$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138818.roa File: AS138818.roa (raw, json) Hash identifier: 5Tf66Hn2toHP9/zIR7jolNk8FDurM8nONfWuVmGrB/w= Subject key identifier: 8B:1B:7A:07:27:E0:3A:48:F0:0B:D2:EC:BF:4C:95:CC:15:A5:80:63 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1D6F0B1447183630F79536D9FE39B199C82B86EC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138818.roa Signing time: Thu 02 Oct 2025 03:01:25 +0000 ROA not before: Thu 02 Oct 2025 02:56:25 +0000 ROA not after: Thu 01 Oct 2026 03:01:25 +0000 asID: 138818 IP address blocks: 103.103.136.0/22 maxlen: 24 103.114.79.0/24 maxlen: 24 2406:be40::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:6f:0b:14:47:18:36:30:f7:95:36:d9:fe:39:b1:99:c8:2b:86:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 2 02:56:25 2025 GMT Not After : Oct 1 03:01:25 2026 GMT Subject: CN=8B1B7A0727E03A48F00BD2ECBF4C95CC15A58063 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:4e:5a:fb:bd:dc:af:c3:b6:10:2f:40:77:86: bb:3f:28:70:fa:8a:72:d5:68:06:cc:ae:50:cc:c1: 94:5b:9e:14:61:71:d1:8a:f5:ca:7b:4a:aa:6a:64: 7b:e7:96:5d:ad:a8:36:b1:08:90:75:b4:ec:f9:45: 03:36:d4:51:bb:61:09:7d:72:23:bb:0c:ad:16:49: d5:79:03:d7:21:ff:0a:b6:ae:d2:8d:47:7d:97:11: 43:41:ab:6f:73:79:d8:e3:23:fe:06:2a:f2:c3:a2: c2:88:60:91:b8:39:0d:1e:6d:f9:5b:b4:40:1f:de: b6:2f:5d:0d:47:12:77:72:87:73:6f:f2:51:6c:0f: 4d:cd:26:f1:fe:d2:7a:66:8d:3d:bf:b1:f8:dc:61: da:fe:1a:35:fd:18:01:bd:50:46:34:c4:42:22:1e: c3:d8:d7:ec:c1:57:7a:b9:08:d2:48:0d:1d:82:06: 42:76:66:92:1e:be:c1:42:f6:91:bf:cd:60:62:1e: 2f:19:a5:72:d5:93:1f:58:f5:8f:98:49:42:08:a1: cd:7e:dd:fd:08:a4:4a:54:2d:91:d2:94:6f:d4:0c: 67:20:df:65:db:a1:96:e9:f0:35:2b:e7:22:ce:ee: 93:b4:84:57:c2:9e:b5:2e:ad:32:7f:37:d9:f3:b1: af:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:1B:7A:07:27:E0:3A:48:F0:0B:D2:EC:BF:4C:95:CC:15:A5:80:63 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS138818.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.103.136.0/22 103.114.79.0/24 IPv6: 2406:be40::/32 Signature Algorithm: sha256WithRSAEncryption 0f:90:d3:99:25:7a:9c:2b:a8:de:bf:3c:25:c6:40:cd:7b:05: 0d:ee:2e:ea:eb:8d:db:a2:ae:43:e1:69:57:69:ee:26:7a:4c: ca:c5:f1:36:81:be:d8:2a:e7:a7:20:02:97:28:e1:62:f5:9e: 0e:7a:1f:6e:f3:e0:cb:c5:63:e1:a2:6e:16:09:26:d5:06:a4: 5b:49:c7:af:fd:17:12:92:15:6f:0f:30:91:c4:5e:fa:9b:e7: 7d:7c:40:34:2e:a2:5b:ec:ce:e9:ac:84:df:0d:ce:64:45:bc: ec:81:01:93:5d:27:46:c8:1e:8c:ab:08:6f:2b:ad:24:ea:8c: b8:e9:40:a4:0c:66:d2:5a:d6:a5:00:60:79:f2:8d:c5:7b:82: 63:82:98:91:ad:14:59:de:b0:ce:e6:de:23:bb:cd:31:3d:d4: 8c:e4:0e:7a:97:ce:f1:67:3d:89:94:1a:c4:70:dd:7f:6b:d7: 8e:c7:73:5e:49:5e:73:a0:a1:81:34:42:5c:64:6f:40:ec:97: 87:eb:6d:41:74:53:24:9c:a0:3b:7b:81:69:97:6a:3a:5d:1e: d1:e6:cb:d1:92:cc:69:d4:7c:33:fa:54:c7:a0:58:a3:a8:84: 30:4a:fd:da:da:f2:d7:d5:f8:00:6a:4f:c8:f2:d3:7b:6d:60: a8:af:9b:9d -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUHW8LFEcYNjD3lTbZ/jmxmcgrhuwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAwMjAyNTYyNVoX DTI2MTAwMTAzMDEyNVowMzExMC8GA1UEAxMoOEIxQjdBMDcyN0UwM0E0OEYwMEJE MkVDQkY0Qzk1Q0MxNUE1ODA2MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOpOWvu93K/DthAvQHeGuz8ocPqKctVoBsyuUMzBlFueFGFx0Yr1yntKqmpk e+eWXa2oNrEIkHW07PlFAzbUUbthCX1yI7sMrRZJ1XkD1yH/Crau0o1HfZcRQ0Gr b3N52OMj/gYq8sOiwohgkbg5DR5t+Vu0QB/eti9dDUcSd3KHc2/yUWwPTc0m8f7S emaNPb+x+Nxh2v4aNf0YAb1QRjTEQiIew9jX7MFXerkI0kgNHYIGQnZmkh6+wUL2 kb/NYGIeLxmlctWTH1j1j5hJQgihzX7d/QikSlQtkdKUb9QMZyDfZduhlunwNSvn Is7uk7SEV8KetS6tMn832fOxr9ECAwEAAaOCAeUwggHhMB0GA1UdDgQWBBSLG3oH J+A6SPAL0uy/TJXMFaWAYzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzODgxOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMw EgQCAAEwDAMEAmdniAMEAGdyTzANBAIAAjAHAwUAJAa+QDANBgkqhkiG9w0BAQsF AAOCAQEAD5DTmSV6nCuo3r88JcZAzXsFDe4u6uuN26KuQ+FpV2nuJnpMysXxNoG+ 2CrnpyAClyjhYvWeDnofbvPgy8Vj4aJuFgkm1QakW0nHr/0XEpIVbw8wkcRe+pvn fXxANC6iW+zO6ayE3w3OZEW87IEBk10nRsgejKsIbyutJOqMuOlApAxm0lrWpQBg efKNxXuCY4KYka0UWd6wzubeI7vNMT3UjOQOepfO8Wc9iZQaxHDdf2vXjsdzXkle c6ChgTRCXGRvQOyXh+ttQXRTJJygO3uBaZdqOl0e0ebL0ZLMadR8M/pUx6BYo6iE MEr92try19X4AGpPyPLTe21gqK+bnQ== -----END CERTIFICATE-----Generated at Mon Oct 20 03:04:20 2025 by rpki-client