$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138089.roa File: AS138089.roa (raw, json) Hash identifier: LQT9MW4NyHzw7tK/Emc/x9bY+R5FkCbeLhRRX76TWQg= Subject key identifier: FA:7F:18:35:46:BC:11:B6:D5:F7:FD:3A:45:2F:84:CE:BA:E6:9D:4C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 787A74C85BA10D91C8E6078FB44361769D298D95 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138089.roa Signing time: Sat 02 May 2026 09:22:21 +0000 ROA not before: Sat 02 May 2026 09:17:21 +0000 ROA not after: Sat 01 May 2027 09:22:21 +0000 asID: 138089 IP address blocks: 103.158.13.0/24 maxlen: 24 113.192.48.0/24 maxlen: 24 210.87.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:7a:74:c8:5b:a1:0d:91:c8:e6:07:8f:b4:43:61:76:9d:29:8d:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:17:21 2026 GMT Not After : May 1 09:22:21 2027 GMT Subject: CN=FA7F183546BC11B6D5F7FD3A452F84CEBAE69D4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:85:10:35:7f:89:85:84:7c:40:6a:4e:83:71: 56:d5:b8:6e:46:17:e0:fa:ce:30:2c:80:0b:8c:b8: d6:45:ee:07:3d:50:57:cd:f1:83:4b:a0:8b:00:1e: 15:b0:5a:e2:2f:19:5b:07:f0:36:61:68:b3:a6:23: 76:d3:51:34:6b:13:ff:d1:85:06:41:6c:15:1a:46: 22:97:9b:7d:ad:1c:6f:5d:0d:be:f8:ee:b0:da:19: a9:eb:38:7a:bb:6e:6b:98:9c:ad:14:21:f8:19:9f: 4f:e6:eb:1c:89:e8:97:a5:f8:c6:35:f3:16:b0:66: 23:59:57:62:cd:8d:30:5a:27:57:7a:a1:c3:a8:cc: 40:59:40:a9:82:b6:7b:ef:6b:90:50:27:78:7a:d0: 10:86:83:61:13:6c:3a:2e:8b:8d:7b:0c:64:2f:2f: b9:8f:87:c0:a7:15:de:9b:53:c7:ad:e7:27:be:fc: 9e:0b:e7:b6:16:a8:f9:85:0f:56:63:25:99:95:2c: 9e:ab:12:c6:03:e2:2f:2a:8a:4a:20:ae:40:e2:2e: 76:6a:ed:e7:a8:9b:70:e9:46:41:85:9e:dd:c5:31: 85:a9:b6:a3:44:0d:11:84:fd:d1:af:c6:28:fa:66: bd:41:a6:fd:90:a4:66:37:6a:ff:d4:e0:2d:bb:53: 5b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:7F:18:35:46:BC:11:B6:D5:F7:FD:3A:45:2F:84:CE:BA:E6:9D:4C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.13.0/24 113.192.48.0/24 210.87.74.0/24 Signature Algorithm: sha256WithRSAEncryption 92:54:90:04:fb:6e:82:56:d1:47:1e:c5:a5:c5:0d:bd:a6:3b: 00:ca:57:b9:c7:5a:7e:90:aa:2b:d1:ea:6c:ed:33:18:b4:f7: 4d:3c:b7:24:51:87:ff:6f:e2:bf:38:bf:5b:25:cc:3d:7a:e2: 33:a1:c0:79:3f:6b:a6:58:7b:ae:6e:9f:e7:a3:3d:5e:f0:5c: d3:a9:7b:53:de:4e:e0:76:1b:52:17:79:74:c4:95:15:b8:9a: ba:51:e4:13:f5:79:b3:15:97:a9:3e:f6:3e:19:82:2c:8d:08: bf:bc:23:32:dc:69:9c:6c:76:e8:84:6c:20:4b:a3:15:a3:66: 62:40:2a:9a:f7:3d:ca:a2:52:42:4b:65:89:e7:10:8c:d4:f4: 9c:4b:ee:5d:f5:bc:68:a3:e2:ea:82:ef:0a:8e:29:f5:dd:09: e7:a9:a3:d7:2e:8c:b6:fc:6d:16:98:0c:31:d6:c4:22:1a:6d: 14:33:2d:e4:3a:3e:18:11:af:98:db:b7:39:32:01:d5:02:2a: 24:ca:06:c2:45:e4:c4:d3:b6:c7:74:67:df:f8:bf:03:57:17: 46:c2:1b:03:94:22:85:6a:1c:6d:a9:8c:ad:2c:51:f5:ce:66: 78:e9:66:55:5f:12:b8:36:b7:b2:d7:30:2e:6b:84:10:b1:51: ae:e2:a1:92 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUeHp0yFuhDZHI5gePtENhdp0pjZUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTcyMVoX DTI3MDUwMTA5MjIyMVowMzExMC8GA1UEAxMoRkE3RjE4MzU0NkJDMTFCNkQ1RjdG RDNBNDUyRjg0Q0VCQUU2OUQ0QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuFEDV/iYWEfEBqToNxVtW4bkYX4PrOMCyAC4y41kXuBz1QV83xg0ugiwAe FbBa4i8ZWwfwNmFos6YjdtNRNGsT/9GFBkFsFRpGIpebfa0cb10NvvjusNoZqes4 ertua5icrRQh+BmfT+brHInol6X4xjXzFrBmI1lXYs2NMFonV3qhw6jMQFlAqYK2 e+9rkFAneHrQEIaDYRNsOi6LjXsMZC8vuY+HwKcV3ptTx63nJ778ngvnthao+YUP VmMlmZUsnqsSxgPiLyqKSiCuQOIudmrt56ibcOlGQYWe3cUxham2o0QNEYT90a/G KPpmvUGm/ZCkZjdq/9TgLbtTWzMCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBT6fxg1 RrwRttX3/TpFL4TOuuadTDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4MDg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIA ATASAwQAZ54NAwQAccAwAwQA0ldKMA0GCSqGSIb3DQEBCwUAA4IBAQCSVJAE+26C VtFHHsWlxQ29pjsAyle5x1p+kKor0eps7TMYtPdNPLckUYf/b+K/OL9bJcw9euIz ocB5P2umWHuubp/noz1e8FzTqXtT3k7gdhtSF3l0xJUVuJq6UeQT9XmzFZepPvY+ GYIsjQi/vCMy3GmcbHbohGwgS6MVo2ZiQCqa9z3KolJCS2WJ5xCM1PScS+5d9bxo o+Lqgu8Kjin13QnnqaPXLoy2/G0WmAwx1sQiGm0UMy3kOj4YEa+Y27c5MgHVAiok ygbCReTE07bHdGff+L8DVxdGwhsDlCKFahxtqYytLFH1zmZ46WZVXxK4Nrey1zAu a4QQsVGu4qGS -----END CERTIFICATE-----Generated at Sun May 3 00:40:28 2026 by rpki-client