$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138065.roa File: AS138065.roa (raw, json) Hash identifier: 2wVBck4wZzN3+2TB9Cblj5lBzFC92HjN1Ufz/1Dj2Ig= Subject key identifier: 12:CD:F1:65:E1:33:AE:36:F2:8A:F2:EC:FE:9B:39:77:85:05:D9:D6 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4E05293A53361A458AE5E71DF3A43D98388C2FE7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138065.roa Signing time: Sat 02 May 2026 09:21:27 +0000 ROA not before: Sat 02 May 2026 09:16:27 +0000 ROA not after: Sat 01 May 2027 09:21:27 +0000 asID: 138065 IP address blocks: 103.219.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:05:29:3a:53:36:1a:45:8a:e5:e7:1d:f3:a4:3d:98:38:8c:2f:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:27 2026 GMT Not After : May 1 09:21:27 2027 GMT Subject: CN=12CDF165E133AE36F28AF2ECFE9B39778505D9D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:74:c5:81:86:1f:61:ec:f6:7f:f5:0e:54:6c: c9:94:00:3c:8d:48:90:bc:02:e6:b9:00:b7:31:81: 10:68:e1:a4:e4:58:4b:a3:a3:21:26:f8:dd:c6:6e: 5c:46:ca:34:cb:db:fb:7e:60:8d:3d:46:df:c3:45: 5f:d7:78:d5:a6:6d:f6:5f:09:43:a6:3e:16:68:02: e1:4f:ad:88:f7:a2:b0:0a:22:0f:18:0d:b6:01:9b: 58:40:93:04:bd:cd:7f:65:25:79:1b:11:6b:bd:59: 85:14:d7:54:02:79:67:d3:2c:e1:c4:92:d6:9c:08: 6f:eb:9f:96:3e:55:ef:9a:30:9a:8c:80:f8:4e:ec: c2:30:4a:78:7d:21:20:28:47:f4:e4:b5:1e:ea:0f: ea:5a:dd:4e:05:28:53:1a:92:14:74:53:df:50:04: 61:bc:c6:06:c1:bf:87:b8:68:9b:2b:f2:df:4a:f5: 0a:22:d7:f3:b6:f9:ac:37:32:b9:73:7b:07:06:11: f7:fa:aa:b5:c0:9e:72:b2:a9:f3:40:45:71:a7:c4: 8d:d3:48:1a:e8:49:86:6b:18:2c:57:70:af:58:09: 09:96:17:35:b4:a1:53:72:39:a7:e2:9b:97:2d:79: f0:c4:da:5d:95:22:0a:51:c8:5d:1b:fe:8d:bb:0b: 3a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:CD:F1:65:E1:33:AE:36:F2:8A:F2:EC:FE:9B:39:77:85:05:D9:D6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138065.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.219.226.0/23 Signature Algorithm: sha256WithRSAEncryption a4:e3:c8:bb:f9:10:77:16:58:4c:b2:f7:8b:39:09:b0:08:cb: ea:b4:bd:6c:ca:df:bb:b9:70:c9:25:ae:a7:c3:4f:32:50:b8: 64:eb:a2:1b:e7:79:7f:fb:63:1a:cb:38:e2:80:fb:4f:34:4b: 54:5f:3e:f6:14:a3:af:8b:c6:03:24:b0:f5:3c:4d:38:80:cd: 7d:ab:7b:6e:e6:e7:8e:7e:fc:72:87:14:10:f7:51:70:b4:f8: 10:36:33:ec:72:91:67:87:3c:80:a2:24:73:75:81:d4:c6:d9: 51:db:eb:1f:17:14:30:46:24:87:7d:58:64:4f:48:37:36:cd: 3c:b8:e1:63:27:e9:57:79:0b:9e:e1:f2:ca:49:e8:85:2d:74: 9e:6e:18:18:8a:b8:dc:b5:e4:8a:c0:31:a2:3f:1c:63:79:17: bc:a8:a6:47:c5:5d:4a:b5:d4:5f:46:b8:8a:64:69:98:de:54: 1b:f8:e8:5a:b8:85:fb:55:8f:32:b2:2f:dc:30:d8:d7:3a:4a: 55:7a:ce:5e:3b:b3:59:da:21:e8:76:75:35:07:c9:96:d6:05: 5a:3d:dc:f8:52:da:b7:23:82:ca:25:a0:fd:81:5c:bf:62:cf: 59:31:45:8c:54:29:e5:2b:ad:51:5e:04:c7:de:ed:87:99:60: d7:7e:4a:61 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUTgUpOlM2GkWK5ecd86Q9mDiML+cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTYyN1oX DTI3MDUwMTA5MjEyN1owMzExMC8GA1UEAxMoMTJDREYxNjVFMTMzQUUzNkYyOEFG MkVDRkU5QjM5Nzc4NTA1RDlENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANN0xYGGH2Hs9n/1DlRsyZQAPI1IkLwC5rkAtzGBEGjhpORYS6OjISb43cZu XEbKNMvb+35gjT1G38NFX9d41aZt9l8JQ6Y+FmgC4U+tiPeisAoiDxgNtgGbWECT BL3Nf2UleRsRa71ZhRTXVAJ5Z9Ms4cSS1pwIb+uflj5V75owmoyA+E7swjBKeH0h IChH9OS1HuoP6lrdTgUoUxqSFHRT31AEYbzGBsG/h7homyvy30r1CiLX87b5rDcy uXN7BwYR9/qqtcCecrKp80BFcafEjdNIGuhJhmsYLFdwr1gJCZYXNbShU3I5p+Kb ly158MTaXZUiClHIXRv+jbsLOjUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQSzfFl 4TOuNvKK8uz+mzl3hQXZ1jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4MDY1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ9viMA0GCSqGSIb3DQEBCwUAA4IBAQCk48i7+RB3FlhMsveLOQmwCMvq tL1syt+7uXDJJa6nw08yULhk66Ib53l/+2MayzjigPtPNEtUXz72FKOvi8YDJLD1 PE04gM19q3tu5ueOfvxyhxQQ91FwtPgQNjPscpFnhzyAoiRzdYHUxtlR2+sfFxQw RiSHfVhkT0g3Ns08uOFjJ+lXeQue4fLKSeiFLXSebhgYirjcteSKwDGiPxxjeRe8 qKZHxV1KtdRfRriKZGmY3lQb+OhauIX7VY8ysi/cMNjXOkpVes5eO7NZ2iHodnU1 B8mW1gVaPdz4Utq3I4LKJaD9gVy/Ys9ZMUWMVCnlK61RXgTH3u2HmWDXfkph -----END CERTIFICATE-----Generated at Sun May 3 00:40:42 2026 by rpki-client