$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa File: AS149965.roa (raw, json) Hash identifier: dBdpA/a1Df+B2iZ6q6hUm2C5l+8h/SDriyDhhU6FMwM= Subject key identifier: E3:C8:9E:6C:95:5D:A3:99:B3:96:EE:5F:98:81:A1:96:63:6D:EB:F5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 36C8F80F63FC2CAFBA3F16131F0D1A8BEDCB2A7F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa Signing time: Tue 05 Aug 2025 09:00:00 +0000 ROA not before: Tue 05 Aug 2025 08:55:00 +0000 ROA not after: Tue 04 Aug 2026 09:00:00 +0000 asID: 149965 IP address blocks: 103.139.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 13:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:c8:f8:0f:63:fc:2c:af:ba:3f:16:13:1f:0d:1a:8b:ed:cb:2a:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 5 08:55:00 2025 GMT Not After : Aug 4 09:00:00 2026 GMT Subject: CN=E3C89E6C955DA399B396EE5F9881A196636DEBF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:19:f0:98:12:10:de:5a:18:59:9f:e4:26:7e: 72:33:20:14:6f:03:fe:82:69:66:3a:26:bb:67:1e: f5:e6:d0:43:01:bd:43:c5:29:ff:06:84:6f:94:5f: a4:75:c1:2d:ec:9b:47:26:9d:21:f4:6f:5e:47:81: 0f:d1:72:d5:ac:99:fb:ee:e9:d7:ac:d4:bf:6f:60: 45:7e:be:30:ec:8f:73:3f:29:3a:49:a5:af:34:02: ce:cd:a8:ce:0e:ce:cb:df:a8:fb:67:97:91:db:46: b3:80:0c:5c:c7:fc:fd:1d:e4:49:8f:8c:35:35:c1: 29:b9:88:f3:58:4c:11:c0:d8:1f:0a:f9:05:ab:76: 36:d4:fa:42:50:b9:51:3d:b2:13:40:28:a2:80:31: 41:12:f1:7e:c2:e7:78:3a:9c:c3:11:b7:d9:c3:2e: c7:97:fc:fc:63:c4:77:4c:ce:09:5a:c1:0e:5e:5b: 57:fe:75:63:3e:78:be:ec:6d:bc:88:e5:94:a0:7e: 6a:86:f4:52:c1:1d:4f:64:7d:e9:f7:62:f1:ee:e0: 02:4c:23:46:b2:56:d8:02:bd:63:95:16:96:48:d1: 30:d1:97:32:ee:4d:a0:46:13:2b:96:0e:d5:42:53: 14:14:cd:b8:b8:5e:78:21:88:a6:34:04:3a:0c:91: 20:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:C8:9E:6C:95:5D:A3:99:B3:96:EE:5F:98:81:A1:96:63:6D:EB:F5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149965.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.139.138.0/23 Signature Algorithm: sha256WithRSAEncryption 68:13:35:ae:48:f6:58:79:09:0b:22:5c:fa:88:4d:c4:5d:f8: 60:4a:f3:53:9d:78:43:31:c6:a5:04:8a:19:9b:7e:c1:9f:c4: 9a:0c:d3:3c:9e:e1:d1:34:5c:24:27:25:e1:69:54:08:43:fe: 22:f5:54:43:f7:f1:0a:40:5f:93:57:69:57:e4:61:e0:89:64: 7c:de:23:d8:99:04:02:7f:5f:2b:dd:5f:5f:2a:ce:23:4f:01: d8:34:70:68:cc:80:58:45:50:97:4e:42:89:f0:c5:8c:68:bf: 8b:63:ea:0e:8a:52:ba:b4:05:a8:73:d3:67:e3:08:28:f2:70: dc:19:8a:a4:e6:7d:5b:6f:17:35:11:50:c3:8b:e4:e3:10:83: bd:26:75:04:94:9c:aa:c0:db:29:0e:f2:6d:81:aa:2b:0d:ab: 83:20:40:57:f2:ec:6a:7d:a9:dc:70:4b:70:ce:87:1f:4b:0d: 8c:4a:a1:59:a5:70:12:a2:3d:2c:ce:03:9f:ad:67:02:f7:4e: f3:81:40:61:cb:c2:dc:e7:c7:67:cf:e6:a0:8d:82:ae:7f:ab: f6:fa:78:9f:cc:4e:76:7b:ec:cb:eb:ce:28:0e:02:b7:c5:db: 97:13:42:6c:ba:d7:87:24:d7:bd:bb:22:5e:2d:df:e0:fb:46: 81:ba:a1:57 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNsj4D2P8LK+6PxYTHw0ai+3LKn8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgwNTA4NTUwMFoX DTI2MDgwNDA5MDAwMFowMzExMC8GA1UEAxMoRTNDODlFNkM5NTVEQTM5OUIzOTZF RTVGOTg4MUExOTY2MzZERUJGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL8Z8JgSEN5aGFmf5CZ+cjMgFG8D/oJpZjomu2ce9ebQQwG9Q8Up/waEb5Rf pHXBLeybRyadIfRvXkeBD9Fy1ayZ++7p16zUv29gRX6+MOyPcz8pOkmlrzQCzs2o zg7Oy9+o+2eXkdtGs4AMXMf8/R3kSY+MNTXBKbmI81hMEcDYHwr5Bat2NtT6QlC5 UT2yE0AoooAxQRLxfsLneDqcwxG32cMux5f8/GPEd0zOCVrBDl5bV/51Yz54vuxt vIjllKB+aob0UsEdT2R96fdi8e7gAkwjRrJW2AK9Y5UWlkjRMNGXMu5NoEYTK5YO 1UJTFBTNuLheeCGIpjQEOgyRIKkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTjyJ5s lV2jmbOW7l+YgaGWY23r9TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTk2NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWeLijANBgkqhkiG9w0BAQsFAAOCAQEAaBM1rkj2WHkJCyJc+ohN xF34YErzU514QzHGpQSKGZt+wZ/EmgzTPJ7h0TRcJCcl4WlUCEP+IvVUQ/fxCkBf k1dpV+Rh4IlkfN4j2JkEAn9fK91fXyrOI08B2DRwaMyAWEVQl05CifDFjGi/i2Pq DopSurQFqHPTZ+MIKPJw3BmKpOZ9W28XNRFQw4vk4xCDvSZ1BJScqsDbKQ7ybYGq Kw2rgyBAV/Lsan2p3HBLcM6HH0sNjEqhWaVwEqI9LM4Dn61nAvdO84FAYcvC3OfH Z8/moI2Crn+r9vp4n8xOdnvsy+vOKA4Ct8XblxNCbLrXhyTXvbsiXi3f4PtGgbqh Vw== -----END CERTIFICATE-----Generated at Wed Aug 6 03:57:40 2025 by rpki-client