$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153553.roa File: AS153553.roa (raw, json) Hash identifier: +wme31eLSbAuUlRJ9PTXNBg55ikOAp6pTzBZgnWMg/Q= Subject key identifier: 8E:2C:7A:7D:F2:1C:1A:DE:20:4F:9E:B0:96:16:26:A5:4B:40:4B:97 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3296383B410AA97C64AD0DCC6F9B16D355766D21 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153553.roa Signing time: Sat 02 May 2026 09:24:26 +0000 ROA not before: Sat 02 May 2026 09:19:26 +0000 ROA not after: Sat 01 May 2027 09:24:26 +0000 asID: 153553 IP address blocks: 161.248.164.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:96:38:3b:41:0a:a9:7c:64:ad:0d:cc:6f:9b:16:d3:55:76:6d:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:19:26 2026 GMT Not After : May 1 09:24:26 2027 GMT Subject: CN=8E2C7A7DF21C1ADE204F9EB0961626A54B404B97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:81:91:05:b6:cd:ac:c8:13:73:78:72:f4:dc: b3:90:e8:90:7b:ed:a4:a8:22:3e:d1:b7:75:a4:c3: a0:84:a3:ac:42:75:04:25:fb:27:9f:ef:97:92:8c: 6e:32:93:b9:ea:c3:58:2d:78:7f:e1:e7:86:3d:79: 2b:21:d1:ad:da:b2:7b:50:06:2a:8d:07:86:fd:a5: 6a:aa:b1:09:99:4e:fd:00:6e:8c:41:dd:09:42:d0: f2:ce:44:2e:63:f3:8b:1b:ad:1a:58:8b:36:a6:88: ba:b6:9e:4f:58:6e:93:a8:cb:14:9e:92:c4:82:4e: 6d:a0:32:09:97:38:56:f9:4c:d1:10:e0:db:63:4f: d3:c8:6e:28:e3:76:de:6c:32:85:c5:55:0a:b0:84: 74:c4:14:c9:23:37:1a:2f:ba:75:0a:04:a6:3c:07: f5:4c:7f:26:48:6c:2d:9f:99:d6:b4:62:10:35:f1: 4c:b9:d9:22:11:06:77:49:f0:ad:11:05:fa:c3:e3: 10:03:82:da:26:aa:e9:7b:63:09:97:08:bd:22:53: ff:67:9d:4a:5d:71:72:8a:01:39:ca:9a:1f:be:e5: 82:29:6c:26:34:26:45:7e:5b:93:f7:f5:36:42:f4: c6:96:a6:1c:8f:52:b4:c0:2b:5a:3e:b8:50:76:6d: dd:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:2C:7A:7D:F2:1C:1A:DE:20:4F:9E:B0:96:16:26:A5:4B:40:4B:97 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153553.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.164.0/23 Signature Algorithm: sha256WithRSAEncryption 71:af:e5:8a:41:f9:9d:e3:b1:fe:f7:36:21:64:cb:78:dc:27: 68:6c:63:b7:2c:b0:24:7a:0b:da:35:a5:5b:c5:04:81:34:99: 9b:04:8b:3d:cb:02:e7:a5:5e:b4:49:8d:0e:97:ca:f7:bf:46: dc:92:83:c8:bf:ed:7b:6a:f8:2d:09:56:c1:54:62:f6:b0:5f: 20:47:07:cc:53:2d:89:ec:f6:43:18:fe:0e:c8:ed:f9:73:e7: 0b:fc:ea:50:1c:38:33:32:d5:d2:95:b4:24:20:6e:88:65:d3: 97:ef:9e:14:f9:55:b9:17:4f:6f:f7:91:e1:62:6d:78:7b:57: d1:92:c3:49:96:bd:d0:00:79:28:f0:d2:61:c5:29:2b:fc:80: 9c:11:ac:02:cf:64:e3:b9:4e:9c:87:fd:7d:a0:94:6e:3b:5b: 84:5a:de:02:ee:88:66:d5:5d:12:ea:03:cf:5b:34:9f:c3:55: f6:c4:ff:ee:be:5b:49:8b:8e:cc:9d:85:0c:6a:c1:1b:67:e8: c4:f5:b9:10:30:9b:00:cc:36:3a:90:67:e1:5c:23:31:2c:2f: 53:da:62:f2:99:a1:cb:a5:f2:f6:fd:39:f5:f8:2c:2d:79:bd: 8a:e1:74:ab:61:19:92:a6:a4:f3:76:d3:8e:87:fc:55:a0:0f: 82:54:28:0b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUMpY4O0EKqXxkrQ3Mb5sW01V2bSEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTkyNloX DTI3MDUwMTA5MjQyNlowMzExMC8GA1UEAxMoOEUyQzdBN0RGMjFDMUFERTIwNEY5 RUIwOTYxNjI2QTU0QjQwNEI5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuBkQW2zazIE3N4cvTcs5DokHvtpKgiPtG3daTDoISjrEJ1BCX7J5/vl5KM bjKTuerDWC14f+Hnhj15KyHRrdqye1AGKo0Hhv2laqqxCZlO/QBujEHdCULQ8s5E LmPzixutGliLNqaIuraeT1huk6jLFJ6SxIJObaAyCZc4VvlM0RDg22NP08huKON2 3mwyhcVVCrCEdMQUySM3Gi+6dQoEpjwH9Ux/JkhsLZ+Z1rRiEDXxTLnZIhEGd0nw rREF+sPjEAOC2iaq6XtjCZcIvSJT/2edSl1xcooBOcqaH77lgilsJjQmRX5bk/f1 NkL0xpamHI9StMArWj64UHZt3WsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSOLHp9 8hwa3iBPnrCWFialS0BLlzAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzNTUzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBofikMA0GCSqGSIb3DQEBCwUAA4IBAQBxr+WKQfmd47H+9zYhZMt43Cdo bGO3LLAkegvaNaVbxQSBNJmbBIs9ywLnpV60SY0Ol8r3v0bckoPIv+17avgtCVbB VGL2sF8gRwfMUy2J7PZDGP4OyO35c+cL/OpQHDgzMtXSlbQkIG6IZdOX754U+VW5 F09v95HhYm14e1fRksNJlr3QAHko8NJhxSkr/ICcEawCz2TjuU6ch/19oJRuO1uE Wt4C7ohm1V0S6gPPWzSfw1X2xP/uvltJi47MnYUMasEbZ+jE9bkQMJsAzDY6kGfh XCMxLC9T2mLymaHLpfL2/Tn1+Cwteb2K4XSrYRmSpqTzdtOOh/xVoA+CVCgL -----END CERTIFICATE-----Generated at Sat May 2 21:03:30 2026 by rpki-client