$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137909.roa File: AS137909.roa (raw, json) Hash identifier: /O8yCdGbHxKi54PooNpDzb9uxRkMygAcXAP+Iu4xK3Q= Subject key identifier: 9E:6B:9B:F6:1E:50:53:05:FF:39:D8:66:29:31:2D:C1:35:67:40:17 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6068735FFECBA9324CFD8F94E070F246616C06E7 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137909.roa Signing time: Wed 04 Jun 2025 02:08:37 +0000 ROA not before: Wed 04 Jun 2025 02:03:37 +0000 ROA not after: Wed 03 Jun 2026 02:08:37 +0000 asID: 137909 IP address blocks: 2001:df4:ea40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 02:27:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:68:73:5f:fe:cb:a9:32:4c:fd:8f:94:e0:70:f2:46:61:6c:06:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 4 02:03:37 2025 GMT Not After : Jun 3 02:08:37 2026 GMT Subject: CN=9E6B9BF61E505305FF39D86629312DC135674017 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:46:ec:87:6c:6d:0a:93:e6:4f:f9:63:2f:c3: 72:2c:61:1c:72:91:c7:f1:e4:c9:50:5e:ef:f9:53: dc:65:00:82:4c:fb:df:6b:e2:77:0e:db:df:37:65: 81:2b:c5:f4:a8:76:53:80:d4:4b:fa:bb:20:f7:75: 25:13:5f:5a:6e:35:d5:36:01:12:0a:2e:02:a3:4f: aa:46:d0:38:5c:93:b3:25:00:95:65:7c:78:85:69: 97:4e:e6:c7:f4:10:f4:fa:83:7e:1e:b8:a6:75:a8: cb:a0:f6:cc:a0:ca:b4:5a:70:5f:15:2a:aa:1c:5f: 5f:4d:1a:ab:1b:98:d6:4e:f9:57:46:d7:18:30:08: 89:22:c1:79:b9:53:ce:85:26:39:ac:d2:fd:76:1b: 3a:16:a1:7b:a4:17:7a:1d:f4:40:11:5a:46:4d:40: 88:06:20:df:8b:74:1e:6d:34:e3:ec:f7:28:27:f1: c9:02:de:e8:b0:7f:de:c0:ba:99:13:00:1a:e6:03: 4a:6e:36:fb:b7:f6:53:d6:49:b0:89:f6:b0:d8:3e: 16:aa:66:bd:6a:fa:b0:6b:9b:96:c5:da:8c:36:12: c2:79:ca:26:f5:ab:1f:6e:31:c3:87:f6:2f:ba:a7: dc:74:e0:df:43:7d:41:0a:20:bc:3a:b0:b5:72:3e: 7a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:6B:9B:F6:1E:50:53:05:FF:39:D8:66:29:31:2D:C1:35:67:40:17 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS137909.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:ea40::/48 Signature Algorithm: sha256WithRSAEncryption 04:d8:37:1c:5c:82:41:15:cd:e5:1e:98:30:83:b7:ff:42:3e: c4:59:bb:70:aa:b4:1a:72:96:bd:69:4e:00:3f:87:48:fb:76: e7:42:3d:f8:de:7c:1e:48:48:87:61:c4:6c:49:41:53:df:fe: 52:46:58:99:2f:64:04:d9:a0:35:ac:44:09:91:df:c4:ec:28: 3e:92:32:c9:50:d8:10:91:0c:0b:70:ee:0d:1e:03:f0:71:ab: 0e:8f:c7:6b:a3:b2:b2:b1:e4:67:9c:44:37:a4:d8:38:c1:de: 6d:0e:27:d8:23:b4:3e:29:9e:1c:eb:5e:2d:cf:a3:0e:82:54: e5:2c:c7:1d:47:99:55:c6:a9:80:eb:75:77:9b:82:f2:5a:50: 68:a7:c7:1c:2d:7a:27:03:14:3f:d1:d3:f4:b6:2a:3c:47:6b: 3c:e2:11:e3:2e:ca:57:63:8a:4d:c3:26:24:66:76:df:ec:09: 3e:64:a2:6c:c1:79:91:ed:ee:35:78:8f:1f:5a:f2:6f:73:b4: 2d:4a:bf:5a:fe:26:2f:2c:cf:7f:31:bc:41:02:e9:4b:e6:77: 45:a4:69:8f:60:91:0f:5a:fa:38:38:51:c8:4d:14:ca:17:27: c5:87:ba:e2:d1:9e:cc:14:dd:a1:a8:36:62:87:13:e5:0b:09: 99:29:17:a0 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUYGhzX/7LqTJM/Y+U4HDyRmFsBucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwNDAyMDMzN1oX DTI2MDYwMzAyMDgzN1owMzExMC8GA1UEAxMoOUU2QjlCRjYxRTUwNTMwNUZGMzlE ODY2MjkzMTJEQzEzNTY3NDAxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNG7IdsbQqT5k/5Yy/DcixhHHKRx/HkyVBe7/lT3GUAgkz732vidw7b3zdl gSvF9Kh2U4DUS/q7IPd1JRNfWm411TYBEgouAqNPqkbQOFyTsyUAlWV8eIVpl07m x/QQ9PqDfh64pnWoy6D2zKDKtFpwXxUqqhxfX00aqxuY1k75V0bXGDAIiSLBeblT zoUmOazS/XYbOhahe6QXeh30QBFaRk1AiAYg34t0Hm004+z3KCfxyQLe6LB/3sC6 mRMAGuYDSm42+7f2U9ZJsIn2sNg+FqpmvWr6sGublsXajDYSwnnKJvWrH24xw4f2 L7qn3HTg30N9QQogvDqwtXI+egsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSea5v2 HlBTBf852GYpMS3BNWdAFzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNzkwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfTqQDANBgkqhkiG9w0BAQsFAAOCAQEABNg3HFyCQRXN5R6Y MIO3/0I+xFm7cKq0GnKWvWlOAD+HSPt250I9+N58HkhIh2HEbElBU9/+UkZYmS9k BNmgNaxECZHfxOwoPpIyyVDYEJEMC3DuDR4D8HGrDo/Ha6OysrHkZ5xEN6TYOMHe bQ4n2CO0PimeHOteLc+jDoJU5SzHHUeZVcapgOt1d5uC8lpQaKfHHC16JwMUP9HT 9LYqPEdrPOIR4y7KV2OKTcMmJGZ23+wJPmSibMF5ke3uNXiPH1ryb3O0LUq/Wv4m LyzPfzG8QQLpS+Z3RaRpj2CRD1r6ODhRyE0UyhcnxYe64tGezBTdoag2YocT5QsJ mSkXoA== -----END CERTIFICATE-----Generated at Sat Jun 7 18:43:19 2025 by rpki-client