8Bkl+9eP2wmGCDA4o7T sUME37iREHR42epCwMalP4G4nAMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRSe8CZ jbbaKtx4j5G0WGjp/BbsRDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWdYmDANBgkqhkiG9w0BAQsFAAOCAQEAZL8hebaeZ4acP5nVwCkX UmThLbvZ17n0NvF+jGWNmGnfRRMAc0cwEn4ABjBkV80mg8Xv91Fprf0dVDdlMSqo mLO+eJxwh5Ly5FdY0KbJuAAW1ZHFNP3W6GyMGY1otlR7+yQCXbq7wzZySuCJJyyA 8qruJE2muCKHmVL6QspRRy4GkXpRv6eSgQNcWmgUnpQ8G2HuHvaFJZ91d55ibWlg 2SVsRe+/Dsr/qwoUawGQmQT2nf6KwJHG6poeZNA91hnRg4u90oJRHsNOZO7TGYT0 7ArwGMLYDt8jUjd76TXpl609yCFjXUZURLxLF5rMo/dIf7vrbh+/7pBE8pQHez6m 6Q== -----END CERTIFICATE-----Generated at Wed Aug 6 03:58:18 2025 by rpki-client