$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS139257.roa File: AS139257.roa (raw, json) Hash identifier: dKM+1obWBTDnH0EH/4ojJZDVWC6r+XsLTccOfj8qzZU= Subject key identifier: EE:60:32:64:83:A9:9D:29:BD:A0:1F:2B:F6:32:06:36:96:93:00:EC Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 4409EFA6DD7899D22A01216654A6D7C5D133D3E0 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139257.roa Signing time: Sat 02 May 2026 09:23:01 +0000 ROA not before: Sat 02 May 2026 09:18:01 +0000 ROA not after: Sat 01 May 2027 09:23:01 +0000 asID: 139257 IP address blocks: 138.252.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:09:ef:a6:dd:78:99:d2:2a:01:21:66:54:a6:d7:c5:d1:33:d3:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:01 2026 GMT Not After : May 1 09:23:01 2027 GMT Subject: CN=EE60326483A99D29BDA01F2BF6320636969300EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:8d:c0:bc:e7:34:7f:e7:f2:73:fc:3a:c0:a1: ad:e6:b2:86:81:a8:24:c7:33:30:e4:2f:6d:10:08: e7:4c:28:13:a4:f5:44:97:f6:30:fa:a1:b2:d0:51: 36:66:50:4f:49:29:38:1c:00:ab:82:b4:bd:f7:05: 44:88:b0:01:2b:02:23:29:0a:05:be:d1:6a:29:0c: c0:41:ac:a3:96:78:a5:1c:3d:e9:30:f8:c2:30:11: b4:8b:c7:b2:83:c3:7f:65:c8:f4:bc:77:03:41:0e: 0a:fc:0b:e2:b5:3b:13:3e:04:9f:6f:0e:9f:91:e7: 8f:60:8c:f5:7a:a3:46:b6:24:bd:21:eb:0d:f0:e8: 40:f5:30:38:e3:da:fe:40:f9:63:98:33:1a:d7:61: 81:0d:24:79:77:a7:93:70:3a:e7:ce:1d:dc:3a:8f: 31:ec:56:1e:a6:9a:43:37:85:45:b9:6b:c1:08:e2: 41:ae:46:a8:2e:5c:3a:d6:d3:a5:25:3e:6e:cc:5e: 95:84:31:93:8b:9c:ba:a2:8e:e8:48:97:25:82:3c: 01:d1:e8:39:ac:6e:ce:3b:1e:7e:31:35:73:99:88: 8b:a1:f6:6a:f3:40:b4:30:3f:a8:0f:a9:6b:e5:89: 71:26:3c:56:98:c0:3d:68:5b:a1:db:c1:31:5a:86: a4:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:60:32:64:83:A9:9D:29:BD:A0:1F:2B:F6:32:06:36:96:93:00:EC X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS139257.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.253.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:36:ac:c6:81:4c:9d:11:4d:16:ea:37:71:27:5b:07:72:89: b6:b5:10:10:15:21:e6:7a:f2:98:41:6e:84:2d:00:b9:df:86: da:6a:a4:bd:e0:97:19:32:cf:2f:d8:6a:2b:85:11:42:a6:3f: 1b:6f:f0:f1:56:68:6b:d8:2d:08:6c:f2:c9:e5:4d:63:a8:c7: e1:f0:e4:c9:65:c0:5b:ae:59:4c:86:46:81:d5:12:60:66:0d: 73:ad:22:4a:de:e7:d8:09:e7:38:33:32:c5:7d:8a:2c:05:0a: d3:26:78:4f:c1:a2:f6:c7:e4:21:9b:b5:2f:71:e1:fd:89:b0: fd:2b:6e:19:7d:b8:95:99:3c:a6:5f:d5:63:6a:99:25:13:fa: fe:10:85:1f:d0:c9:ac:e9:48:7f:35:e0:79:2f:3a:8b:db:9c: a0:f8:24:e2:a9:62:6c:79:d0:7f:03:61:4f:0a:6e:d6:23:45: d3:0c:bb:59:db:b1:91:4c:c2:d8:e7:aa:73:59:cb:55:f0:9c: 7f:9f:09:46:3a:a1:c1:77:4a:82:b2:9b:29:b9:7c:3f:cf:e3: dc:c7:d9:94:33:f3:d7:f7:c9:27:76:b4:b0:c4:8e:d0:88:f0: 11:e9:59:6a:b7:f4:67:a1:63:55:e4:fd:00:6a:b7:a5:c9:4f: ea:f9:a2:5e -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIURAnvpt14mdIqASFmVKbXxdEz0+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgwMVoX DTI3MDUwMTA5MjMwMVowMzExMC8GA1UEAxMoRUU2MDMyNjQ4M0E5OUQyOUJEQTAx RjJCRjYzMjA2MzY5NjkzMDBFQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSNwLznNH/n8nP8OsChreayhoGoJMczMOQvbRAI50woE6T1RJf2MPqhstBR NmZQT0kpOBwAq4K0vfcFRIiwASsCIykKBb7RaikMwEGso5Z4pRw96TD4wjARtIvH soPDf2XI9Lx3A0EOCvwL4rU7Ez4En28On5Hnj2CM9XqjRrYkvSHrDfDoQPUwOOPa /kD5Y5gzGtdhgQ0keXenk3A6584d3DqPMexWHqaaQzeFRblrwQjiQa5GqC5cOtbT pSU+bsxelYQxk4ucuqKO6EiXJYI8AdHoOaxuzjsefjE1c5mIi6H2avNAtDA/qA+p a+WJcSY8VpjAPWhbodvBMVqGpJkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTuYDJk g6mdKb2gHyv2MgY2lpMA7DAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTM5MjU3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAivz9MA0GCSqGSIb3DQEBCwUAA4IBAQCcNqzGgUydEU0W6jdxJ1sHcom2 tRAQFSHmevKYQW6ELQC534baaqS94JcZMs8v2GorhRFCpj8bb/DxVmhr2C0IbPLJ 5U1jqMfh8OTJZcBbrllMhkaB1RJgZg1zrSJK3ufYCec4MzLFfYosBQrTJnhPwaL2 x+Qhm7UvceH9ibD9K24ZfbiVmTymX9VjapklE/r+EIUf0Mms6Uh/NeB5LzqL25yg +CTiqWJsedB/A2FPCm7WI0XTDLtZ27GRTMLY56pzWctV8Jx/nwlGOqHBd0qCspsp uXw/z+Pcx9mUM/PX98kndrSwxI7QiPAR6Vlqt/RnoWNV5P0AarelyU/q+aJe -----END CERTIFICATE-----Generated at Sat May 2 21:06:05 2026 by rpki-client