$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138828.roa File: AS138828.roa (raw, json) Hash identifier: DQXOxAyAkLuD9VAtGSq1RFtkgLhP3pGyOajL0NFARMk= Subject key identifier: B6:3A:21:E7:7A:35:D8:5E:B8:E1:BF:2C:17:D7:C3:C2:BE:BB:D6:9C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 18D97EE491376F442AB32233F5E3568F08B7AC95 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138828.roa Signing time: Wed 25 Jun 2025 08:00:00 +0000 ROA not before: Wed 25 Jun 2025 07:55:00 +0000 ROA not after: Wed 24 Jun 2026 08:00:00 +0000 asID: 138828 IP address blocks: 103.55.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 03:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:d9:7e:e4:91:37:6f:44:2a:b3:22:33:f5:e3:56:8f:08:b7:ac:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 25 07:55:00 2025 GMT Not After : Jun 24 08:00:00 2026 GMT Subject: CN=B63A21E77A35D85EB8E1BF2C17D7C3C2BEBBD69C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:db:3b:a5:ec:ec:dc:57:20:5b:6b:c8:85:34: 8c:81:b3:bf:6e:74:f4:1f:a1:e6:ca:f4:6b:63:28: 74:05:93:c0:02:5a:a0:83:68:a8:cd:87:c8:79:fd: 80:7d:5c:79:e5:27:5f:e3:9c:27:c8:33:9a:7c:d3: ca:00:15:0d:dd:95:15:4c:c4:48:2e:64:15:69:7e: 0d:b1:ce:2b:0b:75:f2:2c:9e:9e:11:b8:1b:8b:6c: 52:d4:16:91:6d:c1:71:de:24:16:c5:9a:28:19:a0: 0e:65:d5:40:21:ca:47:2b:a8:61:59:7b:e3:3d:e7: ae:0b:2c:b5:c3:9c:e9:00:c5:b7:d2:18:e4:dc:f4: 56:f8:49:c9:26:df:8e:78:7d:37:22:b9:5b:71:95: 6d:e5:41:f5:97:3b:59:9a:31:67:a7:06:0f:a6:d6: 3b:d0:5f:9c:01:eb:0c:ea:24:65:5c:a4:84:a9:f1: 39:b3:0f:58:fd:65:cc:0a:42:15:39:26:40:2d:dd: d6:d9:eb:14:29:ad:33:3e:60:b4:54:15:a1:79:0a: 07:6c:e7:94:a8:78:6f:d6:06:2d:8b:08:2c:7d:21: cb:83:b7:24:e9:f9:1f:b7:1c:ac:69:32:f8:bf:8d: 5a:1e:80:92:87:0c:29:07:eb:9d:f7:48:42:ec:cf: 77:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:3A:21:E7:7A:35:D8:5E:B8:E1:BF:2C:17:D7:C3:C2:BE:BB:D6:9C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138828.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.55.159.0/24 Signature Algorithm: sha256WithRSAEncryption 85:8f:6f:65:c6:9d:49:ab:a5:7d:dd:ba:e4:3e:36:e9:06:f4: b4:3e:9a:32:74:d2:ff:61:e4:18:b8:6f:bb:59:a7:9c:56:3b: 37:7e:c4:6c:69:5c:4b:a5:d8:b1:fd:5c:af:84:1f:42:75:88: 46:aa:b9:21:0a:b9:1f:bf:dc:63:d7:c2:10:b0:de:30:cc:e0: cd:a1:14:a6:7a:9e:9a:ed:de:c1:dc:e7:ca:b6:79:ef:71:24: 75:96:b8:0d:16:11:84:19:c4:ff:b5:52:b5:3c:9a:54:c2:c3: 06:54:59:00:d4:70:5c:4b:1b:67:17:8a:9e:e0:ae:a6:29:4a: f7:77:c8:08:e9:4b:1b:6f:17:6d:50:4c:b0:49:50:c9:af:3e: 6d:46:b8:5a:9b:1d:16:44:3f:7f:85:59:43:80:e0:64:48:b3: 59:5b:09:82:0f:fd:32:2f:bf:df:b1:f0:92:07:fc:cd:19:99: c7:be:ac:c9:46:d0:fd:6b:68:b7:03:8e:aa:c4:26:09:23:18: b1:f7:41:71:29:f8:59:5d:19:9b:16:d9:2f:85:f1:22:11:5d: 6c:90:c0:25:c9:30:1f:90:3a:2b:50:3b:13:8a:33:dc:14:76: db:b6:25:3c:d8:a7:a1:61:02:5e:89:c1:25:53:a3:eb:13:4e: 06:7a:bc:74 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUGNl+5JE3b0QqsyIz9eNWjwi3rJUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYyNTA3NTUwMFoX DTI2MDYyNDA4MDAwMFowMzExMC8GA1UEAxMoQjYzQTIxRTc3QTM1RDg1RUI4RTFC RjJDMTdEN0MzQzJCRUJCRDY5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJnbO6Xs7NxXIFtryIU0jIGzv2509B+h5sr0a2ModAWTwAJaoINoqM2HyHn9 gH1ceeUnX+OcJ8gzmnzTygAVDd2VFUzESC5kFWl+DbHOKwt18iyenhG4G4tsUtQW kW3Bcd4kFsWaKBmgDmXVQCHKRyuoYVl74z3nrgsstcOc6QDFt9IY5Nz0VvhJySbf jnh9NyK5W3GVbeVB9Zc7WZoxZ6cGD6bWO9BfnAHrDOokZVykhKnxObMPWP1lzApC FTkmQC3d1tnrFCmtMz5gtFQVoXkKB2znlKh4b9YGLYsILH0hy4O3JOn5H7ccrGky +L+NWh6AkocMKQfrnfdIQuzPdz8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS2OiHn ejXYXrjhvywX18PCvrvWnDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGc3nzANBgkqhkiG9w0BAQsFAAOCAQEAhY9vZcadSaulfd265D42 6Qb0tD6aMnTS/2HkGLhvu1mnnFY7N37EbGlcS6XYsf1cr4QfQnWIRqq5IQq5H7/c Y9fCELDeMMzgzaEUpnqemu3ewdznyrZ573EkdZa4DRYRhBnE/7VStTyaVMLDBlRZ ANRwXEsbZxeKnuCupilK93fICOlLG28XbVBMsElQya8+bUa4WpsdFkQ/f4VZQ4Dg ZEizWVsJgg/9Mi+/37Hwkgf8zRmZx76syUbQ/WtotwOOqsQmCSMYsfdBcSn4WV0Z mxbZL4XxIhFdbJDAJckwH5A6K1A7E4oz3BR227YlPNinoWECXonBJVOj6xNOBnq8 dA== -----END CERTIFICATE-----Generated at Sun Nov 2 22:34:02 2025 by rpki-client