$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153938.roa File: AS153938.roa (raw, json) Hash identifier: mPint/VG3Ti0YXjwmPRmA8/fqgNVz7U1k5LCbbjflBg= Subject key identifier: FA:D8:99:28:39:68:7A:67:63:84:FE:07:EB:00:AA:4F:D7:CE:3A:A2 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 10AE76F6AF2FD4CC45D3F23FD19710ADAC16A780 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153938.roa Signing time: Sat 02 May 2026 09:22:41 +0000 ROA not before: Sat 02 May 2026 09:17:41 +0000 ROA not after: Sat 01 May 2027 09:22:41 +0000 asID: 153938 IP address blocks: 165.99.102.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ae:76:f6:af:2f:d4:cc:45:d3:f2:3f:d1:97:10:ad:ac:16:a7:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:17:41 2026 GMT Not After : May 1 09:22:41 2027 GMT Subject: CN=FAD8992839687A676384FE07EB00AA4FD7CE3AA2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:2d:55:a8:08:71:c0:90:45:98:6a:f6:bf:51: a1:1a:c6:ff:29:dc:77:b2:ab:da:e7:45:af:16:13: 45:5f:eb:e9:27:24:8b:1c:c4:84:e3:d0:a4:eb:5a: 0f:d9:62:c7:6d:09:8c:f3:49:42:7a:cb:b9:12:fb: f4:91:f5:67:8c:f1:a6:c0:3c:73:36:45:88:67:3f: ac:50:93:3f:9e:e6:f6:d2:12:17:aa:05:98:e7:44: 66:7b:11:2f:d0:c5:4c:13:63:84:d6:b4:9f:1e:38: d9:e6:98:c7:57:ff:9b:28:56:03:05:08:63:d1:19: 01:e3:7e:3c:f7:01:7e:69:55:84:f2:2f:d3:69:31: 19:60:35:9a:0a:d1:11:5d:b6:c9:d7:9e:41:83:2d: b6:b4:14:64:27:30:59:88:71:6a:81:9a:fe:c3:ee: f3:0c:97:83:54:7f:30:19:0c:32:fb:ac:8e:1a:81: 99:e9:79:f7:d0:48:04:e6:4f:11:1d:78:a7:82:03: 1e:8c:33:7a:76:13:e4:f8:17:13:c5:27:63:39:f9: a8:c0:3e:8c:61:54:9f:a7:95:7c:48:64:c8:10:d2: 77:c7:ef:b2:c9:3e:3c:74:52:63:8a:d9:f6:1a:cb: 54:10:c1:04:8c:9c:e0:71:43:c2:c3:ed:de:85:7b: 44:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:D8:99:28:39:68:7A:67:63:84:FE:07:EB:00:AA:4F:D7:CE:3A:A2 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.102.0/24 Signature Algorithm: sha256WithRSAEncryption 12:47:3f:38:b4:1e:f0:57:d4:6c:67:f5:a3:0b:89:a1:f8:51: 9b:bf:e9:55:fd:ef:5d:d6:75:da:cf:ff:94:4d:66:36:26:57: ab:73:44:a7:4b:0a:43:40:a6:4b:8a:ca:32:2f:eb:74:11:55: 51:c0:89:72:43:1a:89:8a:2c:9f:e1:9e:e3:82:14:a8:3d:54: b2:08:fb:10:f6:91:65:4a:55:ef:fd:c6:53:4f:3c:be:09:c6: 81:32:99:0b:26:fc:f6:16:e2:ba:2b:b3:bd:21:4a:de:6b:2a: 98:1f:96:b0:28:03:d1:ee:b0:2c:80:c6:1c:0c:a0:4b:d9:32: b5:02:37:36:0a:45:96:a6:c2:3c:a2:2b:3d:91:93:16:32:58: 0e:20:d0:d8:86:6b:a9:77:db:b9:7a:4f:77:85:c8:8d:b6:ad: 49:4f:6c:97:87:df:47:d5:92:8e:6c:b4:78:82:a8:14:0f:29: 01:31:5d:16:fe:9f:d4:2c:df:99:a2:fa:50:6a:0c:af:9f:3f: 44:aa:78:1f:96:ef:c7:4c:6e:58:18:c4:f4:95:e0:d6:1a:4e: e7:1e:2c:dc:a4:e9:62:ff:23:b6:d4:7d:45:bb:aa:ff:47:0d: 21:9e:96:db:de:66:05:ce:26:47:0a:9d:94:63:48:22:cd:e2: a7:58:ae:33 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUEK529q8v1MxF0/I/0ZcQrawWp4AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTc0MVoX DTI3MDUwMTA5MjI0MVowMzExMC8GA1UEAxMoRkFEODk5MjgzOTY4N0E2NzYzODRG RTA3RUIwMEFBNEZEN0NFM0FBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALAtVagIccCQRZhq9r9RoRrG/yncd7Kr2udFrxYTRV/r6SckixzEhOPQpOta D9lix20JjPNJQnrLuRL79JH1Z4zxpsA8czZFiGc/rFCTP57m9tISF6oFmOdEZnsR L9DFTBNjhNa0nx442eaYx1f/myhWAwUIY9EZAeN+PPcBfmlVhPIv02kxGWA1mgrR EV22ydeeQYMttrQUZCcwWYhxaoGa/sPu8wyXg1R/MBkMMvusjhqBmel599BIBOZP ER14p4IDHowzenYT5PgXE8UnYzn5qMA+jGFUn6eVfEhkyBDSd8fvssk+PHRSY4rZ 9hrLVBDBBIyc4HFDwsPt3oV7REECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBT62Jko OWh6Z2OE/gfrAKpP1846ojAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTM4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWNmMA0GCSqGSIb3DQEBCwUAA4IBAQASRz84tB7wV9RsZ/WjC4mh+FGb v+lV/e9d1nXaz/+UTWY2Jlerc0SnSwpDQKZLisoyL+t0EVVRwIlyQxqJiiyf4Z7j ghSoPVSyCPsQ9pFlSlXv/cZTTzy+CcaBMpkLJvz2FuK6K7O9IUreayqYH5awKAPR 7rAsgMYcDKBL2TK1Ajc2CkWWpsI8ois9kZMWMlgOINDYhmupd9u5ek93hciNtq1J T2yXh99H1ZKObLR4gqgUDykBMV0W/p/ULN+ZovpQagyvnz9Eqngflu/HTG5YGMT0 leDWGk7nHizcpOli/yO21H1Fu6r/Rw0hnpbb3mYFziZHCp2UY0gizeKnWK4z -----END CERTIFICATE-----Generated at Sat May 2 21:05:17 2026 by rpki-client