$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS137289.roa File: AS137289.roa (raw, json) Hash identifier: NTjD767b4yN/1MSntm0ZKPXk8cigZfkcuv+diwZARcs= Subject key identifier: 7B:FC:4C:E0:36:84:8C:7B:D7:2A:6B:C0:16:32:9F:7A:5A:74:35:7C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6E32F80E71E652D470A00AC9D388FF8781258F52 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137289.roa Signing time: Sat 02 May 2026 21:07:48 +0000 ROA not before: Sat 02 May 2026 21:02:48 +0000 ROA not after: Sat 01 May 2027 21:07:48 +0000 asID: 137289 IP address blocks: 103.107.100.0/22 maxlen: 24 103.146.244.0/24 maxlen: 24 103.146.245.0/24 maxlen: 24 103.146.246.0/24 maxlen: 24 103.146.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:32:f8:0e:71:e6:52:d4:70:a0:0a:c9:d3:88:ff:87:81:25:8f:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:02:48 2026 GMT Not After : May 1 21:07:48 2027 GMT Subject: CN=7BFC4CE036848C7BD72A6BC016329F7A5A74357C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8f:34:10:8a:b9:d5:c7:2f:2c:46:a8:cd:33: 50:09:c1:8f:ae:2b:5e:23:a2:97:a4:de:3e:62:1d: d3:a7:b5:55:0b:90:b4:ba:e6:ad:f4:0e:c3:fa:35: 1a:6a:20:8b:4e:c4:33:9a:fa:d4:e8:8d:04:67:cc: ca:69:76:d3:a0:d4:d2:42:0a:a9:8d:58:73:3d:8e: 59:b3:87:fe:34:c5:5d:85:db:1e:67:ff:ec:14:a1: d0:98:1c:ee:6b:27:33:aa:b2:ae:97:38:d7:05:87: 6d:82:e1:3e:98:09:2d:2e:cd:17:f2:fc:bb:b9:0c: 66:5d:ca:a6:08:26:49:03:78:90:24:a4:7e:53:db: cb:7d:77:23:07:ed:0e:93:a5:ef:2b:d4:22:00:ec: 17:b6:3c:82:4d:a4:10:be:a2:84:f1:b5:06:ba:5b: a5:71:64:0d:c1:17:f3:11:58:66:10:80:3d:bd:6f: 8e:30:f9:b8:fe:cb:a9:ed:cb:59:7a:90:22:fa:f0: 74:2d:ae:c2:3b:3e:41:92:4e:db:87:35:16:da:0a: 12:c3:9c:44:af:9b:18:08:4f:60:f5:b3:e6:64:68: cd:da:a1:14:20:ce:d2:0c:ad:2a:c7:d4:17:e8:6e: ff:3e:4b:b2:90:3c:18:af:b5:17:d7:ce:2c:bb:3d: 30:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:FC:4C:E0:36:84:8C:7B:D7:2A:6B:C0:16:32:9F:7A:5A:74:35:7C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137289.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.107.100.0/22 103.146.244.0/22 Signature Algorithm: sha256WithRSAEncryption 46:a2:94:af:af:b6:14:50:dc:5b:27:bf:c4:78:ae:b8:91:59: 5b:f5:d4:72:23:b0:b9:65:9b:2f:9a:0f:57:72:66:81:e7:f7: 4e:b3:cc:f0:08:51:b8:7b:67:75:4d:c1:7f:77:29:00:c5:f6: c8:58:f9:86:2c:af:54:56:e9:93:83:76:fc:63:c2:f7:2e:36: 40:f3:f8:fd:7d:9c:7c:cd:e0:1d:16:af:8e:cd:64:38:51:ab: cc:af:8b:ad:b5:42:52:9b:e9:55:71:ab:64:6d:e3:36:dc:a8: 4c:71:12:7a:12:4e:59:74:b9:8e:81:d1:1e:cf:b7:06:1e:c2: d5:b3:82:51:af:e6:03:80:7c:ec:ec:92:6e:4d:c6:ed:27:a6: b6:d3:56:44:57:c2:55:2c:d9:49:c7:f9:5b:76:3a:c5:50:1d: 31:d4:5f:21:eb:7a:5a:94:47:fb:fa:0e:7d:33:d8:9a:0a:4d: f3:dd:31:1a:95:d0:97:1c:4f:20:50:c1:fc:8c:f7:72:90:67: 19:21:0e:40:19:f3:f8:aa:5a:6d:ee:ed:12:97:fe:e5:d7:47: 4d:17:6a:21:c4:1f:a0:4a:fb:1f:65:34:48:1d:8d:4b:90:02: f9:32:22:98:c6:80:56:92:de:a8:7b:c0:d5:55:f0:4a:1b:63: 7c:a9:44:1d -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUbjL4DnHmUtRwoArJ04j/h4Elj1IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMDI0OFoX DTI3MDUwMTIxMDc0OFowMzExMC8GA1UEAxMoN0JGQzRDRTAzNjg0OEM3QkQ3MkE2 QkMwMTYzMjlGN0E1QTc0MzU3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSPNBCKudXHLyxGqM0zUAnBj64rXiOil6TePmId06e1VQuQtLrmrfQOw/o1 Gmogi07EM5r61OiNBGfMyml206DU0kIKqY1Ycz2OWbOH/jTFXYXbHmf/7BSh0Jgc 7msnM6qyrpc41wWHbYLhPpgJLS7NF/L8u7kMZl3KpggmSQN4kCSkflPby313Iwft DpOl7yvUIgDsF7Y8gk2kEL6ihPG1BrpbpXFkDcEX8xFYZhCAPb1vjjD5uP7Lqe3L WXqQIvrwdC2uwjs+QZJO24c1FtoKEsOcRK+bGAhPYPWz5mRozdqhFCDO0gytKsfU F+hu/z5LspA8GK+1F9fOLLs9MH0CAwEAAaOCAdIwggHOMB0GA1UdDgQWBBR7/Ezg NoSMe9cqa8AWMp96WnQ1fDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM3Mjg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQCZ2tkAwQCZ5L0MA0GCSqGSIb3DQEBCwUAA4IBAQBGopSvr7YUUNxbJ7/E eK64kVlb9dRyI7C5ZZsvmg9XcmaB5/dOs8zwCFG4e2d1TcF/dykAxfbIWPmGLK9U VumTg3b8Y8L3LjZA8/j9fZx8zeAdFq+OzWQ4UavMr4uttUJSm+lVcatkbeM23KhM cRJ6Ek5ZdLmOgdEez7cGHsLVs4JRr+YDgHzs7JJuTcbtJ6a201ZEV8JVLNlJx/lb djrFUB0x1F8h63palEf7+g59M9iaCk3z3TEaldCXHE8gUMH8jPdykGcZIQ5AGfP4 qlpt7u0Sl/7l10dNF2ohxB+gSvsfZTRIHY1LkAL5MiKYxoBWkt6oe8DVVfBKG2N8 qUQd -----END CERTIFICATE-----Generated at Sun May 3 00:41:39 2026 by rpki-client