$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS138886.roa File: AS138886.roa (raw, json) Hash identifier: bk4irYWKYUiOB41vb/dj9sxglLwH0/svQIdFMQh5BK4= Subject key identifier: D0:43:09:C0:5C:E4:E3:68:09:41:8D:95:50:49:9C:FF:9C:4B:57:32 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 181976CF635FB7251B8E469118B02BBF69CBFF8D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138886.roa Signing time: Tue 19 May 2026 10:25:12 +0000 ROA not before: Tue 19 May 2026 10:20:12 +0000 ROA not after: Tue 18 May 2027 10:25:12 +0000 asID: 138886 IP address blocks: 103.28.108.0/22 maxlen: 24 117.18.20.0/22 maxlen: 24 202.58.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 03:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:19:76:cf:63:5f:b7:25:1b:8e:46:91:18:b0:2b:bf:69:cb:ff:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 19 10:20:12 2026 GMT Not After : May 18 10:25:12 2027 GMT Subject: CN=D04309C05CE4E36809418D9550499CFF9C4B5732 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:6f:85:a3:0c:66:56:71:48:f1:94:97:04:3c: aa:9f:40:3d:32:32:80:ad:03:5f:eb:e8:bf:7c:b4: 67:5b:5c:8a:65:3f:02:5c:a3:d6:96:42:b4:e6:a5: 89:5d:ed:17:74:b3:44:4b:6c:a2:37:60:e2:1f:ee: 91:d3:10:a1:74:41:b8:1d:5d:1d:82:fa:80:5d:30: cb:44:36:52:a5:0b:0d:a9:7c:a2:88:f4:7e:45:0a: 68:ab:56:9c:db:30:a6:64:8f:68:7b:62:ee:e0:48: d2:79:81:23:ab:7f:32:85:5d:1e:97:3a:83:04:30: 53:e8:ac:2e:9b:bb:90:44:40:a9:ab:f9:8b:31:2b: 7c:49:00:b1:7d:5a:e8:06:ac:58:34:62:d6:cb:8f: 5b:73:5c:e2:09:a4:d6:ee:39:4e:ac:c8:8f:f7:85: 18:1e:94:21:98:a4:17:46:4b:92:77:14:4a:4b:93: bd:69:31:6b:d0:f0:e8:c9:cc:71:98:fa:d8:7d:6c: b7:8a:bd:dd:39:0d:a1:af:f4:2d:04:f8:19:3a:b5: fd:ea:f8:b8:04:09:4f:08:8d:3a:42:42:df:f3:4f: 0c:4b:0d:a3:ac:b5:f8:b5:3d:e8:71:18:0f:1f:8a: 86:c0:15:fa:08:24:a4:c5:50:64:ca:65:1d:cc:0d: 7b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:43:09:C0:5C:E4:E3:68:09:41:8D:95:50:49:9C:FF:9C:4B:57:32 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS138886.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.28.108.0/22 117.18.20.0/22 202.58.72.0/21 Signature Algorithm: sha256WithRSAEncryption 4f:36:cd:2a:f5:93:e1:aa:84:d1:31:95:26:10:ac:df:d1:b5: 13:81:28:b9:9c:0c:ec:bf:35:04:21:3f:de:5b:61:03:3c:66: 0e:f9:fc:b1:95:39:3d:49:a3:dc:f0:4c:a2:12:f9:69:4d:2d: 74:20:32:51:69:0f:55:94:51:88:16:28:b2:ec:1e:9d:fb:90: 3c:01:e6:89:5c:51:ff:e8:a8:82:af:bc:ca:04:c8:53:2d:0b: 58:2a:9e:f0:5a:24:80:76:86:15:3b:03:7b:13:03:cb:f9:d2: 36:97:63:a0:34:82:d6:85:cf:9d:48:b5:f6:b8:8d:e9:0f:22: f5:06:fc:6d:cb:77:f7:5b:3c:d1:ad:95:76:46:b5:90:08:8c: 40:37:77:88:66:12:fa:d0:26:e5:9b:3f:98:1d:87:6e:fe:c2: 7e:52:d9:b6:f2:2f:b5:bd:49:05:ea:a3:55:e3:8c:6f:1f:fa: 3e:6f:43:23:a3:dd:93:44:66:7b:b3:c5:cc:97:29:83:ae:62: 6b:53:99:f6:6f:e6:7c:8c:6f:6a:f0:23:b2:b5:47:57:65:e6: 66:d8:4a:f2:43:61:0d:ee:cf:79:75:41:28:23:2b:62:bb:28: fd:71:db:26:5a:bc:21:de:8e:ed:9b:a7:3c:43:95:7a:21:f9: 76:d6:24:a4 -----BEGIN CERTIFICATE----- MIIE5TCCA82gAwIBAgIUGBl2z2NftyUbjkaRGLArv2nL/40wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUxOTEwMjAxMloX DTI3MDUxODEwMjUxMlowMzExMC8GA1UEAxMoRDA0MzA5QzA1Q0U0RTM2ODA5NDE4 RDk1NTA0OTlDRkY5QzRCNTczMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJtvhaMMZlZxSPGUlwQ8qp9APTIygK0DX+vov3y0Z1tcimU/Alyj1pZCtOal iV3tF3SzREtsojdg4h/ukdMQoXRBuB1dHYL6gF0wy0Q2UqULDal8ooj0fkUKaKtW nNswpmSPaHti7uBI0nmBI6t/MoVdHpc6gwQwU+isLpu7kERAqav5izErfEkAsX1a 6AasWDRi1suPW3Nc4gmk1u45TqzIj/eFGB6UIZikF0ZLkncUSkuTvWkxa9Dw6MnM cZj62H1st4q93TkNoa/0LQT4GTq1/er4uAQJTwiNOkJC3/NPDEsNo6y1+LU96HEY Dx+KhsAV+ggkpMVQZMplHcwNe5sCAwEAAaOCAdgwggHUMB0GA1UdDgQWBBTQQwnA XOTjaAlBjZVQSZz/nEtXMjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTM4ODg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIA ATASAwQCZxxsAwQCdRIUAwQDyjpIMA0GCSqGSIb3DQEBCwUAA4IBAQBPNs0q9ZPh qoTRMZUmEKzf0bUTgSi5nAzsvzUEIT/eW2EDPGYO+fyxlTk9SaPc8EyiEvlpTS10 IDJRaQ9VlFGIFiiy7B6d+5A8AeaJXFH/6KiCr7zKBMhTLQtYKp7wWiSAdoYVOwN7 EwPL+dI2l2OgNILWhc+dSLX2uI3pDyL1Bvxty3f3WzzRrZV2RrWQCIxAN3eIZhL6 0Cblmz+YHYdu/sJ+Utm28i+1vUkF6qNV44xvH/o+b0Mjo92TRGZ7s8XMlymDrmJr U5n2b+Z8jG9q8COytUdXZeZm2EryQ2EN7s95dUEoIytiuyj9cdsmWrwh3o7tm6c8 Q5V6Ifl21iSk -----END CERTIFICATE-----Generated at Wed Jun 17 10:05:01 2026 by rpki-client