$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138838.roa File: AS138838.roa (raw, json) Hash identifier: QkOkrjuy2ZfP58aIoN7tT0qXypYmlvPhqbHXdhJH6lQ= Subject key identifier: 8F:9B:66:2D:A3:AC:02:3B:17:0B:71:79:B7:F3:D1:CE:C3:D7:89:32 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 245D409901204221DC3FEE05D8395E77B66DE9D6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138838.roa Signing time: Sat 02 May 2026 21:04:57 +0000 ROA not before: Sat 02 May 2026 20:59:57 +0000 ROA not after: Sat 01 May 2027 21:04:57 +0000 asID: 138838 IP address blocks: 103.138.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:5d:40:99:01:20:42:21:dc:3f:ee:05:d8:39:5e:77:b6:6d:e9:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 20:59:57 2026 GMT Not After : May 1 21:04:57 2027 GMT Subject: CN=8F9B662DA3AC023B170B7179B7F3D1CEC3D78932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3b:9c:de:b6:73:f4:4e:07:de:f2:2c:57:49: 55:9a:05:db:e4:63:28:b1:4c:03:b4:d4:5a:0d:a4: 44:1a:4e:bf:37:2b:80:26:14:cc:bb:aa:35:6c:91: 09:40:2f:83:88:6e:fe:30:bb:39:1c:4a:d2:e9:46: b6:f3:68:2c:b6:4a:1e:08:21:47:7b:26:e5:1d:1e: 1d:07:44:62:6b:b5:4d:f9:c9:45:30:1f:a1:d5:1e: 0a:4d:0f:de:e7:40:06:6d:33:ea:7b:81:e8:05:ca: 26:c8:9b:5e:17:70:c1:a8:34:84:bf:52:98:e0:65: 8d:cf:05:d4:11:db:fe:a6:e5:35:04:ae:d5:70:ba: 75:f6:32:50:b2:98:ff:97:a5:f5:5e:44:80:5c:f9: 4f:86:0d:ac:cc:41:2c:8f:78:0e:62:7c:a4:13:68: b7:4c:b8:78:2b:aa:06:8c:1a:c1:b2:a6:80:07:c1: d0:ec:0b:30:50:13:49:35:53:c8:71:76:21:8b:80: e1:09:b8:8c:e5:e3:ac:f0:19:a6:01:73:7e:b6:8a: 60:72:ae:51:d8:fb:48:8b:1a:dc:9d:78:3a:c0:e0: 21:81:ff:6d:92:6b:b1:6e:5b:b0:ad:06:75:7e:bd: d7:4d:6c:79:c3:26:65:0c:98:e4:0d:44:3e:91:8c: 60:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:9B:66:2D:A3:AC:02:3B:17:0B:71:79:B7:F3:D1:CE:C3:D7:89:32 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138838.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.138.204.0/23 Signature Algorithm: sha256WithRSAEncryption 46:23:6b:2a:e7:f3:1a:31:94:06:2a:e7:3a:94:4f:ee:f8:63: 8c:f1:fe:6a:62:df:48:0e:43:0a:c1:2d:5d:79:11:f0:e0:90: ba:97:d7:05:aa:ba:41:ac:f6:2a:94:85:83:97:dd:fa:fd:fe: da:f0:26:67:e6:df:8c:76:22:fc:1d:87:70:82:80:07:56:bd: b4:02:8a:05:5b:c4:e5:e6:2d:47:82:88:6b:0e:c5:f3:47:0b: 0a:e9:66:59:38:e5:ea:f6:30:dd:d1:1d:00:2b:c9:f8:e6:9f: ae:e6:3f:bc:f7:ee:ed:22:8e:41:d7:d1:2f:b2:d1:a7:75:38: 2b:61:ea:d8:15:36:b9:78:c4:b4:9f:a6:35:ac:c8:c1:a0:79: 6c:15:2b:1a:57:92:d3:9e:de:18:53:7c:03:5d:c4:6d:1d:77: 66:ba:6b:73:ca:7c:0c:22:49:9c:4e:23:3b:f3:63:87:f8:a7: f3:49:4d:a1:1f:79:02:d1:60:68:ed:48:08:d1:76:fb:18:47: ec:6b:58:09:8d:74:77:88:4e:e0:43:45:8b:04:30:d4:c5:9f: 3d:34:2b:c8:69:4f:0a:ca:76:dc:cb:77:3e:9d:3a:03:a8:aa: 1b:02:60:a6:1a:ea:23:7f:51:63:ac:69:79:f0:13:0f:42:e2: b8:6e:78:07 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUJF1AmQEgQiHcP+4F2Dled7Zt6dYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwNTk1N1oX DTI3MDUwMTIxMDQ1N1owMzExMC8GA1UEAxMoOEY5QjY2MkRBM0FDMDIzQjE3MEI3 MTc5QjdGM0QxQ0VDM0Q3ODkzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM87nN62c/ROB97yLFdJVZoF2+RjKLFMA7TUWg2kRBpOvzcrgCYUzLuqNWyR CUAvg4hu/jC7ORxK0ulGtvNoLLZKHgghR3sm5R0eHQdEYmu1TfnJRTAfodUeCk0P 3udABm0z6nuB6AXKJsibXhdwwag0hL9SmOBljc8F1BHb/qblNQSu1XC6dfYyULKY /5el9V5EgFz5T4YNrMxBLI94DmJ8pBNot0y4eCuqBowawbKmgAfB0OwLMFATSTVT yHF2IYuA4Qm4jOXjrPAZpgFzfraKYHKuUdj7SIsa3J14OsDgIYH/bZJrsW5bsK0G dX69101secMmZQyY5A1EPpGMYLsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSPm2Yt o6wCOxcLcXm389HOw9eJMjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODM4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ4rMMA0GCSqGSIb3DQEBCwUAA4IBAQBGI2sq5/MaMZQGKuc6lE/u+GOM 8f5qYt9IDkMKwS1deRHw4JC6l9cFqrpBrPYqlIWDl936/f7a8CZn5t+MdiL8HYdw goAHVr20AooFW8Tl5i1HgohrDsXzRwsK6WZZOOXq9jDd0R0AK8n45p+u5j+89+7t Io5B19EvstGndTgrYerYFTa5eMS0n6Y1rMjBoHlsFSsaV5LTnt4YU3wDXcRtHXdm umtzynwMIkmcTiM782OH+KfzSU2hH3kC0WBo7UgI0Xb7GEfsa1gJjXR3iE7gQ0WL BDDUxZ89NCvIaU8Kynbcy3c+nToDqKobAmCmGuojf1FjrGl58BMPQuK4bngH -----END CERTIFICATE-----Generated at Sun May 3 00:42:30 2026 by rpki-client