$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS137909.roa File: AS137909.roa (raw, json) Hash identifier: 0+1cn2NY80CIpg1JTVbzkIzquUSvBXlBJyOyCcxuBLg= Subject key identifier: 45:2F:2A:61:1D:B0:10:E3:32:86:8E:C6:65:89:35:78:58:91:26:6E Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 4B150D95C0F07F3613E682A73DF6967E64609074 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS137909.roa Signing time: Sat 02 May 2026 09:24:19 +0000 ROA not before: Sat 02 May 2026 09:19:19 +0000 ROA not after: Sat 01 May 2027 09:24:19 +0000 asID: 137909 IP address blocks: 161.248.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:15:0d:95:c0:f0:7f:36:13:e6:82:a7:3d:f6:96:7e:64:60:90:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:19:19 2026 GMT Not After : May 1 09:24:19 2027 GMT Subject: CN=452F2A611DB010E332868EC6658935785891266E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:db:d4:94:e9:67:4f:ff:21:8e:5d:a8:c2:1d: fd:f1:1b:aa:44:b5:83:9a:43:4a:bd:b9:47:20:e7: f7:20:70:7b:28:c0:7f:d9:15:08:9e:9c:31:a4:da: bf:65:d4:a8:53:8f:07:ea:a9:3c:20:98:a7:f4:1f: 7a:6f:ef:2f:ea:5f:07:be:b2:06:e9:be:fc:a4:5b: ff:aa:ca:3e:e1:80:88:a8:4f:53:42:e7:be:cf:0a: ce:5f:7a:de:02:c0:fc:8b:34:53:d0:79:96:0a:84: 2f:74:06:90:95:52:72:ec:b4:a1:e2:eb:bf:ad:80: 13:7d:94:64:47:98:62:ef:ae:45:52:45:68:61:28: ab:9e:17:50:d9:5b:d7:3a:bf:52:96:e7:80:7a:8d: a9:05:df:46:e9:fd:f7:7c:f1:e2:1c:10:60:08:d6: be:28:e0:fc:70:3e:b0:12:2a:ed:9b:0a:a1:bc:c8: 3e:3a:93:2f:ac:af:0c:0c:79:67:8f:ca:b1:1c:da: 2d:04:15:32:e5:6e:8d:18:22:44:6a:ac:7a:e3:7b: 31:3b:39:e2:ad:25:34:93:5a:ec:8c:66:9f:f0:7a: 78:33:ec:1e:7f:c9:2b:a7:f9:32:49:fe:57:1c:e4: fc:85:eb:e6:a0:f9:1f:f7:b3:29:07:a5:ca:78:06: 97:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:2F:2A:61:1D:B0:10:E3:32:86:8E:C6:65:89:35:78:58:91:26:6E X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS137909.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.171.0/24 Signature Algorithm: sha256WithRSAEncryption 94:cc:22:c8:b6:62:42:c3:a3:4d:c0:dd:4f:a3:35:71:80:6b: ec:ea:a2:72:a7:7f:89:e7:90:79:60:54:73:46:24:ab:75:64: d8:08:39:05:dc:50:9e:91:90:4e:d7:1b:15:3c:0e:4b:af:a4: ce:4b:fe:c5:f7:69:b3:19:6c:f9:b8:f0:d0:1c:0d:c5:70:53: 84:04:dc:60:00:4a:83:ab:d0:36:e5:76:55:2a:60:5a:85:96: e6:3d:b3:ef:8e:63:e7:8a:a5:67:bf:4d:5a:b4:08:bf:96:d2: 80:ed:5a:48:5d:68:f2:7c:e5:12:4a:74:75:dd:87:5d:45:49: d2:6e:23:c3:fe:5f:4a:22:6d:df:8e:c4:21:96:27:f7:79:e8: 65:27:15:b4:f1:0b:7a:4d:e2:cf:97:55:72:5b:2b:c8:76:6e: c4:24:92:14:e9:e2:40:c4:4a:91:76:10:fc:ce:b5:04:c8:e4: 9e:08:66:df:ad:94:06:ec:c0:32:9c:91:30:af:d4:39:f0:24: e3:03:ab:3e:43:47:5f:8d:23:58:72:5a:3a:3a:67:b2:0d:5d: c5:b3:01:cf:b6:a0:60:cf:1a:96:67:0e:25:b3:46:3a:1f:95: 05:0e:72:27:46:81:3f:d7:cb:8d:b6:ef:ce:df:93:b4:52:02: 89:51:f8:0e -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUSxUNlcDwfzYT5oKnPfaWfmRgkHQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTkxOVoX DTI3MDUwMTA5MjQxOVowMzExMC8GA1UEAxMoNDUyRjJBNjExREIwMTBFMzMyODY4 RUM2NjU4OTM1Nzg1ODkxMjY2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKTb1JTpZ0//IY5dqMId/fEbqkS1g5pDSr25RyDn9yBweyjAf9kVCJ6cMaTa v2XUqFOPB+qpPCCYp/Qfem/vL+pfB76yBum+/KRb/6rKPuGAiKhPU0Lnvs8Kzl96 3gLA/Is0U9B5lgqEL3QGkJVScuy0oeLrv62AE32UZEeYYu+uRVJFaGEoq54XUNlb 1zq/UpbngHqNqQXfRun993zx4hwQYAjWvijg/HA+sBIq7ZsKobzIPjqTL6yvDAx5 Z4/KsRzaLQQVMuVujRgiRGqseuN7MTs54q0lNJNa7Ixmn/B6eDPsHn/JK6f5Mkn+ Vxzk/IXr5qD5H/ezKQelyngGl7UCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRFLyph HbAQ4zKGjsZliTV4WJEmbjAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTM3OTA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAofirMA0GCSqGSIb3DQEBCwUAA4IBAQCUzCLItmJCw6NNwN1PozVxgGvs 6qJyp3+J55B5YFRzRiSrdWTYCDkF3FCekZBO1xsVPA5Lr6TOS/7F92mzGWz5uPDQ HA3FcFOEBNxgAEqDq9A25XZVKmBahZbmPbPvjmPniqVnv01atAi/ltKA7VpIXWjy fOUSSnR13YddRUnSbiPD/l9KIm3fjsQhlif3eehlJxW08Qt6TeLPl1VyWyvIdm7E JJIU6eJAxEqRdhD8zrUEyOSeCGbfrZQG7MAynJEwr9Q58CTjA6s+Q0dfjSNYclo6 OmeyDV3FswHPtqBgzxqWZw4ls0Y6H5UFDnInRoE/18uNtu/O35O0UgKJUfgO -----END CERTIFICATE-----Generated at Sat May 2 21:04:49 2026 by rpki-client