$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153896.roa File: AS153896.roa (raw, json) Hash identifier: Dnlpx4HZdELZcB++k1i6hgfopFgES0oLtwDpGr1yKuA= Subject key identifier: 35:51:F3:EF:2A:AC:6B:C4:1D:93:F1:E1:94:6D:A1:81:38:40:AD:58 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 690C38E509DD69B1BCC8F78036B6193CF37BB7A1 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153896.roa Signing time: Sat 02 May 2026 09:25:07 +0000 ROA not before: Sat 02 May 2026 09:20:07 +0000 ROA not after: Sat 01 May 2027 09:25:07 +0000 asID: 153896 IP address blocks: 165.99.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:0c:38:e5:09:dd:69:b1:bc:c8:f7:80:36:b6:19:3c:f3:7b:b7:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:07 2026 GMT Not After : May 1 09:25:07 2027 GMT Subject: CN=3551F3EF2AAC6BC41D93F1E1946DA1813840AD58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:93:bb:3c:4d:c9:11:8f:87:10:40:76:aa:f2: 9f:7b:2c:36:f3:68:68:f2:72:ee:f6:14:b2:13:13: 7a:a9:33:c7:2f:8b:ef:65:e6:4d:67:c7:d9:33:a0: 2d:77:93:6b:10:1a:22:a4:47:ee:62:24:50:43:39: 55:73:b1:59:0e:38:c5:af:90:f4:6e:75:26:09:77: be:98:0e:82:d3:c2:82:aa:67:c7:9b:d5:7d:d7:e3: 2e:37:7d:37:17:34:50:81:2e:55:e9:fe:f2:aa:f8: 9e:1b:86:79:f1:20:4e:cf:37:86:4c:5f:f2:14:77: f5:a2:6e:7e:55:82:c4:7a:d1:10:45:fd:06:39:df: 74:0d:be:df:01:20:d0:33:b9:7c:79:3d:42:c7:0e: a5:4a:4e:00:d6:6a:fc:57:de:dc:7a:3b:2a:76:3f: 44:b1:23:8c:b1:0a:92:67:9a:c5:f0:1b:cb:1c:66: b8:0a:d9:5f:fa:09:a5:39:c9:c3:2d:0d:e1:60:6e: a8:f9:c1:ff:81:c2:10:a6:1a:a1:18:f0:d9:b8:4a: a6:1e:b4:95:c6:7b:b1:d4:3c:34:15:51:82:26:53: 47:2c:f3:93:d8:de:7e:5a:f2:45:0c:12:ef:9d:2f: 94:6c:4a:f7:ab:af:88:d9:7c:e9:48:d7:f3:63:8d: 80:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:51:F3:EF:2A:AC:6B:C4:1D:93:F1:E1:94:6D:A1:81:38:40:AD:58 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153896.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.21.0/24 Signature Algorithm: sha256WithRSAEncryption 91:27:9e:7a:c5:d7:b6:e5:49:de:e2:33:f3:34:f8:bb:09:27: d1:9b:c9:26:66:3c:87:bb:85:52:26:8e:40:ed:86:a7:72:ee: dd:44:79:74:28:69:5e:9b:92:26:aa:bd:e6:f0:ec:2c:89:49: 7a:24:3d:b8:40:f3:a5:fd:0c:75:08:a3:a7:37:ef:0b:3d:45: da:94:69:f9:9e:6a:6e:93:90:5c:c8:17:87:f4:21:5c:ff:be: 8e:44:fd:92:82:b8:9e:0b:91:29:b2:f0:fe:8e:af:5b:97:c5: 25:60:24:cd:53:b3:30:ae:00:b8:00:b5:52:73:57:0e:5e:ca: 2d:d3:69:07:0b:e0:c4:48:00:e0:e8:f7:d5:a9:56:e4:c6:cd: 10:f9:dc:18:be:ad:3e:a6:57:c1:2b:0e:f7:dd:0f:4f:ab:d0: e3:35:f4:4f:96:68:b3:3b:89:e4:4a:3b:21:21:a4:00:86:0a: 9c:9e:f0:92:56:56:a1:c0:37:b9:d9:f4:87:cd:e6:d5:3a:05: 60:bc:96:30:94:27:a9:db:f7:59:82:ca:4c:ec:b3:12:e9:c4: 52:e7:59:bc:90:16:f4:d0:95:18:ad:c7:2a:43:91:04:9c:87: f3:3a:00:ab:0b:07:35:f4:9b:ab:aa:9b:26:d8:8d:57:b6:8d: fc:57:b8:6b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUaQw45QndabG8yPeANrYZPPN7t6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwN1oX DTI3MDUwMTA5MjUwN1owMzExMC8GA1UEAxMoMzU1MUYzRUYyQUFDNkJDNDFEOTNG MUUxOTQ2REExODEzODQwQUQ1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuTuzxNyRGPhxBAdqryn3ssNvNoaPJy7vYUshMTeqkzxy+L72XmTWfH2TOg LXeTaxAaIqRH7mIkUEM5VXOxWQ44xa+Q9G51Jgl3vpgOgtPCgqpnx5vVfdfjLjd9 Nxc0UIEuVen+8qr4nhuGefEgTs83hkxf8hR39aJuflWCxHrREEX9BjnfdA2+3wEg 0DO5fHk9QscOpUpOANZq/Ffe3Ho7KnY/RLEjjLEKkmeaxfAbyxxmuArZX/oJpTnJ wy0N4WBuqPnB/4HCEKYaoRjw2bhKph60lcZ7sdQ8NBVRgiZTRyzzk9jeflryRQwS 750vlGxK96uviNl86UjX82ONgMMCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQ1UfPv KqxrxB2T8eGUbaGBOECtWDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzODk2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWMVMA0GCSqGSIb3DQEBCwUAA4IBAQCRJ556xde25Une4jPzNPi7CSfR m8kmZjyHu4VSJo5A7Yancu7dRHl0KGlem5Imqr3m8OwsiUl6JD24QPOl/Qx1CKOn N+8LPUXalGn5nmpuk5BcyBeH9CFc/76ORP2SgrieC5EpsvD+jq9bl8UlYCTNU7Mw rgC4ALVSc1cOXsot02kHC+DESADg6PfVqVbkxs0Q+dwYvq0+plfBKw733Q9Pq9Dj NfRPlmizO4nkSjshIaQAhgqcnvCSVlahwDe52fSHzebVOgVgvJYwlCep2/dZgspM 7LMS6cRS51m8kBb00JUYrccqQ5EEnIfzOgCrCwc19Jurqpsm2I1Xto38V7hr -----END CERTIFICATE-----Generated at Sat May 2 21:04:35 2026 by rpki-client