$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137946.roa File: AS137946.roa (raw, json) Hash identifier: JNTUtAxWJjZTrtjSZD+iuBCsgrCfFsoDQ0EVCU3Uj1Y= Subject key identifier: 7C:2F:3D:2F:01:77:9E:96:26:79:44:79:D7:4D:9B:2E:B6:7B:B9:7D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 207B101B30B27011B88C4A2C43537E3FBE76B198 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137946.roa Signing time: Mon 27 Oct 2025 02:34:58 +0000 ROA not before: Mon 27 Oct 2025 02:29:58 +0000 ROA not after: Mon 26 Oct 2026 02:34:58 +0000 asID: 137946 IP address blocks: 138.252.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 10:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:7b:10:1b:30:b2:70:11:b8:8c:4a:2c:43:53:7e:3f:be:76:b1:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 27 02:29:58 2025 GMT Not After : Oct 26 02:34:58 2026 GMT Subject: CN=7C2F3D2F01779E9626794479D74D9B2EB67BB97D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:93:4f:50:8c:ba:e6:14:06:10:a7:96:bf:4f: 0d:4f:3d:1c:35:de:6b:63:ea:d3:68:3b:d8:98:82: 5f:2d:83:24:8f:9b:1c:a6:34:63:e3:ca:ad:79:4f: 19:89:55:65:71:30:49:99:25:c9:06:86:8a:a3:c1: 3b:5a:14:7f:70:ed:79:b0:6f:a6:55:e4:f5:dd:b3: cb:bd:27:ca:ec:a4:b4:b6:e5:ed:07:08:7d:b4:d4: 5c:cb:26:96:f2:db:2d:e3:40:d2:ef:e9:37:42:fd: d1:ec:b2:04:db:23:be:a6:77:e7:2e:40:b8:0c:a7: 6b:de:6c:45:4e:23:82:b4:ff:0b:a1:dd:c5:1b:72: c7:75:af:73:9c:32:4c:59:74:bb:ce:fc:d1:f6:c0: e2:26:f6:05:3c:f6:a7:3d:f0:b3:4f:4f:1f:b8:1e: b9:9c:12:28:fe:a3:29:72:84:4c:87:23:87:f0:c7: ca:e9:13:c6:39:b1:c4:f7:35:4e:b9:c7:4e:ed:89: a9:ce:13:51:12:e8:74:f5:ad:77:92:5e:a9:7a:0b: 19:90:22:6b:45:67:fc:f7:24:ff:55:eb:1c:ef:16: 25:d6:58:9d:cb:49:c1:83:2f:9a:45:6e:11:af:1c: 2a:8c:7d:02:12:37:cd:cd:a2:ff:53:45:c4:f0:64: 9a:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:2F:3D:2F:01:77:9E:96:26:79:44:79:D7:4D:9B:2E:B6:7B:B9:7D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137946.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.47.0/24 Signature Algorithm: sha256WithRSAEncryption 37:f9:b7:aa:63:c0:00:3f:ba:6b:b8:01:9c:f8:f2:88:1c:49: 32:d8:fc:26:be:3d:8b:72:72:36:79:aa:0c:cf:e9:2e:59:47: 34:28:89:24:52:a9:78:9f:3c:c0:42:6c:56:96:c0:43:fb:c4: 5b:95:e0:ef:51:42:c9:c8:36:7d:b7:a8:6d:a0:0a:6a:69:3d: ca:f5:44:87:0e:ca:39:5d:87:ca:a6:4b:37:96:69:8a:0f:40: bc:8e:20:48:96:1c:a2:1d:55:8c:eb:26:5f:f3:a8:b0:23:1f: 0c:01:4e:4f:1d:6c:7c:32:46:43:f1:40:8e:90:2a:d2:34:4d: e5:e7:77:26:5c:4a:7f:51:1d:c8:5d:83:32:91:c7:2a:42:c6: d1:c0:cd:84:96:39:43:8a:7a:9d:06:54:1d:6e:41:43:59:c2: 6b:6e:9e:a4:83:fb:d9:70:3b:0d:31:85:ea:a6:00:6d:c1:b4: 95:90:7b:36:e9:9e:dd:9c:91:92:b5:3e:9d:31:7e:4b:f0:e2: 12:5e:ea:ba:24:c6:52:5d:d0:b7:67:57:cc:97:65:19:41:36: 54:56:e5:12:9c:62:57:05:08:40:31:83:6b:f4:3a:ef:c9:e2: c0:48:43:22:d1:dc:cc:8e:6c:68:7d:5b:59:ae:c5:4c:e6:bd: 59:f4:b2:cc -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIHsQGzCycBG4jEosQ1N+P752sZgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAyNzAyMjk1OFoX DTI2MTAyNjAyMzQ1OFowMzExMC8GA1UEAxMoN0MyRjNEMkYwMTc3OUU5NjI2Nzk0 NDc5RDc0RDlCMkVCNjdCQjk3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2TT1CMuuYUBhCnlr9PDU89HDXea2Pq02g72JiCXy2DJI+bHKY0Y+PKrXlP GYlVZXEwSZklyQaGiqPBO1oUf3DtebBvplXk9d2zy70nyuyktLbl7QcIfbTUXMsm lvLbLeNA0u/pN0L90eyyBNsjvqZ35y5AuAyna95sRU4jgrT/C6HdxRtyx3Wvc5wy TFl0u8780fbA4ib2BTz2pz3ws09PH7geuZwSKP6jKXKETIcjh/DHyukTxjmxxPc1 TrnHTu2Jqc4TURLodPWtd5JeqXoLGZAia0Vn/Pck/1XrHO8WJdZYnctJwYMvmkVu Ea8cKox9AhI3zc2i/1NFxPBkmrUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR8Lz0v AXeeliZ5RHnXTZsutnu5fTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzNzk0Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8LzANBgkqhkiG9w0BAQsFAAOCAQEAN/m3qmPAAD+6a7gBnPjy iBxJMtj8Jr49i3JyNnmqDM/pLllHNCiJJFKpeJ88wEJsVpbAQ/vEW5Xg71FCycg2 fbeobaAKamk9yvVEhw7KOV2HyqZLN5Zpig9AvI4gSJYcoh1VjOsmX/OosCMfDAFO Tx1sfDJGQ/FAjpAq0jRN5ed3JlxKf1EdyF2DMpHHKkLG0cDNhJY5Q4p6nQZUHW5B Q1nCa26epIP72XA7DTGF6qYAbcG0lZB7Nume3ZyRkrU+nTF+S/DiEl7quiTGUl3Q t2dXzJdlGUE2VFblEpxiVwUIQDGDa/Q678niwEhDItHczI5saH1bWa7FTOa9WfSy zA== -----END CERTIFICATE-----Generated at Wed Nov 5 18:30:26 2025 by rpki-client