$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153146.roa File: AS153146.roa (raw, json) Hash identifier: SCJ+N4xUnKOGy1dj81AaVwe/FQ8YYzw1uVaIyubDnNw= Subject key identifier: 59:97:AE:94:50:38:F8:41:19:36:CB:C8:6E:6B:93:B0:EB:EF:15:8C Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 40A90605CBC9C46EAA4FB5708B4A3AA794A9EC25 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153146.roa Signing time: Sat 02 May 2026 09:23:43 +0000 ROA not before: Sat 02 May 2026 09:18:43 +0000 ROA not after: Sat 01 May 2027 09:23:43 +0000 asID: 153146 IP address blocks: 160.191.206.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:a9:06:05:cb:c9:c4:6e:aa:4f:b5:70:8b:4a:3a:a7:94:a9:ec:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:43 2026 GMT Not After : May 1 09:23:43 2027 GMT Subject: CN=5997AE945038F8411936CBC86E6B93B0EBEF158C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:73:e9:33:1b:2e:ab:6e:19:6a:2d:a0:48:62: 18:43:34:55:8e:88:c4:d4:02:7c:e7:3f:34:4b:b1: 04:d2:7a:94:73:26:0e:dd:3d:6c:a5:f8:bb:df:c4: 29:5d:2a:37:37:58:38:7a:4a:8c:51:a5:32:6c:f0: 34:cb:87:ab:b3:05:14:4c:62:6e:95:cc:d6:75:f4: 38:40:fc:df:a5:41:e0:22:96:af:67:26:a4:ca:d4: 45:87:ae:a4:47:a5:50:78:1d:6a:c9:97:24:b2:f6: 90:c1:0e:d4:df:f7:30:58:b3:f9:33:34:9b:32:3f: 4f:1e:62:e6:6d:60:83:c7:e4:4d:be:af:5b:b3:85: 0b:d9:2b:75:6f:d3:3d:81:62:dc:05:5e:04:a7:76: ff:f7:a9:8b:41:a0:45:ac:8a:52:db:af:b2:da:0a: 18:3d:fc:87:d4:c1:63:6b:6c:31:6f:10:68:0a:92: e2:2c:d3:10:cb:c8:92:a1:f8:0c:24:7c:bd:5c:0c: 1c:69:3e:9b:2f:e2:98:a2:03:cf:8a:bb:a8:a5:76: e3:ca:47:3b:3c:a8:03:5e:56:76:cb:01:35:e8:96: 29:b3:d4:08:58:33:dd:a7:7e:bd:b4:d9:fc:56:2d: bb:09:1d:c8:cf:29:3c:fb:b3:ba:8c:49:05:04:66: 9f:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:97:AE:94:50:38:F8:41:19:36:CB:C8:6E:6B:93:B0:EB:EF:15:8C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153146.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.206.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:7e:72:17:dc:ab:77:c0:87:80:8a:3c:40:49:70:32:05:ca: 2c:39:98:45:af:df:e8:69:4f:8e:7b:60:5d:33:17:ae:65:99: 2e:d5:2d:c6:cb:18:b4:9b:d5:aa:ea:c9:a1:a8:84:09:8b:94: 6f:b8:0e:a9:d7:b8:36:aa:52:66:3a:09:06:d2:bd:be:e3:fa: 55:4f:e8:ae:f2:4b:a4:18:9c:86:2f:f2:fd:d4:25:9a:c1:f8: c3:fa:4a:94:0c:56:67:a8:28:29:87:2f:bb:48:97:6a:5b:54: b9:af:f0:6e:92:b0:6c:dd:01:68:2e:85:18:ab:dd:ea:76:05: 9e:f1:b5:a5:a7:ce:46:45:e9:f7:dc:4e:5d:af:95:94:60:04: aa:7d:62:fa:d8:67:15:e4:fd:93:c5:19:a3:ba:c8:3f:f3:08: 32:0a:ff:27:05:20:e7:7f:b0:bb:36:16:31:66:bf:dc:43:fe: 9b:9f:6a:6f:6a:1d:15:8d:ff:29:28:04:52:98:d0:0e:c4:83: 4c:ad:3a:89:8d:09:63:f5:6b:f2:06:58:7c:15:f8:d8:95:36: d6:fc:50:0c:85:2e:6a:ab:34:c4:f6:1a:80:f2:08:0b:9e:57: ca:a2:a8:8a:40:8d:1f:4e:01:62:ba:39:e9:79:b5:72:f1:4f: cd:68:cd:6c -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUQKkGBcvJxG6qT7Vwi0o6p5Sp7CUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0M1oX DTI3MDUwMTA5MjM0M1owMzExMC8GA1UEAxMoNTk5N0FFOTQ1MDM4Rjg0MTE5MzZD QkM4NkU2QjkzQjBFQkVGMTU4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhz6TMbLqtuGWotoEhiGEM0VY6IxNQCfOc/NEuxBNJ6lHMmDt09bKX4u9/E KV0qNzdYOHpKjFGlMmzwNMuHq7MFFExibpXM1nX0OED836VB4CKWr2cmpMrURYeu pEelUHgdasmXJLL2kMEO1N/3MFiz+TM0mzI/Tx5i5m1gg8fkTb6vW7OFC9krdW/T PYFi3AVeBKd2//epi0GgRayKUtuvstoKGD38h9TBY2tsMW8QaAqS4izTEMvIkqH4 DCR8vVwMHGk+my/imKIDz4q7qKV248pHOzyoA15WdssBNeiWKbPUCFgz3ad+vbTZ /FYtuwkdyM8pPPuzuoxJBQRmn1UCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRZl66U UDj4QRk2y8hua5Ow6+8VjDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzMTQ2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAoL/OMA0GCSqGSIb3DQEBCwUAA4IBAQCbfnIX3Kt3wIeAijxASXAyBcos OZhFr9/oaU+Oe2BdMxeuZZku1S3Gyxi0m9Wq6smhqIQJi5RvuA6p17g2qlJmOgkG 0r2+4/pVT+iu8kukGJyGL/L91CWawfjD+kqUDFZnqCgphy+7SJdqW1S5r/BukrBs 3QFoLoUYq93qdgWe8bWlp85GRen33E5dr5WUYASqfWL62GcV5P2TxRmjusg/8wgy Cv8nBSDnf7C7NhYxZr/cQ/6bn2pvah0Vjf8pKARSmNAOxINMrTqJjQlj9WvyBlh8 FfjYlTbW/FAMhS5qqzTE9hqA8ggLnlfKoqiKQI0fTgFiujnpebVy8U/NaM1s -----END CERTIFICATE-----Generated at Sat May 2 21:05:08 2026 by rpki-client