$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153917.roa File: AS153917.roa (raw, json) Hash identifier: ValuKYmM22enJtfdfq58TEuNzEN2XJmiBMrwfZdPZJE= Subject key identifier: 40:B1:52:BE:B5:01:28:6A:40:B0:33:F1:21:C4:32:92:26:AC:09:30 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 44433F81BEA08A3B737E051EDE973FFCB4F4B111 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153917.roa Signing time: Sat 02 May 2026 09:24:55 +0000 ROA not before: Sat 02 May 2026 09:19:55 +0000 ROA not after: Sat 01 May 2027 09:24:55 +0000 asID: 153917 IP address blocks: 165.99.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:43:3f:81:be:a0:8a:3b:73:7e:05:1e:de:97:3f:fc:b4:f4:b1:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:19:55 2026 GMT Not After : May 1 09:24:55 2027 GMT Subject: CN=40B152BEB501286A40B033F121C4329226AC0930 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f8:79:68:9d:7f:37:ac:0c:14:68:d9:c4:c0: 76:e4:70:77:d8:11:35:79:27:59:08:94:fc:1b:aa: 8d:f7:ec:c0:29:3c:7f:a4:e9:26:9e:6e:7d:bd:74: 8a:90:15:e0:b5:39:39:b2:13:c1:60:44:99:4c:89: 05:f6:d5:61:bc:e0:c1:7e:63:da:35:43:9a:48:57: e8:c9:d4:66:5e:58:8e:bb:24:06:78:54:a8:8d:fd: 0b:11:37:75:9d:52:2d:00:e5:ce:20:ea:53:f1:34: b2:98:b3:7e:3b:28:ab:f7:2e:a4:ea:41:50:92:23: 39:1f:21:b5:2d:db:67:de:08:a9:40:08:fc:c5:b0: 91:c6:84:e9:fc:f3:54:55:c9:a9:0f:77:32:d4:0f: 5b:b8:34:0c:b5:15:b6:a0:b4:56:8f:b1:77:6e:31: d0:7a:02:92:fc:07:39:ab:2c:41:d2:96:10:e0:63: d4:85:fd:7c:85:07:53:86:48:57:48:11:2f:19:f8: 88:bc:4e:c0:88:37:db:4d:39:09:be:53:98:08:66: 6a:46:41:72:1e:79:9d:e5:ec:9d:5e:97:71:6e:04: a8:cb:6c:3d:fa:b0:68:81:d6:f7:39:e3:52:f8:d1: 75:9b:5c:e3:15:06:da:59:c7:1d:9f:5a:50:98:3e: 3e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:B1:52:BE:B5:01:28:6A:40:B0:33:F1:21:C4:32:92:26:AC:09:30 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153917.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.20.0/24 Signature Algorithm: sha256WithRSAEncryption 44:b8:78:3a:61:71:f6:00:02:93:d9:25:13:ce:5a:5b:24:19: 6e:e3:9f:c5:5c:30:2f:e1:f0:cb:6e:73:8c:6c:29:68:e4:b8: 8b:a0:39:46:2f:f4:44:af:fd:29:76:f9:9c:8f:8e:b6:5f:cc: c4:d7:d8:5a:ce:c5:f3:05:33:5e:99:8a:55:a4:d3:1b:86:72: 11:71:bc:3b:8e:7e:4c:27:9e:f0:43:62:9d:3f:d6:fb:7f:d8: ef:25:d3:cf:ff:43:76:af:fe:02:5e:21:de:21:8a:f8:01:56: cc:fe:84:17:09:b7:60:33:99:d6:20:aa:2d:40:7e:33:45:1a: 73:d4:d8:24:05:be:10:89:62:95:84:7e:78:ef:4a:a2:a0:38: 58:06:5e:3f:7e:47:02:2b:5f:fa:46:81:dd:0e:57:78:44:f8: 89:2d:25:b9:3c:1e:cf:2e:e7:a9:ad:32:ea:af:79:4e:f3:e1: c3:9d:8a:b9:a4:0c:3c:1a:70:17:ca:0a:08:b8:43:e4:1b:82: 56:70:04:4d:bd:0e:d4:88:a7:c5:5b:bf:ac:47:4a:08:12:f8: fe:39:e3:9d:72:e0:e8:ad:55:06:50:95:85:91:84:3b:a8:96: f4:28:f0:40:3d:b7:68:7b:e1:9b:b2:4c:1e:a9:26:58:71:00: b9:24:31:bb -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUREM/gb6gijtzfgUe3pc//LT0sREwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTk1NVoX DTI3MDUwMTA5MjQ1NVowMzExMC8GA1UEAxMoNDBCMTUyQkVCNTAxMjg2QTQwQjAz M0YxMjFDNDMyOTIyNkFDMDkzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALP4eWidfzesDBRo2cTAduRwd9gRNXknWQiU/BuqjffswCk8f6TpJp5ufb10 ipAV4LU5ObITwWBEmUyJBfbVYbzgwX5j2jVDmkhX6MnUZl5YjrskBnhUqI39CxE3 dZ1SLQDlziDqU/E0spizfjsoq/cupOpBUJIjOR8htS3bZ94IqUAI/MWwkcaE6fzz VFXJqQ93MtQPW7g0DLUVtqC0Vo+xd24x0HoCkvwHOassQdKWEOBj1IX9fIUHU4ZI V0gRLxn4iLxOwIg32005Cb5TmAhmakZBch55neXsnV6XcW4EqMtsPfqwaIHW9znj UvjRdZtc4xUG2lnHHZ9aUJg+PhECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRAsVK+ tQEoakCwM/EhxDKSJqwJMDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTE3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWMUMA0GCSqGSIb3DQEBCwUAA4IBAQBEuHg6YXH2AAKT2SUTzlpbJBlu 45/FXDAv4fDLbnOMbClo5LiLoDlGL/REr/0pdvmcj462X8zE19hazsXzBTNemYpV pNMbhnIRcbw7jn5MJ57wQ2KdP9b7f9jvJdPP/0N2r/4CXiHeIYr4AVbM/oQXCbdg M5nWIKotQH4zRRpz1NgkBb4QiWKVhH5470qioDhYBl4/fkcCK1/6RoHdDld4RPiJ LSW5PB7PLueprTLqr3lO8+HDnYq5pAw8GnAXygoIuEPkG4JWcARNvQ7UiKfFW7+s R0oIEvj+OeOdcuDorVUGUJWFkYQ7qJb0KPBAPbdoe+GbskweqSZYcQC5JDG7 -----END CERTIFICATE-----Generated at Sat May 2 21:04:40 2026 by rpki-client