$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153961.roa File: AS153961.roa (raw, json) Hash identifier: M32cjbxkIPyRXnSKUulaUh2CAKtBevCcjhx5EV0dSPI= Subject key identifier: 41:D9:F1:80:50:00:41:C3:57:86:D0:78:BC:AD:9E:AA:77:D9:43:96 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 545DC444405C7EB010342EB888116203F3B8E37E Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153961.roa Signing time: Sat 02 May 2026 09:25:09 +0000 ROA not before: Sat 02 May 2026 09:20:09 +0000 ROA not after: Sat 01 May 2027 09:25:09 +0000 asID: 153961 IP address blocks: 165.99.202.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:5d:c4:44:40:5c:7e:b0:10:34:2e:b8:88:11:62:03:f3:b8:e3:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:09 2026 GMT Not After : May 1 09:25:09 2027 GMT Subject: CN=41D9F180500041C35786D078BCAD9EAA77D94396 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7b:67:8c:89:f0:ef:17:0e:da:22:4a:fa:7f: d7:71:6c:09:f8:dc:21:7b:7a:77:2b:81:dc:ee:12: 69:ef:0f:41:0d:a5:5c:eb:53:ad:96:f8:2e:70:40: 74:3c:0c:6a:0c:3c:9f:9f:e1:c2:f5:fc:44:c1:09: c4:70:be:96:5b:b6:c6:50:ac:44:61:8d:b2:0c:13: c4:0d:e9:d8:42:1d:17:67:10:18:37:f7:38:f7:e9: 0d:5f:44:ea:fe:3b:3d:67:96:a4:29:8d:92:7e:af: 91:07:4f:1a:ca:de:82:fb:cb:6f:02:64:25:7a:09: 23:fa:e5:3a:06:fa:eb:1d:69:27:b5:8c:b7:06:ee: b8:7f:90:90:db:7a:5f:fb:e1:f9:d2:cb:3a:ba:11: a1:26:2e:c2:21:7d:95:22:aa:ea:a5:58:2b:9d:de: 4f:5e:c2:40:3c:0b:a2:5b:04:bb:5b:7f:ad:e8:38: 6e:27:c0:6d:20:0a:7f:cb:37:61:42:51:ed:a4:55: 2b:2f:39:88:a1:33:97:bb:bf:4b:1f:3e:16:9d:35: a5:0f:41:66:33:a0:1d:42:55:84:37:91:0e:b7:8e: c1:43:e1:6f:ca:ef:b7:12:a7:8d:0d:59:c3:30:33: c3:2b:b6:a8:04:b8:04:21:92:41:22:b6:01:10:97: a9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D9:F1:80:50:00:41:C3:57:86:D0:78:BC:AD:9E:AA:77:D9:43:96 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153961.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.202.0/23 Signature Algorithm: sha256WithRSAEncryption 31:47:63:14:0d:48:9c:c4:a0:de:0c:8f:e3:dc:66:de:17:4a: 9d:c4:42:9e:d9:20:3b:74:a7:e4:08:2c:c8:ec:f6:f3:d0:39: 56:96:fa:f4:e5:17:97:38:40:c2:c2:73:c2:ec:05:8a:a6:b4: c2:a5:c1:e4:73:f5:57:ad:b9:4d:2f:72:58:a0:89:91:f7:02: a5:87:3a:63:f1:72:55:4e:1f:05:0a:ae:87:ac:18:1a:75:57: 6a:fe:f9:e9:fa:27:bd:ec:0d:76:c1:1e:d1:c9:69:15:b0:d4: 42:f9:1b:0c:b8:f2:5f:14:af:78:9f:91:1d:19:74:82:a7:bf: 91:cb:c7:9c:1c:51:6f:76:ba:9b:eb:d9:46:da:74:56:3b:f3: 2c:8f:80:62:21:36:0e:aa:9a:3d:d9:17:41:74:a7:7f:c7:14: 23:d5:e0:d4:ab:65:27:3f:af:33:ec:56:72:e7:7f:14:5c:ac: c4:4e:de:eb:74:66:b3:3d:57:94:31:20:65:a6:7f:87:b4:2a: 9e:13:b0:d8:a5:6e:6d:c3:b1:c2:7c:39:f5:cb:69:88:f0:13: 44:bc:00:8a:0a:43:b1:c9:fa:01:0f:14:74:7a:f1:56:a2:58: 6c:fd:4d:9a:3d:d6:0a:10:ca:6a:dc:6e:30:74:90:e4:b3:c8: b1:13:65:bb -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUVF3EREBcfrAQNC64iBFiA/O4434wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwOVoX DTI3MDUwMTA5MjUwOVowMzExMC8GA1UEAxMoNDFEOUYxODA1MDAwNDFDMzU3ODZE MDc4QkNBRDlFQUE3N0Q5NDM5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJx7Z4yJ8O8XDtoiSvp/13FsCfjcIXt6dyuB3O4Sae8PQQ2lXOtTrZb4LnBA dDwMagw8n5/hwvX8RMEJxHC+llu2xlCsRGGNsgwTxA3p2EIdF2cQGDf3OPfpDV9E 6v47PWeWpCmNkn6vkQdPGsregvvLbwJkJXoJI/rlOgb66x1pJ7WMtwbuuH+QkNt6 X/vh+dLLOroRoSYuwiF9lSKq6qVYK53eT17CQDwLolsEu1t/reg4bifAbSAKf8s3 YUJR7aRVKy85iKEzl7u/Sx8+Fp01pQ9BZjOgHUJVhDeRDreOwUPhb8rvtxKnjQ1Z wzAzwyu2qAS4BCGSQSK2ARCXqXUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRB2fGA UABBw1eG0Hi8rZ6qd9lDljAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTYxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBpWPKMA0GCSqGSIb3DQEBCwUAA4IBAQAxR2MUDUicxKDeDI/j3GbeF0qd xEKe2SA7dKfkCCzI7Pbz0DlWlvr05ReXOEDCwnPC7AWKprTCpcHkc/VXrblNL3JY oImR9wKlhzpj8XJVTh8FCq6HrBgadVdq/vnp+ie97A12wR7RyWkVsNRC+RsMuPJf FK94n5EdGXSCp7+Ry8ecHFFvdrqb69lG2nRWO/Msj4BiITYOqpo92RdBdKd/xxQj 1eDUq2UnP68z7FZy538UXKzETt7rdGazPVeUMSBlpn+HtCqeE7DYpW5tw7HCfDn1 y2mI8BNEvACKCkOxyfoBDxR0evFWolhs/U2aPdYKEMpq3G4wdJDks8ixE2W7 -----END CERTIFICATE-----Generated at Sat May 2 21:04:48 2026 by rpki-client