$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153924.roa File: AS153924.roa (raw, json) Hash identifier: tryHsbqcaB2HO+H9aLFeYusW3iCyExpoVVhDBnfoOjo= Subject key identifier: F6:E3:AE:B7:D2:FD:2A:35:07:51:37:9B:1B:DD:ED:5A:67:D3:E3:34 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 7BAD9D7E785600339A757D0495B7D89E8CCFB111 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153924.roa Signing time: Sat 02 May 2026 09:25:04 +0000 ROA not before: Sat 02 May 2026 09:20:04 +0000 ROA not after: Sat 01 May 2027 09:25:04 +0000 asID: 153924 IP address blocks: 165.99.118.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:ad:9d:7e:78:56:00:33:9a:75:7d:04:95:b7:d8:9e:8c:cf:b1:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:04 2026 GMT Not After : May 1 09:25:04 2027 GMT Subject: CN=F6E3AEB7D2FD2A350751379B1BDDED5A67D3E334 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:2b:ed:3d:7a:ff:90:f8:d2:41:da:85:e1:1f: 16:93:74:8c:25:89:3b:08:f2:19:a1:69:82:01:0b: f1:63:08:bd:40:6c:d9:2b:34:d1:fd:a6:c5:3a:e6: 7b:c2:a8:99:f9:b3:0b:ec:dc:1e:d2:e6:7c:ae:70: a0:f2:05:61:19:3d:a0:b1:44:eb:16:28:1f:83:cf: c2:fd:41:92:31:07:97:b8:56:3f:20:c3:5a:dc:d6: cc:9a:5b:c6:d6:de:ee:02:d3:7a:6d:7e:24:65:6c: 50:f9:79:9e:20:08:a3:79:64:c2:0f:ae:4f:64:a7: 24:bc:91:24:f4:bd:87:2a:ed:a8:9e:b1:ed:03:98: b3:02:c9:80:11:8a:be:a6:48:7c:6c:fe:6a:0b:ee: 5c:1e:06:26:b4:0e:c7:bf:da:a2:2b:09:ed:41:d1: f7:7e:73:38:84:39:ca:b8:ef:ee:e1:c5:85:2f:2d: 46:af:c9:2b:f3:5c:92:24:c4:f9:98:e0:37:27:58: 84:5d:c6:17:0f:0e:27:ea:90:08:a2:69:8a:57:d3: 12:41:6d:f1:e0:b9:31:33:1c:42:44:63:d5:30:8d: 6a:8c:05:02:d0:54:c5:81:19:45:63:45:d5:8e:00: 28:47:16:a6:3c:ed:49:8b:2e:c2:ae:c0:2b:56:ae: af:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:E3:AE:B7:D2:FD:2A:35:07:51:37:9B:1B:DD:ED:5A:67:D3:E3:34 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153924.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.118.0/23 Signature Algorithm: sha256WithRSAEncryption 89:f1:e0:57:21:8a:5a:52:2f:be:33:9f:29:bc:3e:44:d1:a6: 30:a2:a4:93:60:18:26:d8:f4:23:9d:d7:b4:24:0d:6a:ec:60: 2b:5f:42:ae:48:74:1c:1a:d7:e3:32:b0:29:00:39:98:ce:65: e8:9e:f4:d0:d5:93:42:c5:6e:b8:0c:78:f0:43:1f:31:92:f1: bb:eb:b1:b5:da:8b:ef:09:d9:a4:1d:c1:4a:5e:b5:77:78:d5: 12:bd:cc:2d:c1:b0:74:27:79:88:11:32:2a:ac:ad:e9:b6:01: c0:d1:9d:86:c9:70:2a:c7:6b:7f:47:03:a3:3c:1d:b4:33:0b: 43:24:16:43:8b:c5:1c:35:f2:98:f2:0b:2f:10:fe:d3:51:e6: f9:30:5b:9f:d5:f6:53:f7:7c:e8:7f:4b:79:a6:3d:37:43:b0: 75:f9:c3:09:a1:fb:49:94:78:be:82:d0:09:49:95:46:1a:61: 9e:33:59:85:c8:5f:c7:4b:76:5a:c4:2d:9e:a7:3f:20:72:8a: e5:25:74:3a:6a:70:95:4d:e3:b5:1b:ed:6e:0a:07:e9:08:0b: f2:ca:4a:53:9c:6c:de:87:44:98:b4:48:43:d1:7b:38:95:b3: e9:c9:05:63:d6:be:0b:d6:89:be:e9:a0:9c:d3:f4:a0:b6:06: 56:d7:0b:0c -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUe62dfnhWADOadX0ElbfYnozPsREwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwNFoX DTI3MDUwMTA5MjUwNFowMzExMC8GA1UEAxMoRjZFM0FFQjdEMkZEMkEzNTA3NTEz NzlCMUJEREVENUE2N0QzRTMzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJcr7T16/5D40kHaheEfFpN0jCWJOwjyGaFpggEL8WMIvUBs2Ss00f2mxTrm e8KomfmzC+zcHtLmfK5woPIFYRk9oLFE6xYoH4PPwv1BkjEHl7hWPyDDWtzWzJpb xtbe7gLTem1+JGVsUPl5niAIo3lkwg+uT2SnJLyRJPS9hyrtqJ6x7QOYswLJgBGK vqZIfGz+agvuXB4GJrQOx7/aoisJ7UHR935zOIQ5yrjv7uHFhS8tRq/JK/NckiTE +ZjgNydYhF3GFw8OJ+qQCKJpilfTEkFt8eC5MTMcQkRj1TCNaowFAtBUxYEZRWNF 1Y4AKEcWpjztSYsuwq7AK1aurxUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBT24663 0v0qNQdRN5sb3e1aZ9PjNDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBpWN2MA0GCSqGSIb3DQEBCwUAA4IBAQCJ8eBXIYpaUi++M58pvD5E0aYw oqSTYBgm2PQjnde0JA1q7GArX0KuSHQcGtfjMrApADmYzmXonvTQ1ZNCxW64DHjw Qx8xkvG767G12ovvCdmkHcFKXrV3eNUSvcwtwbB0J3mIETIqrK3ptgHA0Z2GyXAq x2t/RwOjPB20MwtDJBZDi8UcNfKY8gsvEP7TUeb5MFuf1fZT93zof0t5pj03Q7B1 +cMJoftJlHi+gtAJSZVGGmGeM1mFyF/HS3ZaxC2epz8gcorlJXQ6anCVTeO1G+1u CgfpCAvyykpTnGzeh0SYtEhD0Xs4lbPpyQVj1r4L1om+6aCc0/SgtgZW1wsM -----END CERTIFICATE-----Generated at Sat May 2 21:04:40 2026 by rpki-client