$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS10137.roa File: AS10137.roa (raw, json) Hash identifier: MMAoHNtbIE2OqS/3IZB4AxPRKtLTxqyaWoEDO+CWJdo= Subject key identifier: 7E:F5:04:09:84:86:1D:4F:58:B2:71:50:68:03:E2:CE:1F:F0:6B:2B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 13E9CFC0986A2F85155583B340E53C7E1FEDB4F6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS10137.roa Signing time: Sat 02 May 2026 09:27:35 +0000 ROA not before: Sat 02 May 2026 09:22:35 +0000 ROA not after: Sat 01 May 2027 09:27:35 +0000 asID: 10137 IP address blocks: 45.126.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:e9:cf:c0:98:6a:2f:85:15:55:83:b3:40:e5:3c:7e:1f:ed:b4:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:35 2026 GMT Not After : May 1 09:27:35 2027 GMT Subject: CN=7EF5040984861D4F58B271506803E2CE1FF06B2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d3:8a:b8:e5:61:ac:e5:33:7d:8a:b7:c7:d5: 1c:28:85:a4:df:a1:3c:77:bf:11:68:7b:9d:1d:d9: 47:23:6a:83:1a:0f:b4:79:e3:23:ab:3e:c9:aa:f3: 4d:90:7b:cc:18:e9:a3:6d:31:18:f7:7c:ad:25:6f: 3a:4c:4c:66:98:e5:45:de:f4:7a:56:d3:58:53:b1: 84:c8:f2:ec:ba:69:c3:ce:83:d5:69:4e:8d:eb:4c: 8e:9b:ea:18:d9:c5:7e:2a:c4:70:f9:ad:ad:42:6c: 53:be:8d:99:fb:a9:bf:b4:96:58:04:46:49:63:8f: fb:b3:79:2f:0c:80:d6:b0:eb:35:1f:5c:54:f5:af: 8d:f7:5e:bb:79:8a:a3:13:ca:89:77:09:8a:d7:9b: 0d:5e:69:57:97:b7:54:cd:18:16:68:64:2c:47:52: 0a:82:b4:54:b6:cc:6a:ec:86:97:f4:cd:1d:8c:4a: 05:b4:1b:cb:36:f6:09:c3:33:25:ed:b8:97:76:09: 4e:48:31:2f:ae:87:f3:4c:17:2c:2d:d4:c7:a6:9e: 9c:ed:ca:d8:13:72:ea:38:5c:2b:ee:3a:71:bf:51: d3:74:33:99:46:7c:60:63:96:01:cd:47:dc:f4:d0: e7:1c:b0:af:4c:f1:d2:be:20:67:37:0f:60:ee:0e: 02:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:F5:04:09:84:86:1D:4F:58:B2:71:50:68:03:E2:CE:1F:F0:6B:2B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS10137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.126.154.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:43:7a:f3:d7:92:01:35:77:e6:b5:ee:a5:5b:5f:46:86:bc: 84:85:90:1f:76:0c:86:ee:2e:58:d8:06:48:2f:55:15:7d:00: d5:2c:12:88:81:4f:07:3f:d5:f3:9a:58:d5:ec:86:8e:ba:34: 2b:79:dc:3e:ae:0e:55:d8:db:67:36:a6:00:dd:01:a1:85:f5: 1d:20:3a:4f:0b:06:d4:bc:1c:fb:3e:66:e7:b6:60:cc:ee:4e: 1d:a6:00:d2:49:31:4c:c7:ae:57:a4:46:42:06:7d:12:02:a4: 1f:5a:34:24:4a:97:46:96:89:03:9e:18:75:b2:64:dd:a2:14: 8a:ff:19:f5:44:5c:8d:ea:ae:07:c2:e8:23:b0:0b:21:24:f6: 34:01:98:85:21:03:0e:6b:78:89:42:33:e7:b3:ee:86:f9:64: 0e:00:49:d7:bb:b9:a8:ae:11:d0:3f:f2:d8:2b:98:47:a2:87: e2:3d:11:61:b4:70:6a:10:3f:0e:57:46:9e:43:d7:6a:45:37: e5:76:99:ea:46:af:75:ad:6c:2f:fa:94:5a:a0:d8:a5:51:17: 4a:69:95:24:86:90:54:21:ef:b7:b9:c2:6d:35:8d:5d:c0:26: 34:d3:d5:a1:6b:2e:eb:60:49:0a:5d:22:cf:d1:c0:45:dc:8a: de:f9:a0:24 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgIUE+nPwJhqL4UVVYOzQOU8fh/ttPYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIzNVoX DTI3MDUwMTA5MjczNVowMzExMC8GA1UEAxMoN0VGNTA0MDk4NDg2MUQ0RjU4QjI3 MTUwNjgwM0UyQ0UxRkYwNkIyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALHTirjlYazlM32Kt8fVHCiFpN+hPHe/EWh7nR3ZRyNqgxoPtHnjI6s+yarz TZB7zBjpo20xGPd8rSVvOkxMZpjlRd70elbTWFOxhMjy7Lppw86D1WlOjetMjpvq GNnFfirEcPmtrUJsU76Nmfupv7SWWARGSWOP+7N5LwyA1rDrNR9cVPWvjfdeu3mK oxPKiXcJitebDV5pV5e3VM0YFmhkLEdSCoK0VLbMauyGl/TNHYxKBbQbyzb2CcMz Je24l3YJTkgxL66H80wXLC3Ux6aenO3K2BNy6jhcK+46cb9R03QzmUZ8YGOWAc1H 3PTQ5xywr0zx0r4gZzcPYO4OAn0CAwEAAaOCAcswggHHMB0GA1UdDgQWBBR+9QQJ hIYdT1iycVBoA+LOH/BrKzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBRBggrBgEFBQcBCwRFMEMwQQYIKwYBBQUHMAuGNXJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTAxMzcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAtfpowDQYJKoZIhvcNAQELBQADggEBACxDevPXkgE1d+a17qVbX0aGvISF kB92DIbuLljYBkgvVRV9ANUsEoiBTwc/1fOaWNXsho66NCt53D6uDlXY22c2pgDd AaGF9R0gOk8LBtS8HPs+Zue2YMzuTh2mANJJMUzHrlekRkIGfRICpB9aNCRKl0aW iQOeGHWyZN2iFIr/GfVEXI3qrgfC6COwCyEk9jQBmIUhAw5reIlCM+ez7ob5ZA4A Sde7uaiuEdA/8tgrmEeih+I9EWG0cGoQPw5XRp5D12pFN+V2mepGr3WtbC/6lFqg 2KVRF0pplSSGkFQh77e5wm01jV3AJjTT1aFrLutgSQpdIs/RwEXcit75oCQ= -----END CERTIFICATE-----Generated at Sun May 3 00:40:24 2026 by rpki-client