$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS137939.roa File: AS137939.roa (raw, json) Hash identifier: g4KyfcKXX5n5EvFQ/Hq9FGHHB8mQL82SbYTfoy/JStI= Subject key identifier: 75:B7:60:0B:D7:55:DE:17:54:98:61:BF:84:03:A5:49:59:8A:CC:06 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1DF443D361E87EF73668C537EEC84D4F06335BBF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137939.roa Signing time: Sat 02 May 2026 08:35:31 +0000 ROA not before: Sat 02 May 2026 08:30:31 +0000 ROA not after: Sat 01 May 2027 08:35:31 +0000 asID: 137939 IP address blocks: 2001:df6:3140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:f4:43:d3:61:e8:7e:f7:36:68:c5:37:ee:c8:4d:4f:06:33:5b:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:31 2026 GMT Not After : May 1 08:35:31 2027 GMT Subject: CN=75B7600BD755DE17549861BF8403A549598ACC06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:2a:6c:d5:84:2d:3b:6d:1d:9e:60:53:62:f9: 4e:6f:e8:9d:c2:de:97:0c:5c:1c:fe:2f:b9:79:2c: dd:bd:3a:7d:32:92:c1:31:67:63:d6:90:07:a3:cf: d9:c8:fe:69:fe:d8:10:ab:69:31:14:7d:6b:24:3e: 5a:1e:cc:e1:fe:9a:24:32:3a:7a:10:00:c7:52:3a: fc:9e:25:26:65:af:e6:45:70:33:8e:81:db:5b:f0: b3:cc:c1:64:c0:81:00:0f:5b:f0:a6:5c:74:66:20: e6:cd:48:3f:fd:0c:1c:36:27:ed:c6:81:0c:9e:6d: 64:5b:59:af:f2:f7:5e:26:d6:e8:2b:be:f2:2e:57: fb:2c:a9:37:b7:cb:a1:fd:87:88:36:ae:57:17:aa: d9:17:2f:4d:40:f7:c5:43:49:f9:30:f4:e9:94:9c: 8a:35:ca:cf:a2:2e:98:bd:7d:dc:af:a7:49:fc:e0: 93:7e:c7:41:3e:06:d9:a1:18:64:7b:58:12:82:b4: 62:df:36:b2:97:3f:37:62:b4:4a:fa:14:b5:6d:55: 19:d0:37:a6:86:76:d4:50:1d:84:d3:f9:1b:9b:7b: 76:f8:40:40:84:b6:0e:16:7c:87:f8:9c:10:1c:9f: 5d:b5:41:52:4a:60:4e:6e:c6:75:e3:76:fd:b5:96: e4:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:B7:60:0B:D7:55:DE:17:54:98:61:BF:84:03:A5:49:59:8A:CC:06 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS137939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:3140::/48 Signature Algorithm: sha256WithRSAEncryption 3d:10:fe:00:29:43:73:09:88:9b:f0:ed:5b:ea:f7:97:5c:e3: bf:d1:8b:26:75:25:01:c9:06:9a:ef:de:bf:40:18:fe:94:c8: 28:0a:bb:86:89:ff:9e:bd:96:83:c3:99:44:da:32:94:8f:a0: bc:40:b6:33:47:84:b9:ca:70:f5:a5:f2:71:4f:af:cb:23:68: 3c:f4:20:98:86:be:6a:7d:b2:d8:82:83:98:50:2e:09:de:9e: 26:f2:7d:d4:14:a9:cc:30:3e:14:ac:4a:52:e3:2f:01:8f:e6: 09:35:84:98:63:b9:c9:29:32:59:71:f2:bc:1d:45:8c:17:b5: 41:dd:ec:55:56:26:c4:08:68:99:73:8b:81:0d:89:eb:87:b7: 7d:07:48:bc:8c:be:ee:e2:61:15:eb:7a:d7:b4:3b:26:6d:72: 03:a9:c2:4a:2a:bc:b6:50:d0:9b:3a:05:de:14:78:f5:6c:a9: 38:7e:15:15:b2:eb:d6:0f:b6:30:e0:79:91:20:2e:5d:17:a8: 3f:e4:21:f7:ca:42:41:34:21:4c:1b:67:1d:fa:c9:76:70:96: e3:1b:ca:7d:96:a5:c0:a9:f8:4a:88:b9:86:3f:f7:36:d1:4e: 68:53:c3:01:35:29:21:11:9f:42:7b:70:0c:c6:6b:0d:d8:52: 3a:ab:e6:05 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUHfRD02Hofvc2aMU37shNTwYzW78wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzAzMVoX DTI3MDUwMTA4MzUzMVowMzExMC8GA1UEAxMoNzVCNzYwMEJENzU1REUxNzU0OTg2 MUJGODQwM0E1NDk1OThBQ0MwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgqbNWELTttHZ5gU2L5Tm/oncLelwxcHP4vuXks3b06fTKSwTFnY9aQB6PP 2cj+af7YEKtpMRR9ayQ+Wh7M4f6aJDI6ehAAx1I6/J4lJmWv5kVwM46B21vws8zB ZMCBAA9b8KZcdGYg5s1IP/0MHDYn7caBDJ5tZFtZr/L3XibW6Cu+8i5X+yypN7fL of2HiDauVxeq2RcvTUD3xUNJ+TD06ZScijXKz6IumL193K+nSfzgk37HQT4G2aEY ZHtYEoK0Yt82spc/N2K0SvoUtW1VGdA3poZ21FAdhNP5G5t7dvhAQIS2DhZ8h/ic EByfXbVBUkpgTm7GdeN2/bWW5O8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBR1t2AL 11XeF1SYYb+EA6VJWYrMBjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM3OTM5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9jFAMA0GCSqGSIb3DQEBCwUAA4IBAQA9EP4AKUNzCYib8O1b6veX XOO/0YsmdSUByQaa796/QBj+lMgoCruGif+evZaDw5lE2jKUj6C8QLYzR4S5ynD1 pfJxT6/LI2g89CCYhr5qfbLYgoOYUC4J3p4m8n3UFKnMMD4UrEpS4y8Bj+YJNYSY Y7nJKTJZcfK8HUWMF7VB3exVVibECGiZc4uBDYnrh7d9B0i8jL7u4mEV63rXtDsm bXIDqcJKKry2UNCbOgXeFHj1bKk4fhUVsuvWD7Yw4HmRIC5dF6g/5CH3ykJBNCFM G2cd+sl2cJbjG8p9lqXAqfhKiLmGP/c20U5oU8MBNSkhEZ9Ce3AMxmsN2FI6q+YF -----END CERTIFICATE-----Generated at Sun May 3 00:42:29 2026 by rpki-client