$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138089.roa File: AS138089.roa (raw, json) Hash identifier: fsqtABzOSKL7XX5HayYD6H/iaP7LjcbtEUV+hNuJUmQ= Subject key identifier: 71:7D:23:10:45:28:2C:E4:30:42:E6:88:66:74:FB:56:3F:6F:96:B7 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1400B918B1B213436EE52DF773AF3AA4BC928EF7 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138089.roa Signing time: Tue 21 Apr 2026 03:08:13 +0000 ROA not before: Tue 21 Apr 2026 03:03:13 +0000 ROA not after: Tue 20 Apr 2027 03:08:13 +0000 asID: 138089 IP address blocks: 165.99.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:00:b9:18:b1:b2:13:43:6e:e5:2d:f7:73:af:3a:a4:bc:92:8e:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 21 03:03:13 2026 GMT Not After : Apr 20 03:08:13 2027 GMT Subject: CN=717D231045282CE43042E6886674FB563F6F96B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:b1:8f:38:ad:16:a4:b9:4e:c8:8e:69:7b:a3: d6:ab:15:17:50:8e:d5:e1:dd:7b:77:76:f0:f0:83: c4:e6:9e:e0:16:e1:36:70:db:a8:29:2f:3f:c9:c3: 0d:90:8b:db:4b:11:c6:82:73:7b:0b:ee:4a:8d:70: af:17:39:2e:51:61:bc:9f:f9:7d:88:e2:ad:6f:50: 7f:64:0e:43:a3:af:d0:99:3c:a2:ff:1b:07:df:0d: a3:2f:36:b3:27:0b:8b:bb:a7:6b:41:b9:cc:6f:b3: 32:7d:79:a5:42:15:40:ea:c3:0d:59:19:bd:c0:67: b2:52:eb:7a:74:1f:2b:be:0a:b2:48:75:59:ee:d6: 5c:03:91:90:b5:59:b7:d0:08:42:7e:00:14:c2:d7: f5:53:8d:de:66:35:b0:30:80:15:1e:35:32:cb:04: c6:90:27:9f:90:a5:60:db:28:13:67:b4:02:a7:62: c5:d3:5c:66:c8:81:03:86:6a:e5:9d:6f:37:75:a2: 8e:4c:a5:b1:93:55:a6:40:59:75:49:9b:1a:06:eb: 25:71:97:50:92:26:3c:08:29:0d:41:bf:e1:ed:ed: 11:ff:bb:c8:72:de:2a:08:ce:cf:b6:7b:b9:78:51: 86:25:21:39:0e:eb:1d:93:54:24:a3:c2:c5:5b:c4: 49:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:7D:23:10:45:28:2C:E4:30:42:E6:88:66:74:FB:56:3F:6F:96:B7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS138089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.225.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:a7:90:2b:cc:13:52:fd:0b:65:1c:a5:a3:f5:8a:59:e0:aa: d2:b7:c0:eb:3c:c6:2d:5a:f7:a6:ad:9a:04:7f:bc:95:8f:13: 94:72:1c:f2:f9:75:c1:b4:59:74:82:77:14:ed:7b:08:50:58: e8:58:0e:20:6c:de:f3:cd:5b:8a:fc:44:4a:5c:b8:60:8f:e4: 2f:5f:10:49:5b:63:32:35:bd:89:e9:9d:3b:d6:0f:4a:ec:c9: 97:69:12:e0:97:a5:fb:9c:27:85:b4:d2:cf:52:f1:ee:0d:ee: a0:2a:00:da:0d:46:69:5d:44:ca:14:1b:52:7a:55:48:73:f6: 1e:5f:d6:1a:02:0e:2c:04:e8:c5:a9:72:83:f7:f8:c4:0a:94: f7:97:fc:f0:0a:8d:c9:a3:fc:c8:a8:e5:2d:53:1e:5c:f2:dc: d1:c6:2f:2b:78:89:cc:fa:0f:98:40:63:0d:99:9e:15:ba:51: 06:b4:dd:99:cd:fd:d9:46:b7:8e:0e:b4:05:ae:a9:cd:9b:48: 6d:70:db:39:d9:13:13:e9:4e:c9:0c:3e:cc:d8:b4:ab:7c:fe: 9f:bf:3b:97:da:7a:bd:7d:fa:c1:5c:84:1d:53:24:cc:1f:0d: 9c:e5:ab:3a:2a:c9:d6:45:6e:4b:4a:2a:56:cc:4f:13:6c:a0: 51:e9:1b:4c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFAC5GLGyE0Nu5S33c686pLySjvcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQyMTAzMDMxM1oX DTI3MDQyMDAzMDgxM1owMzExMC8GA1UEAxMoNzE3RDIzMTA0NTI4MkNFNDMwNDJF Njg4NjY3NEZCNTYzRjZGOTZCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJSxjzitFqS5TsiOaXuj1qsVF1CO1eHde3d28PCDxOae4BbhNnDbqCkvP8nD DZCL20sRxoJzewvuSo1wrxc5LlFhvJ/5fYjirW9Qf2QOQ6Ov0Jk8ov8bB98Noy82 sycLi7una0G5zG+zMn15pUIVQOrDDVkZvcBnslLrenQfK74Kskh1We7WXAORkLVZ t9AIQn4AFMLX9VON3mY1sDCAFR41MssExpAnn5ClYNsoE2e0AqdixdNcZsiBA4Zq 5Z1vN3WijkylsZNVpkBZdUmbGgbrJXGXUJImPAgpDUG/4e3tEf+7yHLeKgjOz7Z7 uXhRhiUhOQ7rHZNUJKPCxVvESecCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRxfSMQ RSgs5DBC5ohmdPtWP2+WtzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzODA4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVj4TANBgkqhkiG9w0BAQsFAAOCAQEAHKeQK8wTUv0LZRylo/WK WeCq0rfA6zzGLVr3pq2aBH+8lY8TlHIc8vl1wbRZdIJ3FO17CFBY6FgOIGze881b ivxESly4YI/kL18QSVtjMjW9iemdO9YPSuzJl2kS4Jel+5wnhbTSz1Lx7g3uoCoA 2g1GaV1EyhQbUnpVSHP2Hl/WGgIOLAToxalyg/f4xAqU95f88AqNyaP8yKjlLVMe XPLc0cYvK3iJzPoPmEBjDZmeFbpRBrTdmc392Ua3jg60Ba6pzZtIbXDbOdkTE+lO yQw+zNi0q3z+n787l9p6vX36wVyEHVMkzB8NnOWrOirJ1kVuS0oqVsxPE2ygUekb TA== -----END CERTIFICATE-----Generated at Wed Apr 22 03:30:15 2026 by rpki-client