$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137428.roa File: AS137428.roa (raw, json) Hash identifier: GIaAeMx509iBeqJyelZRHiP5OO8SbbJXLh6mB5ggupc= Subject key identifier: 0E:1A:0E:20:84:48:4B:0E:3E:8B:0E:85:DE:05:9F:2C:AB:DA:2D:D8 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 198FDA6F52319665BA0696F78571151D3B253A41 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137428.roa Signing time: Mon 01 Sep 2025 04:55:10 +0000 ROA not before: Mon 01 Sep 2025 04:50:10 +0000 ROA not after: Mon 31 Aug 2026 04:55:10 +0000 asID: 137428 IP address blocks: 165.101.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 14:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:8f:da:6f:52:31:96:65:ba:06:96:f7:85:71:15:1d:3b:25:3a:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 1 04:50:10 2025 GMT Not After : Aug 31 04:55:10 2026 GMT Subject: CN=0E1A0E2084484B0E3E8B0E85DE059F2CABDA2DD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:40:2c:d9:5f:b8:bf:ad:d9:78:a9:e9:7e:b6: 6b:1e:37:82:d8:9f:33:78:21:2e:9f:c5:a9:02:24: 57:90:81:92:f9:14:bd:5b:ad:87:79:06:d8:7d:a5: 84:d9:47:53:16:d3:4f:f9:3f:35:79:81:00:c3:ad: 18:89:f1:b9:c9:e6:a5:d0:9d:3e:62:af:1e:70:7c: 03:e8:ac:a4:6e:92:bb:61:0c:dc:f5:b8:be:9a:9a: b8:f0:e0:90:10:1d:fa:44:f8:f5:75:8d:48:e4:32: eb:fd:05:36:6d:c9:4b:0f:8f:cd:cc:c4:90:72:08: 36:11:47:60:f2:20:99:1c:18:c6:7b:b1:b4:21:0f: d2:b9:e6:58:21:42:b1:42:b9:4a:80:97:66:4f:28: c3:06:02:c9:60:31:ac:04:17:2a:be:68:a6:b5:55: 3e:b0:42:4a:4c:01:90:0e:12:ca:ca:1c:05:d5:e9: 24:21:83:6d:73:12:66:c3:4f:ce:cc:1d:08:ac:8d: 58:17:10:e3:40:fd:16:1b:c9:58:22:b0:d3:79:a6: 8e:a6:c7:d8:10:53:38:7d:a8:6c:25:c9:61:f7:c5: 8d:c9:70:28:a3:9e:cb:8d:64:ca:66:5c:b3:03:d7: 51:af:b8:4a:9d:42:a2:80:71:22:e8:ea:52:a2:49: cd:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:1A:0E:20:84:48:4B:0E:3E:8B:0E:85:DE:05:9F:2C:AB:DA:2D:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.125.0/24 Signature Algorithm: sha256WithRSAEncryption 63:2d:2b:3b:18:e0:9b:6c:50:9e:08:77:7f:28:be:ed:56:7e: ac:e2:4e:4d:79:8c:fc:d2:10:70:13:fc:be:39:de:d4:e2:21: a3:62:88:3b:98:b9:50:a2:c3:50:c0:0b:94:f4:d1:88:d4:ca: 01:95:3d:aa:7e:7e:20:92:8b:4e:68:4d:b2:a7:09:e9:14:0e: a5:95:14:98:e5:32:f5:6c:50:15:25:9a:26:96:8c:6c:cd:df: a7:5d:95:3c:c8:5e:03:38:07:c0:1f:f9:98:33:0c:88:a8:6b: a8:7d:a9:55:30:1c:b5:97:45:d8:1e:74:4a:30:f2:c2:7d:9b: 00:0b:3d:f1:d2:33:6c:80:e1:bc:87:c9:e8:b6:0e:3b:75:fc: 1e:ac:0d:73:d5:b1:89:11:d3:35:ef:04:2d:7d:68:51:86:01: d3:0b:47:54:dc:f9:d2:50:7f:f4:fd:60:46:e4:fa:de:10:03: 12:04:ba:d6:d8:c1:bc:24:b4:04:05:87:3a:69:6b:85:1b:36: 22:d2:68:d4:8c:9b:86:16:45:03:8f:4d:c5:35:94:8d:60:ca: 0c:c2:51:f7:57:71:45:09:5c:d8:4c:f8:a3:67:b0:3b:d7:46: 7f:d7:55:9d:44:0c:1c:1f:bd:54:92:64:31:03:f4:57:be:94: f8:11:44:5b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUGY/ab1IxlmW6Bpb3hXEVHTslOkEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkwMTA0NTAxMFoX DTI2MDgzMTA0NTUxMFowMzExMC8GA1UEAxMoMEUxQTBFMjA4NDQ4NEIwRTNFOEIw RTg1REUwNTlGMkNBQkRBMkREODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO5ALNlfuL+t2Xip6X62ax43gtifM3ghLp/FqQIkV5CBkvkUvVuth3kG2H2l hNlHUxbTT/k/NXmBAMOtGInxucnmpdCdPmKvHnB8A+ispG6Su2EM3PW4vpqauPDg kBAd+kT49XWNSOQy6/0FNm3JSw+PzczEkHIINhFHYPIgmRwYxnuxtCEP0rnmWCFC sUK5SoCXZk8owwYCyWAxrAQXKr5oprVVPrBCSkwBkA4SysocBdXpJCGDbXMSZsNP zswdCKyNWBcQ40D9FhvJWCKw03mmjqbH2BBTOH2obCXJYffFjclwKKOey41kymZc swPXUa+4Sp1CooBxIujqUqJJzecCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQOGg4g hEhLDj6LDoXeBZ8sq9ot2DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzNzQyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVlfTANBgkqhkiG9w0BAQsFAAOCAQEAYy0rOxjgm2xQngh3fyi+ 7VZ+rOJOTXmM/NIQcBP8vjne1OIho2KIO5i5UKLDUMALlPTRiNTKAZU9qn5+IJKL TmhNsqcJ6RQOpZUUmOUy9WxQFSWaJpaMbM3fp12VPMheAzgHwB/5mDMMiKhrqH2p VTActZdF2B50SjDywn2bAAs98dIzbIDhvIfJ6LYOO3X8HqwNc9WxiRHTNe8ELX1o UYYB0wtHVNz50lB/9P1gRuT63hADEgS61tjBvCS0BAWHOmlrhRs2ItJo1IybhhZF A49NxTWUjWDKDMJR91dxRQlc2Ez4o2ewO9dGf9dVnUQMHB+9VJJkMQP0V76U+BFE Ww== -----END CERTIFICATE-----Generated at Sun Sep 7 10:11:35 2025 by rpki-client