$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153153.roa File: AS153153.roa (raw, json) Hash identifier: hbS7sjnVYiS2teMAJLrxNHl7dxGTq7axMbQhduHJ7Js= Subject key identifier: E1:7C:04:6F:80:0F:E2:8C:58:31:2C:50:34:68:0B:88:1A:E1:8F:48 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 265C8719B30BF997D6AA2EF286CAFFD64C718C7E Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153153.roa Signing time: Sat 02 May 2026 09:23:08 +0000 ROA not before: Sat 02 May 2026 09:18:08 +0000 ROA not after: Sat 01 May 2027 09:23:08 +0000 asID: 153153 IP address blocks: 160.191.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:5c:87:19:b3:0b:f9:97:d6:aa:2e:f2:86:ca:ff:d6:4c:71:8c:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:08 2026 GMT Not After : May 1 09:23:08 2027 GMT Subject: CN=E17C046F800FE28C58312C5034680B881AE18F48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:43:91:5d:71:db:3c:4c:b5:ec:57:5a:47:4e: be:02:32:28:d4:64:d5:d1:44:69:10:19:36:62:f8: b5:87:81:7b:f2:0e:ea:ab:d7:82:7c:ee:b4:7f:f8: 4d:42:c3:67:87:d0:59:ca:ea:cd:e9:18:1c:b4:7e: 9c:de:23:87:9f:9f:52:c4:c7:78:08:fa:79:e9:21: 66:c6:bd:65:2b:f0:17:a3:a7:dd:b9:f9:36:ea:a3: 06:0a:8b:29:6e:f5:19:7e:0f:90:85:d2:0f:56:94: 74:3c:1e:07:2b:6c:4a:b4:86:5a:61:e1:92:4b:6d: 54:d2:2b:a5:77:a9:83:31:5f:3a:78:9b:34:b6:ee: 29:e4:90:e2:1e:32:a7:17:d4:32:87:b4:53:05:20: 8b:0b:25:d4:db:ad:d4:73:17:a0:cd:b3:14:14:dd: 28:cb:c4:81:3d:9e:ac:95:40:30:bc:43:c6:29:b3: e5:84:cb:7a:e4:fc:2b:6e:29:ce:5f:16:64:91:a6: 62:66:12:ff:d1:c0:85:8e:66:64:be:cc:7d:93:da: e5:3e:4a:ac:fa:95:97:21:cc:b0:be:72:16:23:d7: d6:ee:9a:88:23:a8:0a:20:1a:07:68:0d:24:49:d8: 35:c3:b4:64:1d:89:35:32:71:d4:0a:db:5d:c4:af: 69:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:7C:04:6F:80:0F:E2:8C:58:31:2C:50:34:68:0B:88:1A:E1:8F:48 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153153.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.172.0/24 Signature Algorithm: sha256WithRSAEncryption 74:3d:d4:f0:6f:2c:09:39:2a:ed:0d:f3:aa:e8:a8:e6:6e:fa: 6e:45:a9:91:a9:a1:61:c6:7c:e2:49:41:8d:e4:8a:75:66:7f: de:83:a3:29:48:f2:0c:78:b4:9c:b0:ea:e4:2f:bf:c2:e9:be: 46:ee:4e:6a:64:c2:db:d8:97:50:42:54:90:f7:ab:21:56:cb: 2e:b8:42:dc:ec:a5:f2:23:f1:46:b8:4c:9d:c4:39:4e:50:83: 6a:8f:18:5d:fe:e1:44:ed:2b:63:2c:a4:8d:50:4a:a7:39:62: ef:ce:ba:a4:d6:27:8f:33:98:6d:d3:a1:9f:be:bd:ec:4e:8e: f8:41:7a:8a:33:9d:78:b4:8a:f3:64:eb:11:df:f4:d5:2c:9a: da:c1:ba:d4:d9:db:fa:ef:d6:bd:a5:7a:a4:c4:81:d8:cb:b7: 22:97:ce:06:27:f5:e0:98:02:04:aa:51:95:c3:e0:0e:71:c8: c7:89:aa:b4:23:53:44:ee:70:27:30:9a:bf:f2:7d:63:ee:d0: 7a:fc:91:63:4f:0b:ad:6e:62:d7:76:0f:a8:70:c6:1e:df:b1: ab:aa:28:0c:fa:02:e6:16:fb:2b:0a:89:aa:1c:f3:cd:84:4f: ec:bc:9d:a3:c5:59:82:a7:82:9f:c5:6a:9b:6c:65:14:84:33: ee:63:68:d1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUJlyHGbML+ZfWqi7yhsr/1kxxjH4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgwOFoX DTI3MDUwMTA5MjMwOFowMzExMC8GA1UEAxMoRTE3QzA0NkY4MDBGRTI4QzU4MzEy QzUwMzQ2ODBCODgxQUUxOEY0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKdDkV1x2zxMtexXWkdOvgIyKNRk1dFEaRAZNmL4tYeBe/IO6qvXgnzutH/4 TULDZ4fQWcrqzekYHLR+nN4jh5+fUsTHeAj6eekhZsa9ZSvwF6On3bn5NuqjBgqL KW71GX4PkIXSD1aUdDweBytsSrSGWmHhkkttVNIrpXepgzFfOnibNLbuKeSQ4h4y pxfUMoe0UwUgiwsl1Nut1HMXoM2zFBTdKMvEgT2erJVAMLxDximz5YTLeuT8K24p zl8WZJGmYmYS/9HAhY5mZL7MfZPa5T5KrPqVlyHMsL5yFiPX1u6aiCOoCiAaB2gN JEnYNcO0ZB2JNTJx1ArbXcSvabcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBThfARv gA/ijFgxLFA0aAuIGuGPSDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzMTUzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAoL+sMA0GCSqGSIb3DQEBCwUAA4IBAQB0PdTwbywJOSrtDfOq6Kjmbvpu RamRqaFhxnziSUGN5Ip1Zn/eg6MpSPIMeLScsOrkL7/C6b5G7k5qZMLb2JdQQlSQ 96shVssuuELc7KXyI/FGuEydxDlOUINqjxhd/uFE7StjLKSNUEqnOWLvzrqk1ieP M5ht06Gfvr3sTo74QXqKM514tIrzZOsR3/TVLJrawbrU2dv679a9pXqkxIHYy7ci l84GJ/XgmAIEqlGVw+AOccjHiaq0I1NE7nAnMJq/8n1j7tB6/JFjTwutbmLXdg+o cMYe37GrqigM+gLmFvsrComqHPPNhE/svJ2jxVmCp4KfxWqbbGUUhDPuY2jR -----END CERTIFICATE-----Generated at Sat May 2 21:04:47 2026 by rpki-client