$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS137310.roa File: AS137310.roa (raw, json) Hash identifier: oq5Y6Q3Sns3AT0aOJnfVVJEhh9iFoIY71wowqfnR18s= Subject key identifier: 95:C8:3D:0C:06:61:89:18:65:8C:B0:1C:90:32:81:D6:7C:9E:13:C5 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 29EEF734703348B58636156C414977B86AD4EA60 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137310.roa Signing time: Sat 02 May 2026 09:19:33 +0000 ROA not before: Sat 02 May 2026 09:14:33 +0000 ROA not after: Sat 01 May 2027 09:19:33 +0000 asID: 137310 IP address blocks: 103.109.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 05 May 2026 16:31:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:ee:f7:34:70:33:48:b5:86:36:15:6c:41:49:77:b8:6a:d4:ea:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:14:33 2026 GMT Not After : May 1 09:19:33 2027 GMT Subject: CN=95C83D0C06618918658CB01C903281D67C9E13C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a6:f6:b9:92:8f:2b:13:ee:07:28:54:a1:18: 9a:1d:a3:e9:a0:7d:6f:d7:d3:22:4d:36:b8:eb:c9: 4c:ac:e3:a3:a6:1c:a3:73:61:0f:86:35:71:59:90: b4:16:a2:ba:ff:4f:03:74:13:e9:42:d4:2e:43:24: 9b:39:35:9b:00:50:3e:4f:2f:d8:67:33:96:5a:06: 5e:73:90:eb:df:81:87:5d:3d:60:04:62:a9:85:3f: c1:9d:88:0d:7f:e6:20:f7:55:f4:85:6e:e9:d5:d2: bf:1e:d5:50:79:70:cf:75:d3:d3:25:17:fb:d0:3e: 84:2f:c3:4b:b5:3f:f6:9c:42:a9:48:52:d2:f0:10: b4:8f:6e:ae:4b:ff:08:c4:9e:0a:8c:a9:c6:00:2e: f4:5b:80:4c:42:cf:be:30:39:d2:a3:f7:f6:8b:01: 3c:4f:c9:09:23:82:40:70:87:b0:93:82:ed:17:73: e4:c9:2a:02:c4:b6:62:c7:c7:f7:fa:5a:49:f8:d8: 5e:1a:b7:6f:49:d0:4d:72:98:b0:9f:21:5c:f9:d2: 69:64:ec:ee:1d:6e:42:71:d5:54:5f:49:09:da:35: 8f:38:86:f0:6c:3d:50:d9:db:c9:17:28:4e:c9:11: 26:d1:43:06:25:2f:a3:10:89:c9:b0:c5:94:c7:3f: ff:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:C8:3D:0C:06:61:89:18:65:8C:B0:1C:90:32:81:D6:7C:9E:13:C5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137310.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.109.0.0/22 Signature Algorithm: sha256WithRSAEncryption 0d:c2:14:d7:9d:bc:14:34:21:35:d5:af:45:e0:52:df:65:e5: 49:b1:de:4a:36:cd:b4:32:73:b8:37:f6:f6:9e:a2:8e:25:0a: cc:e2:59:9c:44:22:77:ee:02:5e:1a:ad:4e:41:8a:9c:55:8b: a4:e3:51:81:21:c4:65:f2:2f:79:bb:d3:2e:d0:34:dc:fc:aa: 17:a3:53:8a:ce:78:9c:d9:23:a9:a5:2d:c2:9c:0e:18:56:f2: 5b:d6:91:c1:ed:1d:a3:24:5b:d7:e3:fe:73:28:71:b0:40:25: 51:80:67:29:14:4e:c4:01:76:64:6b:8a:d3:0b:8c:5a:98:0f: c5:5e:2a:37:90:81:33:92:42:c2:bd:3f:cd:69:a6:ee:02:bd: c6:e7:18:84:67:dd:94:3e:2f:1b:ce:79:e3:ca:2e:f4:9f:1c: 89:2d:51:37:3a:54:3f:a8:1d:8e:11:67:8a:ef:fc:f7:cc:44: 90:2a:a6:ee:21:47:5d:6b:7a:76:c2:f5:68:25:e6:63:50:90: 9b:03:bb:0e:6c:25:f9:de:ed:30:90:87:98:ff:6d:dd:d2:13: c3:7c:7e:10:bc:2c:db:79:e0:05:fb:a3:9c:e9:0e:0f:70:15: 5c:50:85:b6:2e:bd:a6:55:20:65:ea:70:de:de:86:ad:e0:70: 10:65:0b:89 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUKe73NHAzSLWGNhVsQUl3uGrU6mAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTQzM1oX DTI3MDUwMTA5MTkzM1owMzExMC8GA1UEAxMoOTVDODNEMEMwNjYxODkxODY1OENC MDFDOTAzMjgxRDY3QzlFMTNDNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOCm9rmSjysT7gcoVKEYmh2j6aB9b9fTIk02uOvJTKzjo6Yco3NhD4Y1cVmQ tBaiuv9PA3QT6ULULkMkmzk1mwBQPk8v2GczlloGXnOQ69+Bh109YARiqYU/wZ2I DX/mIPdV9IVu6dXSvx7VUHlwz3XT0yUX+9A+hC/DS7U/9pxCqUhS0vAQtI9urkv/ CMSeCoypxgAu9FuATELPvjA50qP39osBPE/JCSOCQHCHsJOC7Rdz5MkqAsS2YsfH 9/paSfjYXhq3b0nQTXKYsJ8hXPnSaWTs7h1uQnHVVF9JCdo1jziG8Gw9UNnbyRco TskRJtFDBiUvoxCJybDFlMc//8MCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSVyD0M BmGJGGWMsByQMoHWfJ4TxTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM3MzEwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQCZ20AMA0GCSqGSIb3DQEBCwUAA4IBAQANwhTXnbwUNCE11a9F4FLfZeVJ sd5KNs20MnO4N/b2nqKOJQrM4lmcRCJ37gJeGq1OQYqcVYuk41GBIcRl8i95u9Mu 0DTc/KoXo1OKznic2SOppS3CnA4YVvJb1pHB7R2jJFvX4/5zKHGwQCVRgGcpFE7E AXZka4rTC4xamA/FXio3kIEzkkLCvT/NaabuAr3G5xiEZ92UPi8bznnjyi70nxyJ LVE3OlQ/qB2OEWeK7/z3zESQKqbuIUdda3p2wvVoJeZjUJCbA7sObCX53u0wkIeY /23d0hPDfH4QvCzbeeAF+6Oc6Q4PcBVcUIW2Lr2mVSBl6nDe3oat4HAQZQuJ -----END CERTIFICATE-----Generated at Tue May 5 08:38:14 2026 by rpki-client