$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153158.roa File: AS153158.roa (raw, json) Hash identifier: DnnC7IMGEaEXhvRLkoGki1J9LOxkxnvdUF1bLdkFLAE= Subject key identifier: A2:D0:DE:04:41:A0:02:05:C0:EC:54:08:FB:5E:49:95:A8:7F:D6:A1 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 7C0290EF4D0798D4E3FCC304BC12307ACA2C7AED Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153158.roa Signing time: Sat 02 May 2026 09:23:47 +0000 ROA not before: Sat 02 May 2026 09:18:47 +0000 ROA not after: Sat 01 May 2027 09:23:47 +0000 asID: 153158 IP address blocks: 160.191.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:02:90:ef:4d:07:98:d4:e3:fc:c3:04:bc:12:30:7a:ca:2c:7a:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:47 2026 GMT Not After : May 1 09:23:47 2027 GMT Subject: CN=A2D0DE0441A00205C0EC5408FB5E4995A87FD6A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:80:55:b5:9e:60:d7:ba:eb:cc:a3:86:5b:2b: 7e:ad:6e:c6:c6:24:f3:05:f4:d2:37:fe:99:ea:c6: dd:a4:04:f4:bf:c2:ef:1b:76:d4:eb:de:97:8d:2d: 30:0f:95:ea:5f:59:e6:fe:80:da:ad:35:50:d4:f5: c4:47:5c:16:e2:ac:f0:67:92:9d:d3:72:66:80:38: e9:2f:81:5f:da:13:95:18:f6:01:90:63:f6:12:18: 20:9d:d0:24:1f:df:0f:05:79:ff:d8:e5:e4:7e:4a: 0e:95:17:c4:27:f8:44:15:c0:76:62:90:f8:ef:bd: 91:c7:e4:8b:1d:c2:8f:ba:2d:bc:e9:4d:4a:05:50: d8:10:4d:0b:d9:12:36:d6:46:14:ae:22:8c:cc:7b: 41:08:3d:8a:fa:76:b6:55:6e:f3:25:fb:26:c2:45: d2:b6:da:c1:38:3a:4b:e2:3e:bd:f1:26:b2:97:8c: d1:3a:0e:17:ae:af:87:9d:c8:13:28:55:b2:ea:6d: 24:6e:97:55:ac:02:99:31:26:be:44:6c:b4:46:ef: c2:10:17:c9:fc:9f:1f:d1:8e:05:88:12:88:07:e3: 0a:b5:6c:51:5c:cd:ec:0e:b2:3c:14:4e:c1:37:0f: 3f:c3:b6:09:8c:cb:e9:a5:37:d6:b6:8c:da:db:9b: 75:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:D0:DE:04:41:A0:02:05:C0:EC:54:08:FB:5E:49:95:A8:7F:D6:A1 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153158.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.204.0/23 Signature Algorithm: sha256WithRSAEncryption 16:0d:bd:e5:d5:99:7a:88:4d:91:6c:65:ad:63:11:8a:ba:41: 48:d3:09:48:6c:f1:7c:91:16:fe:64:fc:9c:25:82:83:6c:1b: 84:b6:7a:bb:34:38:a2:ab:e1:7f:97:68:c2:e2:ba:c3:a6:c0: 75:6c:8b:de:85:4d:c8:d5:ab:5f:31:b5:0a:aa:33:7f:14:c2: 78:08:a9:3c:85:88:c1:a9:fa:b3:97:3a:a1:17:31:d1:3b:f6: 2a:3c:7a:36:66:7e:bb:c9:6a:d5:ad:cb:b1:b2:4b:1c:66:24: ba:ae:d0:4d:ec:2e:3b:1a:e4:90:42:76:ac:d6:b7:fd:7b:f2: 85:7b:4a:c9:50:ae:ee:1a:06:9f:12:01:f2:44:2d:fb:65:04: f5:9c:c3:9c:b1:19:c5:31:c4:f0:e9:40:d0:e9:e9:72:85:a8: 5a:cf:41:3c:06:71:21:fc:a5:75:2e:07:05:fd:b4:ce:b8:04: 2d:e0:69:d1:5d:c9:34:03:ea:3b:a0:bc:73:e3:1e:af:1a:53: f6:1f:72:e2:2e:46:3e:3f:84:7e:b0:77:74:92:30:7e:37:fe: 9a:17:ea:58:3f:fd:11:f5:17:4d:08:e1:18:8c:a9:fd:58:43: c0:db:35:4a:1a:45:a5:0c:79:96:70:76:fa:f3:7b:ee:5d:38: d5:f8:4e:a2 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUfAKQ700HmNTj/MMEvBIwesoseu0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0N1oX DTI3MDUwMTA5MjM0N1owMzExMC8GA1UEAxMoQTJEMERFMDQ0MUEwMDIwNUMwRUM1 NDA4RkI1RTQ5OTVBODdGRDZBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJOAVbWeYNe668yjhlsrfq1uxsYk8wX00jf+merG3aQE9L/C7xt21Ovel40t MA+V6l9Z5v6A2q01UNT1xEdcFuKs8GeSndNyZoA46S+BX9oTlRj2AZBj9hIYIJ3Q JB/fDwV5/9jl5H5KDpUXxCf4RBXAdmKQ+O+9kcfkix3Cj7otvOlNSgVQ2BBNC9kS NtZGFK4ijMx7QQg9ivp2tlVu8yX7JsJF0rbawTg6S+I+vfEmspeM0ToOF66vh53I EyhVsuptJG6XVawCmTEmvkRstEbvwhAXyfyfH9GOBYgSiAfjCrVsUVzN7A6yPBRO wTcPP8O2CYzL6aU31raM2tubdfsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSi0N4E QaACBcDsVAj7XkmVqH/WoTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzMTU4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBoL/MMA0GCSqGSIb3DQEBCwUAA4IBAQAWDb3l1Zl6iE2RbGWtYxGKukFI 0wlIbPF8kRb+ZPycJYKDbBuEtnq7NDiiq+F/l2jC4rrDpsB1bIvehU3I1atfMbUK qjN/FMJ4CKk8hYjBqfqzlzqhFzHRO/YqPHo2Zn67yWrVrcuxskscZiS6rtBN7C47 GuSQQnas1rf9e/KFe0rJUK7uGgafEgHyRC37ZQT1nMOcsRnFMcTw6UDQ6elyhaha z0E8BnEh/KV1LgcF/bTOuAQt4GnRXck0A+o7oLxz4x6vGlP2H3LiLkY+P4R+sHd0 kjB+N/6aF+pYP/0R9RdNCOEYjKn9WEPA2zVKGkWlDHmWcHb683vuXTjV+E6i -----END CERTIFICATE-----Generated at Sat May 2 21:03:48 2026 by rpki-client