$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153937.roa File: AS153937.roa (raw, json) Hash identifier: tulZNil1JC3JH/cDGCvWE0KBchoCNYI9rLQnDX2+6Vw= Subject key identifier: 04:DA:68:FC:12:E8:09:60:FB:AE:26:55:AC:70:53:EB:64:42:07:44 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 08D5923488C4E2E988D97A3EF9846C8C19426037 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153937.roa Signing time: Sat 02 May 2026 09:25:03 +0000 ROA not before: Sat 02 May 2026 09:20:03 +0000 ROA not after: Sat 01 May 2027 09:25:03 +0000 asID: 153937 IP address blocks: 165.99.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:d5:92:34:88:c4:e2:e9:88:d9:7a:3e:f9:84:6c:8c:19:42:60:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:03 2026 GMT Not After : May 1 09:25:03 2027 GMT Subject: CN=04DA68FC12E80960FBAE2655AC7053EB64420744 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:62:ff:1d:65:0d:8b:9a:ea:1e:e1:cc:89:d1: 10:58:e7:bd:b8:2a:6b:5e:40:6d:02:20:78:9d:32: 3b:60:04:8e:f9:fc:77:c5:07:91:67:74:8c:c1:c0: b1:e0:41:80:e6:5d:9f:ee:56:47:fd:2b:f7:c7:92: 11:4e:8e:66:b0:92:59:6a:59:5c:24:cf:45:83:fe: 0a:ab:1c:e3:4f:33:15:c7:4e:5d:14:70:c0:2a:67: d6:44:58:72:fb:4c:3c:73:be:a7:cc:74:98:d0:b6: e3:10:59:7d:23:85:b7:a3:10:63:5b:42:88:4e:ad: 2a:7a:89:2e:74:38:da:61:56:05:02:82:61:55:32: b4:7a:97:d2:cf:26:1f:f6:c1:04:59:ec:8a:73:73: 7e:e0:87:9e:c9:3a:2c:b0:05:ba:ac:f6:8f:88:7b: 30:21:f9:ab:5d:39:70:04:b4:88:35:00:3e:44:f2: 4c:bf:5b:d4:2a:7e:dd:a2:db:57:82:8d:94:7f:b7: 80:91:b4:64:7b:a0:10:4a:86:16:90:37:27:b8:df: e6:da:67:38:ef:3e:ed:e5:de:32:d2:12:71:21:06: f3:92:00:b2:6c:ff:08:41:df:c3:66:6f:df:0c:e0: 8c:c2:18:9a:3d:f2:a0:87:c6:c5:f2:f2:96:34:b9: 04:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:DA:68:FC:12:E8:09:60:FB:AE:26:55:AC:70:53:EB:64:42:07:44 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153937.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.71.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:1e:8c:39:90:da:12:a8:1a:7b:d5:10:d4:60:37:39:52:56: 85:37:d7:47:2d:43:9a:19:af:7c:d1:8f:3c:2f:25:3f:27:09: 55:dd:db:04:25:1e:02:fc:a9:b3:7d:81:06:5f:88:74:68:1e: 33:f3:46:56:32:d2:2f:a9:ab:0d:80:db:7f:54:21:cc:2e:0f: b7:a0:af:6c:df:a6:40:fd:6b:8c:3a:8c:95:5d:12:36:ad:34: eb:ee:97:e2:3a:ed:2f:49:8c:ab:00:9b:2a:07:2d:e2:5f:b4: d7:fd:70:12:13:fa:da:02:4a:d5:7d:af:6e:ff:d4:80:99:f9: ac:af:27:71:83:bf:a3:84:f0:ab:26:a0:35:93:a6:f9:d8:11: f9:be:ea:46:51:4a:69:e4:ab:0f:3f:4a:35:62:95:55:40:27: 05:88:de:86:1e:b0:a0:3a:1f:ff:e8:b6:16:91:d1:dd:72:f9: 4f:22:81:6c:ce:fb:ea:2f:14:cf:b4:53:5b:a2:14:7c:e6:79: 4b:fd:33:94:c0:03:45:d1:c6:57:d8:2f:fc:0b:82:a1:3c:79: 3d:24:61:79:b7:59:d0:70:83:ff:6e:05:a2:b5:ae:3f:e0:6f: d2:7d:77:8c:46:98:d5:1b:39:6d:b6:a8:0f:eb:19:48:2c:a2: e6:2c:8b:28 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUCNWSNIjE4umI2Xo++YRsjBlCYDcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwM1oX DTI3MDUwMTA5MjUwM1owMzExMC8GA1UEAxMoMDREQTY4RkMxMkU4MDk2MEZCQUUy NjU1QUM3MDUzRUI2NDQyMDc0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMBi/x1lDYua6h7hzInREFjnvbgqa15AbQIgeJ0yO2AEjvn8d8UHkWd0jMHA seBBgOZdn+5WR/0r98eSEU6OZrCSWWpZXCTPRYP+Cqsc408zFcdOXRRwwCpn1kRY cvtMPHO+p8x0mNC24xBZfSOFt6MQY1tCiE6tKnqJLnQ42mFWBQKCYVUytHqX0s8m H/bBBFnsinNzfuCHnsk6LLAFuqz2j4h7MCH5q105cAS0iDUAPkTyTL9b1Cp+3aLb V4KNlH+3gJG0ZHugEEqGFpA3J7jf5tpnOO8+7eXeMtIScSEG85IAsmz/CEHfw2Zv 3wzgjMIYmj3yoIfGxfLyljS5BBUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQE2mj8 EugJYPuuJlWscFPrZEIHRDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTM3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWNHMA0GCSqGSIb3DQEBCwUAA4IBAQBLHow5kNoSqBp71RDUYDc5UlaF N9dHLUOaGa980Y88LyU/JwlV3dsEJR4C/KmzfYEGX4h0aB4z80ZWMtIvqasNgNt/ VCHMLg+3oK9s36ZA/WuMOoyVXRI2rTTr7pfiOu0vSYyrAJsqBy3iX7TX/XASE/ra AkrVfa9u/9SAmfmsrydxg7+jhPCrJqA1k6b52BH5vupGUUpp5KsPP0o1YpVVQCcF iN6GHrCgOh//6LYWkdHdcvlPIoFszvvqLxTPtFNbohR85nlL/TOUwANF0cZX2C/8 C4KhPHk9JGF5t1nQcIP/bgWita4/4G/SfXeMRpjVGzlttqgP6xlILKLmLIso -----END CERTIFICATE-----Generated at Sat May 2 21:04:36 2026 by rpki-client