$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153978.roa File: AS153978.roa (raw, json) Hash identifier: DiDc2nSzr8FHhPdHTJf4S304s8isQ3ncibLzKmnQmC0= Subject key identifier: 2D:59:32:AE:76:34:CF:AA:6B:DC:E8:D4:6E:30:3F:8C:BB:E8:BF:8A Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 76DA9758A2B855680FC4BC74EFED04E330EA3599 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153978.roa Signing time: Sat 02 May 2026 09:22:46 +0000 ROA not before: Sat 02 May 2026 09:17:46 +0000 ROA not after: Sat 01 May 2027 09:22:46 +0000 asID: 153978 IP address blocks: 165.99.126.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:da:97:58:a2:b8:55:68:0f:c4:bc:74:ef:ed:04:e3:30:ea:35:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:17:46 2026 GMT Not After : May 1 09:22:46 2027 GMT Subject: CN=2D5932AE7634CFAA6BDCE8D46E303F8CBBE8BF8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bf:5a:6c:9e:3b:fa:a6:f9:d5:d9:c1:99:97: 6b:78:2a:7c:d3:d9:4f:b8:e8:5d:43:d1:83:ff:b6: 6b:df:41:6b:59:2e:b8:4f:77:c4:91:3c:ba:c0:29: d7:2a:bc:66:6e:86:9b:f2:40:1f:a0:94:90:9a:ff: 06:0d:4f:e8:ec:da:a6:ca:6f:8d:70:05:7b:2a:f0: ba:ac:14:dc:f1:d8:7c:96:84:90:ea:1e:1e:74:e6: ac:8a:df:ba:70:60:f8:b9:d8:fd:74:ca:5a:fe:bf: 1b:86:e9:1a:6b:43:28:86:a7:2d:ae:1b:5a:2b:6a: 61:cd:30:44:25:7c:e8:11:31:3c:a3:18:ab:58:d4: bb:1e:7d:92:e9:1c:0a:0a:4c:3e:2d:08:3d:03:96: d5:d9:0a:61:d3:db:9b:1b:31:08:80:a9:9a:e1:a2: e6:62:18:f7:85:b7:7b:93:7e:67:bd:77:c5:be:5f: 6b:e6:f2:f2:ee:8d:21:39:8e:4c:98:50:63:62:12: 82:47:4f:a1:e0:0e:36:c1:cc:cd:fa:98:fb:25:97: 1b:86:15:33:0f:1d:2a:24:ff:5e:bd:65:b4:8b:7e: 8c:59:92:f4:70:f5:58:3c:d6:c5:0e:b0:c3:04:21: 21:45:97:6b:14:e2:8d:a6:69:a2:a3:9a:d4:63:ab: b0:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:59:32:AE:76:34:CF:AA:6B:DC:E8:D4:6E:30:3F:8C:BB:E8:BF:8A X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153978.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.126.0/23 Signature Algorithm: sha256WithRSAEncryption ad:0b:33:9b:a0:d6:2d:5e:08:0f:c1:8d:41:88:ce:4f:f9:cc: 6c:93:a9:4f:3d:be:0b:ac:1c:9b:7f:19:6e:41:76:49:64:e3: 59:9d:d3:e0:f6:92:e7:ac:48:23:4e:65:a0:30:24:d3:20:60: f0:1f:b2:28:e8:ea:ca:1b:cf:60:87:c5:bd:92:07:68:75:66: 15:8f:6a:15:1a:1c:1b:20:b1:6d:ce:6a:70:f8:98:74:91:fe: fc:fc:51:0c:80:66:0f:90:71:73:d1:73:6c:63:1e:ac:5a:5b: 80:ba:d9:71:bc:ab:11:92:25:1c:e2:a5:a7:6e:4a:e3:3b:7b: 88:1e:93:75:46:9b:1f:83:05:de:8c:c8:06:6c:6a:8a:05:27: 65:4e:03:26:f0:5c:98:38:89:60:2d:11:9c:62:05:00:60:10: d9:48:9c:da:8b:00:a8:b3:c2:8d:b9:c9:fe:b6:bc:bc:0f:01: f6:97:61:ba:62:6f:79:e5:65:cd:f1:4a:48:4e:84:54:e6:24: 76:a5:87:3f:5d:2f:71:da:2e:c5:bc:47:bf:6b:45:f0:c5:45: d3:59:d2:52:1d:73:ac:66:86:48:cb:52:21:04:39:fb:4e:29: c3:ff:53:51:91:14:d8:1a:27:bc:89:57:3f:bb:d6:27:6a:a0: d2:26:1f:ab -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUdtqXWKK4VWgPxLx07+0E4zDqNZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTc0NloX DTI3MDUwMTA5MjI0NlowMzExMC8GA1UEAxMoMkQ1OTMyQUU3NjM0Q0ZBQTZCRENF OEQ0NkUzMDNGOENCQkU4QkY4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL2/WmyeO/qm+dXZwZmXa3gqfNPZT7joXUPRg/+2a99Ba1kuuE93xJE8usAp 1yq8Zm6Gm/JAH6CUkJr/Bg1P6OzapspvjXAFeyrwuqwU3PHYfJaEkOoeHnTmrIrf unBg+LnY/XTKWv6/G4bpGmtDKIanLa4bWitqYc0wRCV86BExPKMYq1jUux59kukc CgpMPi0IPQOW1dkKYdPbmxsxCICpmuGi5mIY94W3e5N+Z713xb5fa+by8u6NITmO TJhQY2ISgkdPoeAONsHMzfqY+yWXG4YVMw8dKiT/Xr1ltIt+jFmS9HD1WDzWxQ6w wwQhIUWXaxTijaZpoqOa1GOrsFsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQtWTKu djTPqmvc6NRuMD+Mu+i/ijAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzOTc4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBpWN+MA0GCSqGSIb3DQEBCwUAA4IBAQCtCzOboNYtXggPwY1BiM5P+cxs k6lPPb4LrBybfxluQXZJZONZndPg9pLnrEgjTmWgMCTTIGDwH7Io6OrKG89gh8W9 kgdodWYVj2oVGhwbILFtzmpw+Jh0kf78/FEMgGYPkHFz0XNsYx6sWluAutlxvKsR kiUc4qWnbkrjO3uIHpN1RpsfgwXejMgGbGqKBSdlTgMm8FyYOIlgLRGcYgUAYBDZ SJzaiwCos8KNucn+try8DwH2l2G6Ym955WXN8UpIToRU5iR2pYc/XS9x2i7FvEe/ a0XwxUXTWdJSHXOsZoZIy1IhBDn7TinD/1NRkRTYGie8iVc/u9YnaqDSJh+r -----END CERTIFICATE-----Generated at Sat May 2 21:04:40 2026 by rpki-client