$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153945.roa File: AS153945.roa (raw, json) Hash identifier: /Fthu2JzR68+M/+Ar3zvydmcvgMF1RPcHsZS3iox7bA= Subject key identifier: BD:60:FD:B5:DE:E8:B4:C4:F2:92:17:AC:93:DA:6F:F4:CD:AA:CF:37 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 174A25BFBD08DBE45F525239CC045CC79EEA78C3 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153945.roa Signing time: Sat 02 May 2026 09:25:02 +0000 ROA not before: Sat 02 May 2026 09:20:02 +0000 ROA not after: Sat 01 May 2027 09:25:02 +0000 asID: 153945 IP address blocks: 165.99.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:4a:25:bf:bd:08:db:e4:5f:52:52:39:cc:04:5c:c7:9e:ea:78:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:02 2026 GMT Not After : May 1 09:25:02 2027 GMT Subject: CN=BD60FDB5DEE8B4C4F29217AC93DA6FF4CDAACF37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:78:98:f8:ef:4d:18:25:01:da:64:c9:98:01: 30:55:ad:32:98:37:4c:ce:c8:c0:94:f4:24:73:e1: f9:17:43:fb:fb:54:9e:83:13:c5:4d:b5:77:90:65: 0b:fb:3d:fb:2d:89:05:38:e2:a5:41:cc:b1:49:87: 4a:e3:84:15:2c:27:38:ce:4e:a6:b9:35:1f:36:f2: 66:c0:7d:f9:ab:16:4f:9e:6a:c7:f6:6f:4e:17:f2: de:2f:e4:1d:1b:3a:ed:bb:ca:9e:a2:b9:f2:a4:1c: 7a:c7:8c:d0:e4:ae:65:6e:03:ae:24:95:db:e5:40: 5c:92:42:55:b2:bc:36:46:8c:11:72:37:70:dd:77: ff:da:93:40:05:fc:d4:57:f3:b7:c8:44:71:25:b9: 7c:d3:ca:ff:38:77:56:71:62:e6:ca:34:c5:b1:9c: 3b:2f:3d:25:27:8e:a1:b5:bd:55:53:a9:18:06:b4: 0d:82:fd:94:aa:d4:e8:1b:9b:20:6d:08:84:5c:40: 1d:7b:c1:ac:91:bf:b3:db:8b:be:ec:52:96:86:0d: b4:d5:ca:ba:2c:64:9e:bf:81:aa:08:b2:63:f5:25: 05:1b:32:1c:fe:ca:ce:be:a3:a8:40:4a:76:1f:f6: 9e:bd:0a:01:6d:10:f0:25:10:69:44:ac:15:50:30: 4a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:60:FD:B5:DE:E8:B4:C4:F2:92:17:AC:93:DA:6F:F4:CD:AA:CF:37 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153945.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.107.0/24 Signature Algorithm: sha256WithRSAEncryption 72:91:7e:a9:b9:24:7e:d6:37:74:c3:41:df:a2:42:10:f5:99: bd:85:ba:d1:4b:18:42:d9:5c:d1:92:d4:62:2a:50:fe:e3:79: 72:f7:a9:85:6c:3a:63:bc:8a:dc:a3:23:43:51:96:5e:6a:93: f0:09:65:f3:e1:9f:62:25:af:ea:4c:9c:83:50:42:3b:4f:4c: 54:77:24:0d:92:ea:81:52:14:a9:28:73:9c:6b:5a:63:17:db: cd:c1:b0:0e:0e:e5:52:5c:84:ed:ae:77:cf:75:d0:84:19:74: 59:d7:0a:19:24:37:d0:56:d4:c0:eb:c9:75:f2:da:0d:c7:a6: 1b:44:64:1b:d1:5e:9f:7e:d5:03:5a:8b:eb:7f:82:8f:a5:f9: 8e:02:f7:45:a0:53:ad:23:18:62:b3:ff:9d:ef:c8:2f:50:fc: bc:83:35:c8:82:a2:ef:92:c7:9f:f3:10:39:9f:39:05:de:c6: a4:59:55:c4:c6:3f:79:24:fc:e3:e3:cf:a5:89:9f:c8:4b:9d: 48:62:da:09:7e:93:95:f5:48:8f:4a:f6:ce:b6:c5:94:c5:4c: 30:e8:e0:fb:a9:12:5a:3e:e7:ee:84:41:22:9b:27:af:38:56: 2e:bb:a3:a7:42:fb:9d:cc:66:12:d0:ee:73:30:3d:a0:27:32: f7:63:3f:4b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUF0olv70I2+RfUlI5zARcx57qeMMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwMloX DTI3MDUwMTA5MjUwMlowMzExMC8GA1UEAxMoQkQ2MEZEQjVERUU4QjRDNEYyOTIx N0FDOTNEQTZGRjRDREFBQ0YzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZ4mPjvTRglAdpkyZgBMFWtMpg3TM7IwJT0JHPh+RdD+/tUnoMTxU21d5Bl C/s9+y2JBTjipUHMsUmHSuOEFSwnOM5Oprk1HzbyZsB9+asWT55qx/ZvThfy3i/k HRs67bvKnqK58qQceseM0OSuZW4DriSV2+VAXJJCVbK8NkaMEXI3cN13/9qTQAX8 1Ffzt8hEcSW5fNPK/zh3VnFi5so0xbGcOy89JSeOobW9VVOpGAa0DYL9lKrU6Bub IG0IhFxAHXvBrJG/s9uLvuxSloYNtNXKuixknr+BqgiyY/UlBRsyHP7Kzr6jqEBK dh/2nr0KAW0Q8CUQaUSsFVAwSu8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBS9YP21 3ui0xPKSF6yT2m/0zarPNzAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTQ1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWNrMA0GCSqGSIb3DQEBCwUAA4IBAQBykX6puSR+1jd0w0HfokIQ9Zm9 hbrRSxhC2VzRktRiKlD+43ly96mFbDpjvIrcoyNDUZZeapPwCWXz4Z9iJa/qTJyD UEI7T0xUdyQNkuqBUhSpKHOca1pjF9vNwbAODuVSXITtrnfPddCEGXRZ1woZJDfQ VtTA68l18toNx6YbRGQb0V6fftUDWovrf4KPpfmOAvdFoFOtIxhis/+d78gvUPy8 gzXIgqLvksef8xA5nzkF3sakWVXExj95JPzj48+liZ/IS51IYtoJfpOV9UiPSvbO tsWUxUww6OD7qRJaPufuhEEimyevOFYuu6OnQvudzGYS0O5zMD2gJzL3Yz9L -----END CERTIFICATE-----Generated at Sat May 2 21:03:45 2026 by rpki-client