$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149948.roa File: AS149948.roa (raw, json) Hash identifier: iYyxdKMHlRi5XiEdfv2V78YVz1SWDokzs62jWTsw2cQ= Subject key identifier: C3:94:29:77:2E:5E:B3:BB:89:05:BA:75:0B:F1:10:17:51:F5:6C:CC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 604C44F5551AC386C1AF4B08CC95B40A4BDDACD1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149948.roa Signing time: Mon 21 Jul 2025 07:00:00 +0000 ROA not before: Mon 21 Jul 2025 06:55:00 +0000 ROA not after: Mon 20 Jul 2026 07:00:00 +0000 asID: 149948 IP address blocks: 103.190.28.0/23 maxlen: 24 203.100.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 13:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:4c:44:f5:55:1a:c3:86:c1:af:4b:08:cc:95:b4:0a:4b:dd:ac:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 21 06:55:00 2025 GMT Not After : Jul 20 07:00:00 2026 GMT Subject: CN=C39429772E5EB3BB8905BA750BF1101751F56CCC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:65:31:62:85:3d:52:4b:c4:bc:e7:ae:f7:50: 7c:cd:79:0e:45:7b:33:e5:d5:03:a5:f8:47:f2:b2: 2a:c0:2c:d1:be:dc:3d:50:50:d5:ab:5c:84:ef:39: 23:33:c7:75:00:05:fd:cc:71:7d:b3:be:9a:fa:9e: 98:aa:6a:a1:77:09:f2:b2:86:93:e6:a7:24:aa:24: 0f:7b:6e:a0:e7:fa:e4:22:af:e8:65:43:03:b2:af: 0a:09:a4:eb:52:a8:c9:ed:75:ef:7c:b7:fd:0f:c7: a2:de:3b:ca:f9:fc:1b:9b:3e:07:28:12:82:ec:00: bb:3f:8b:aa:a2:cb:ff:af:86:44:c1:92:f8:ce:65: 9a:af:9e:5d:09:43:8d:50:fe:bf:d6:5c:8b:42:9a: 9f:fe:c9:c2:a2:57:c9:09:e7:71:af:53:18:bf:bc: ad:97:14:25:76:93:e1:fe:0a:d9:33:c6:7c:ee:0e: 8b:27:e6:ca:9d:81:bc:00:61:d9:f5:18:0f:81:5b: 4d:e3:46:1c:12:5e:61:fd:62:fb:29:3e:42:b3:39: 27:38:6d:10:63:ab:5e:1e:52:d0:89:1c:35:51:d1: a8:27:88:ba:1f:1f:e5:77:fc:2b:17:31:47:b6:b0: 80:a4:e0:33:63:5b:b1:1e:52:32:e4:f4:51:e6:70: a1:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:94:29:77:2E:5E:B3:BB:89:05:BA:75:0B:F1:10:17:51:F5:6C:CC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149948.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.190.28.0/23 203.100.57.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:b4:c6:2f:b4:c1:b0:1c:e9:a3:13:b3:ad:da:c5:7b:f4:db: 5e:0f:8e:df:19:5e:4d:3b:b2:04:69:41:53:b1:c9:5d:e8:87: 33:65:8d:f6:78:10:25:9d:a6:a5:b5:40:06:bb:d9:5e:df:72: 9c:c7:eb:11:46:6f:3f:25:ea:b8:67:e4:b4:fb:ef:03:e2:4e: 5b:0e:51:71:f1:d3:16:9a:1b:75:48:a7:e1:98:93:f6:c4:c8: c2:90:ab:0a:3e:ea:aa:7b:c2:c6:11:c7:ca:22:97:47:c7:53: 1d:ad:f7:65:b1:43:6c:4b:65:21:30:80:ec:5f:43:aa:4d:dd: c5:69:22:e1:05:c2:5f:88:e0:89:87:f4:a2:ca:92:2c:53:bf: c2:f3:37:5d:fe:1f:c1:05:22:d9:4b:97:7a:c2:52:ca:63:94: 46:fc:b9:6b:0e:67:5c:bb:5d:5c:a2:9f:a1:cf:59:03:42:b4: 52:eb:32:37:af:10:a4:c2:5c:24:3f:d9:36:7f:fa:a6:6d:d2: 9d:55:15:69:9a:f1:d6:41:2e:77:1b:20:07:40:1c:2f:76:f0: 30:ed:b2:de:7d:f7:60:ea:a9:60:28:70:67:70:2a:c2:d2:6a: af:bc:43:16:3b:62:a7:69:4b:5b:9c:e7:8c:fa:9d:4c:69:32: dd:7d:c4:6b -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUYExE9VUaw4bBr0sIzJW0CkvdrNEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyMTA2NTUwMFoX DTI2MDcyMDA3MDAwMFowMzExMC8GA1UEAxMoQzM5NDI5NzcyRTVFQjNCQjg5MDVC QTc1MEJGMTEwMTc1MUY1NkNDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOFlMWKFPVJLxLznrvdQfM15DkV7M+XVA6X4R/KyKsAs0b7cPVBQ1atchO85 IzPHdQAF/cxxfbO+mvqemKpqoXcJ8rKGk+anJKokD3tuoOf65CKv6GVDA7KvCgmk 61Koye1173y3/Q/Hot47yvn8G5s+BygSguwAuz+LqqLL/6+GRMGS+M5lmq+eXQlD jVD+v9Zci0Kan/7JwqJXyQnnca9TGL+8rZcUJXaT4f4K2TPGfO4Oiyfmyp2BvABh 2fUYD4FbTeNGHBJeYf1i+yk+QrM5JzhtEGOrXh5S0IkcNVHRqCeIuh8f5Xf8Kxcx R7awgKTgM2NbsR5SMuT0UeZwoZsCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBTDlCl3 Ll6zu4kFunUL8RAXUfVszDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk0OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAWe+HAMEAMtkOTANBgkqhkiG9w0BAQsFAAOCAQEAC7TGL7TBsBzp oxOzrdrFe/TbXg+O3xleTTuyBGlBU7HJXeiHM2WN9ngQJZ2mpbVABrvZXt9ynMfr EUZvPyXquGfktPvvA+JOWw5RcfHTFpobdUin4ZiT9sTIwpCrCj7qqnvCxhHHyiKX R8dTHa33ZbFDbEtlITCA7F9Dqk3dxWki4QXCX4jgiYf0osqSLFO/wvM3Xf4fwQUi 2UuXesJSymOURvy5aw5nXLtdXKKfoc9ZA0K0UusyN68QpMJcJD/ZNn/6pm3SnVUV aZrx1kEudxsgB0AcL3bwMO2y3n33YOqpYChwZ3AqwtJqr7xDFjtip2lLW5znjPqd TGky3X3Eaw== -----END CERTIFICATE-----Generated at Wed Aug 6 03:57:47 2025 by rpki-client