$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153565.roa File: AS153565.roa (raw, json) Hash identifier: KejVWeCFSt6gLj2gC2TvDKtGTLFTv0CAyOJHSA9FpaM= Subject key identifier: 95:EF:8D:77:6B:CD:F4:87:AD:4F:90:52:FC:89:EA:FC:68:22:15:DE Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 7F0FACCE0966C864646197605CD2F20978FB51FF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153565.roa Signing time: Sat 02 May 2026 09:24:17 +0000 ROA not before: Sat 02 May 2026 09:19:17 +0000 ROA not after: Sat 01 May 2027 09:24:17 +0000 asID: 153565 IP address blocks: 161.248.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:0f:ac:ce:09:66:c8:64:64:61:97:60:5c:d2:f2:09:78:fb:51:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:19:17 2026 GMT Not After : May 1 09:24:17 2027 GMT Subject: CN=95EF8D776BCDF487AD4F9052FC89EAFC682215DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:85:c7:e6:98:6a:f1:24:18:53:70:09:69:64: e0:47:e2:3a:6c:5a:97:9b:98:96:7e:98:5d:72:b3: ae:44:9b:5c:87:95:92:9a:76:cb:08:2e:2f:e2:9c: aa:78:e3:3a:67:a8:e6:83:67:c1:76:00:95:a2:20: a2:7d:7b:95:56:ac:5c:55:b0:3c:6f:7d:ab:c3:9c: 83:b2:91:99:0b:ba:c8:ce:72:f1:fe:fa:93:4c:0d: aa:26:78:21:91:ec:5a:df:5b:e1:9d:7f:e4:4c:b6: 99:b7:12:56:40:25:46:03:2e:c7:ab:85:d2:f1:d0: 0f:5c:de:6d:3c:4a:97:62:80:ac:87:30:c5:6b:1b: 56:a0:80:8d:c1:9b:4f:9d:8a:04:61:6d:e8:f8:b1: fd:b9:d8:cc:7c:1f:69:70:27:17:92:ba:8f:2c:1d: 8d:47:9e:c0:46:32:e3:98:82:11:f7:6c:dc:52:f0: f3:0b:45:30:c1:c6:4c:8d:0e:0b:14:a3:10:62:7b: f7:34:17:17:dd:90:bb:71:87:fa:05:b1:5e:69:0a: e0:8e:32:9c:ef:79:cf:b7:4b:be:74:7d:04:28:af: 01:2f:f8:eb:37:27:9e:ff:97:cc:14:79:22:be:15: 18:6a:97:eb:9c:3c:4a:34:e3:6d:00:e6:4f:cb:f5: 9f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:EF:8D:77:6B:CD:F4:87:AD:4F:90:52:FC:89:EA:FC:68:22:15:DE X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153565.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.226.0/23 Signature Algorithm: sha256WithRSAEncryption 64:e4:36:57:c3:31:22:b1:bf:9c:7a:90:db:b5:8e:20:2a:22: 61:be:30:36:fb:a9:43:60:fa:2c:74:56:a3:a2:b6:07:7e:7c: 3e:d3:21:f3:11:a3:aa:ca:69:14:95:d1:fa:57:50:4a:c7:41: 43:87:84:a8:fc:a5:f7:70:17:02:ff:f9:0c:66:4f:5e:d5:3b: a8:92:1e:4a:38:c6:05:61:6d:61:36:c1:81:41:bf:2b:21:4c: 4b:e2:5c:9d:ae:8f:d9:dc:c6:de:d1:1f:51:27:2c:4f:a1:fd: 52:7b:55:bf:58:40:56:73:77:7c:8a:60:91:ba:9e:5e:b9:44: 18:88:b1:9f:4a:6e:60:76:a3:25:8a:59:55:17:27:1a:16:99: aa:0d:cc:98:ac:21:c8:fe:76:90:f7:85:77:94:32:39:6d:8d: 82:34:a8:9f:04:54:a1:d9:1a:90:22:dd:8e:fe:a6:8b:74:a3: db:b0:4e:10:16:b1:ef:34:2a:89:a2:f6:35:37:cf:e7:91:7b: 16:7f:bf:0c:bd:0c:64:bd:3a:42:13:01:31:b6:ee:ca:d6:63: a8:1b:f9:22:bc:e4:fa:9b:1d:b9:1e:14:d7:47:94:fb:b5:a2: b7:03:78:43:d0:1e:e2:98:19:03:ee:19:05:f7:04:2a:31:f1: 87:f6:9f:07 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUfw+szglmyGRkYZdgXNLyCXj7Uf8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTkxN1oX DTI3MDUwMTA5MjQxN1owMzExMC8GA1UEAxMoOTVFRjhENzc2QkNERjQ4N0FENEY5 MDUyRkM4OUVBRkM2ODIyMTVERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6Fx+aYavEkGFNwCWlk4EfiOmxal5uYln6YXXKzrkSbXIeVkpp2ywguL+Kc qnjjOmeo5oNnwXYAlaIgon17lVasXFWwPG99q8Ocg7KRmQu6yM5y8f76k0wNqiZ4 IZHsWt9b4Z1/5Ey2mbcSVkAlRgMux6uF0vHQD1zebTxKl2KArIcwxWsbVqCAjcGb T52KBGFt6Pix/bnYzHwfaXAnF5K6jywdjUeewEYy45iCEfds3FLw8wtFMMHGTI0O CxSjEGJ79zQXF92Qu3GH+gWxXmkK4I4ynO95z7dLvnR9BCivAS/46zcnnv+XzBR5 Ir4VGGqX65w8SjTjbQDmT8v1nzMCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSV7413 a830h61PkFL8ier8aCIV3jAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzNTY1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBofjiMA0GCSqGSIb3DQEBCwUAA4IBAQBk5DZXwzEisb+cepDbtY4gKiJh vjA2+6lDYPosdFajorYHfnw+0yHzEaOqymkUldH6V1BKx0FDh4So/KX3cBcC//kM Zk9e1Tuokh5KOMYFYW1hNsGBQb8rIUxL4lydro/Z3Mbe0R9RJyxPof1Se1W/WEBW c3d8imCRup5euUQYiLGfSm5gdqMlillVFycaFpmqDcyYrCHI/naQ94V3lDI5bY2C NKifBFSh2RqQIt2O/qaLdKPbsE4QFrHvNCqJovY1N8/nkXsWf78MvQxkvTpCEwEx tu7K1mOoG/kivOT6mx25HhTXR5T7taK3A3hD0B7imBkD7hkF9wQqMfGH9p8H -----END CERTIFICATE-----Generated at Sat May 2 21:03:31 2026 by rpki-client