$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138990.roa File: AS138990.roa (raw, json) Hash identifier: mqBw3tlfAoGxwu56zQxHZYsy0zwD8/B20vsCCMqqPqM= Subject key identifier: 41:BD:15:DA:30:71:47:E3:37:7C:41:4C:A1:F6:A5:D7:5D:B0:78:7C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 63C6E39E345A49CF307B07850BB64244C84398C6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138990.roa Signing time: Sat 02 May 2026 09:27:07 +0000 ROA not before: Sat 02 May 2026 09:22:07 +0000 ROA not after: Sat 01 May 2027 09:27:07 +0000 asID: 138990 IP address blocks: 2001:df6:b8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:c6:e3:9e:34:5a:49:cf:30:7b:07:85:0b:b6:42:44:c8:43:98:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:07 2026 GMT Not After : May 1 09:27:07 2027 GMT Subject: CN=41BD15DA307147E3377C414CA1F6A5D75DB0787C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:7f:81:42:22:7c:4d:25:b7:39:b7:4c:83:ee: 10:3e:63:9c:39:30:a8:91:c6:6f:70:83:f5:eb:0c: d8:20:58:7c:f6:67:66:22:d5:72:df:ea:3c:f8:85: 36:b8:ff:ca:bd:32:dc:e5:65:2e:37:19:07:35:21: 2b:32:11:d9:f5:1a:b3:9c:b2:fc:56:ed:e2:48:5d: 7f:ec:54:e7:c3:52:e7:e4:5b:75:65:08:04:e9:82: 26:9f:fe:38:4b:60:07:24:ac:17:51:c5:a5:0e:43: 65:72:08:0d:cf:54:50:22:2b:4d:88:d7:8d:a6:f3: 2d:95:69:4e:85:27:8b:e3:bb:3b:15:7f:64:ce:53: ea:89:8c:06:ac:8f:f5:17:3a:82:09:98:84:63:30: 1a:e5:c7:2b:88:3d:31:62:1a:d1:2f:f3:75:fa:84: 15:c4:8a:4c:d6:2e:76:dd:fc:51:6f:8e:43:f6:b6: 41:c6:46:b4:4f:8a:69:54:8a:b2:d5:c6:31:2f:b6: 72:11:ec:54:aa:ea:93:f6:ec:94:48:68:b0:40:e8: 7d:c6:88:f9:a8:bf:df:28:96:0f:c0:de:8e:29:0b: 4a:04:20:2c:57:a9:fa:ef:4e:32:f0:b1:50:15:66: d6:b2:df:9a:fc:f1:53:4c:ac:43:48:98:bd:66:65: 75:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:BD:15:DA:30:71:47:E3:37:7C:41:4C:A1:F6:A5:D7:5D:B0:78:7C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138990.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:b8c0::/48 Signature Algorithm: sha256WithRSAEncryption 63:ec:c8:ab:74:2a:7a:f9:8e:af:c1:cb:9d:d6:dc:65:6c:6e: 0c:c2:3e:f0:83:3a:62:eb:1b:09:65:04:b9:f2:0b:7c:a2:49: 2a:d2:33:67:41:e9:34:69:87:a3:3d:36:ab:31:0f:cd:f7:5f: a1:ef:80:ae:de:f6:89:a7:a7:d1:0b:19:b5:67:70:b6:26:03: 01:a6:18:b0:83:47:b2:19:18:fa:a0:b5:80:0e:b4:48:b7:a2: e8:b3:37:b9:74:57:cf:b4:0d:92:4d:dc:63:a5:4b:c6:22:2d: 08:52:cc:ef:0d:b7:d6:32:7e:07:9a:91:80:cd:ac:c1:8d:b8: 09:93:56:65:2b:23:a6:4c:14:2c:dc:f9:96:fd:e5:96:fd:2a: 64:ed:16:a0:3b:ea:47:ae:d1:50:8d:f4:88:82:a1:a8:60:ec: 2b:b1:06:e3:c9:cb:38:46:17:7e:e2:92:64:e3:23:e5:02:72: f3:65:9d:cc:b1:ae:57:79:db:c3:42:cb:6f:a9:85:dd:0f:2f: 8f:ae:51:b6:d7:9b:aa:0a:1d:ca:3c:65:ff:8c:cc:9c:58:31: 74:67:58:c8:1a:4c:7c:bb:b0:28:d8:91:23:57:23:51:1b:32: 4f:e9:73:a8:98:4a:ff:80:22:46:45:78:31:72:b8:6b:2c:a1: 63:d6:41:b2 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUY8bjnjRaSc8weweFC7ZCRMhDmMYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwN1oX DTI3MDUwMTA5MjcwN1owMzExMC8GA1UEAxMoNDFCRDE1REEzMDcxNDdFMzM3N0M0 MTRDQTFGNkE1RDc1REIwNzg3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALl/gUIifE0ltzm3TIPuED5jnDkwqJHGb3CD9esM2CBYfPZnZiLVct/qPPiF Nrj/yr0y3OVlLjcZBzUhKzIR2fUas5yy/Fbt4khdf+xU58NS5+RbdWUIBOmCJp/+ OEtgBySsF1HFpQ5DZXIIDc9UUCIrTYjXjabzLZVpToUni+O7OxV/ZM5T6omMBqyP 9Rc6ggmYhGMwGuXHK4g9MWIa0S/zdfqEFcSKTNYudt38UW+OQ/a2QcZGtE+KaVSK stXGMS+2chHsVKrqk/bslEhosEDofcaI+ai/3yiWD8DejikLSgQgLFep+u9OMvCx UBVm1rLfmvzxU0ysQ0iYvWZldV0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRBvRXa MHFH4zd8QUyh9qXXXbB4fDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4OTkwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9rjAMA0GCSqGSIb3DQEBCwUAA4IBAQBj7MirdCp6+Y6vwcud1txl bG4Mwj7wgzpi6xsJZQS58gt8okkq0jNnQek0aYejPTarMQ/N91+h74Cu3vaJp6fR Cxm1Z3C2JgMBphiwg0eyGRj6oLWADrRIt6Losze5dFfPtA2STdxjpUvGIi0IUszv DbfWMn4HmpGAzazBjbgJk1ZlKyOmTBQs3PmW/eWW/Spk7RagO+pHrtFQjfSIgqGo YOwrsQbjycs4Rhd+4pJk4yPlAnLzZZ3Msa5XedvDQstvqYXdDy+PrlG215uqCh3K PGX/jMycWDF0Z1jIGkx8u7Ao2JEjVyNRGzJP6XOomEr/gCJGRXgxcrhrLKFj1kGy -----END CERTIFICATE-----Generated at Sun May 3 00:42:09 2026 by rpki-client