$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137428.roa File: AS137428.roa (raw, json) Hash identifier: yL+lHI7cRbwejNZY7sU2DbC/g3qAkWogERiDRjVkjEE= Subject key identifier: 75:EE:C6:C5:89:C8:7B:87:6B:0C:6C:4A:7B:52:7C:C4:68:88:7D:3E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7120ABCE723426CE8589F1903C1469C14C6C4827 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137428.roa Signing time: Mon 01 Sep 2025 04:57:07 +0000 ROA not before: Mon 01 Sep 2025 04:52:07 +0000 ROA not after: Mon 31 Aug 2026 04:57:07 +0000 asID: 137428 IP address blocks: 2001:df5:d340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 09:48:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:20:ab:ce:72:34:26:ce:85:89:f1:90:3c:14:69:c1:4c:6c:48:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 1 04:52:07 2025 GMT Not After : Aug 31 04:57:07 2026 GMT Subject: CN=75EEC6C589C87B876B0C6C4A7B527CC468887D3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6a:71:e7:61:68:04:62:8b:76:7b:d2:ee:e2: 9e:85:50:e7:29:ce:96:d9:1e:cb:45:b8:53:f4:9f: 6d:74:0e:4a:5e:27:c8:d0:a3:66:44:7b:9e:cb:9d: db:76:6e:d2:da:ba:bc:5a:60:c2:17:ff:7f:b9:4e: 5e:0e:53:53:ad:c4:de:2d:28:e3:60:bb:79:bf:0a: 5e:51:e8:ae:a5:e8:67:ac:18:29:60:d6:d8:0e:19: bc:b5:6b:4a:a6:3a:93:f4:bf:31:ed:10:63:4d:fd: ca:5c:be:db:fa:88:5a:5f:54:19:0b:60:1f:ce:cb: aa:2b:fb:4c:44:a4:75:2d:03:9f:9f:00:97:28:cf: ef:a7:cf:60:c0:89:fd:17:99:52:cd:19:93:3c:d7: db:f3:91:ee:11:69:de:ee:31:f4:94:70:6c:92:53: 72:a6:d8:2b:48:e0:c0:6f:f5:96:54:7f:55:5b:89: 0f:bb:c3:fe:0a:4d:57:5b:e8:b5:0b:d5:a2:ee:4d: 72:e7:4c:cb:99:d2:e9:6e:e0:fa:12:d2:a5:0e:3c: 9c:d5:7d:55:a5:79:97:d1:ae:e6:8c:7f:06:de:bd: af:d8:c0:1d:03:17:49:b7:20:47:6f:43:61:3b:39: 86:a4:cd:ea:77:9c:ac:be:b7:92:2d:4d:49:e9:d0: a8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:EE:C6:C5:89:C8:7B:87:6B:0C:6C:4A:7B:52:7C:C4:68:88:7D:3E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:d340::/48 Signature Algorithm: sha256WithRSAEncryption 35:7c:59:08:71:ec:02:c0:2a:cf:0d:0d:c3:c0:ed:9c:af:48: d4:6b:b3:d3:fc:ab:a6:76:a8:17:73:c3:28:07:d9:05:d5:69: 55:1a:0f:67:84:86:1a:0c:3c:5c:e7:20:d4:a4:ab:1b:34:6a: 47:00:22:1b:8c:b2:40:92:51:26:f8:7e:0b:25:27:d4:bf:b9: 76:07:6f:d9:23:f7:cd:c9:88:f8:e5:8c:e4:08:73:a0:f5:96: 16:ec:4c:da:47:47:9d:e0:8a:0b:45:7a:cf:2d:21:6d:b7:17: 1a:4c:49:66:a9:d4:bd:5f:d3:3d:07:91:b1:55:30:d4:56:fe: 7b:ce:a3:b9:6d:61:b4:4e:4e:63:cb:8a:3c:ea:3e:06:6c:19: ea:d1:f9:2e:81:c6:0f:80:e2:3c:8f:83:4e:41:85:61:a1:f5: 89:c5:f5:d4:6f:1a:8c:cf:0d:0b:63:e2:77:22:ab:57:fe:a3: 31:40:c2:a1:0d:1f:a3:7b:93:1c:8c:37:b8:be:23:6a:48:c4: e7:70:df:0e:b4:62:52:54:5d:5a:86:4e:09:b6:a0:71:3f:72: 21:ac:bc:0c:4a:e8:8a:6e:fa:7f:82:2e:d2:e9:f6:55:88:ed: 19:d8:57:02:48:48:70:83:ba:81:4b:5c:39:8e:aa:0e:40:e5: 58:18:e3:fb -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUcSCrznI0Js6FifGQPBRpwUxsSCcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwMTA0NTIwN1oX DTI2MDgzMTA0NTcwN1owMzExMC8GA1UEAxMoNzVFRUM2QzU4OUM4N0I4NzZCMEM2 QzRBN0I1MjdDQzQ2ODg4N0QzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMtqcedhaARii3Z70u7inoVQ5ynOltkey0W4U/SfbXQOSl4nyNCjZkR7nsud 23Zu0tq6vFpgwhf/f7lOXg5TU63E3i0o42C7eb8KXlHorqXoZ6wYKWDW2A4ZvLVr SqY6k/S/Me0QY039yly+2/qIWl9UGQtgH87Lqiv7TESkdS0Dn58AlyjP76fPYMCJ /ReZUs0ZkzzX2/OR7hFp3u4x9JRwbJJTcqbYK0jgwG/1llR/VVuJD7vD/gpNV1vo tQvVou5NcudMy5nS6W7g+hLSpQ48nNV9VaV5l9Gu5ox/Bt69r9jAHQMXSbcgR29D YTs5hqTN6necrL63ki1NSenQqF8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBR17sbF ich7h2sMbEp7UnzEaIh9PjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNzQyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfXTQDANBgkqhkiG9w0BAQsFAAOCAQEANXxZCHHsAsAqzw0N w8DtnK9I1Guz0/yrpnaoF3PDKAfZBdVpVRoPZ4SGGgw8XOcg1KSrGzRqRwAiG4yy QJJRJvh+CyUn1L+5dgdv2SP3zcmI+OWM5AhzoPWWFuxM2kdHneCKC0V6zy0hbbcX GkxJZqnUvV/TPQeRsVUw1Fb+e86juW1htE5OY8uKPOo+BmwZ6tH5LoHGD4DiPI+D TkGFYaH1icX11G8ajM8NC2PidyKrV/6jMUDCoQ0fo3uTHIw3uL4jakjE53DfDrRi UlRdWoZOCbagcT9yIay8DEroim76f4Iu0un2VYjtGdhXAkhIcIO6gUtcOY6qDkDl WBjj+w== -----END CERTIFICATE-----Generated at Fri Sep 5 08:09:32 2025 by rpki-client