$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154039.roa File: AS154039.roa (raw, json) Hash identifier: xvsqurjLTtkIEzDNFnPIytWIIdpQ4J+CQnj8MtMbkL8= Subject key identifier: 1D:2F:42:A1:E2:C0:85:91:BB:17:16:D1:10:B9:ED:40:B1:CD:1C:38 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 66B9482576C2F649496134077BCFF9CAD0CB2A25 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154039.roa Signing time: Sat 02 May 2026 09:25:00 +0000 ROA not before: Sat 02 May 2026 09:20:00 +0000 ROA not after: Sat 01 May 2027 09:25:00 +0000 asID: 154039 IP address blocks: 138.252.92.0/24 maxlen: 24 165.99.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:b9:48:25:76:c2:f6:49:49:61:34:07:7b:cf:f9:ca:d0:cb:2a:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:00 2026 GMT Not After : May 1 09:25:00 2027 GMT Subject: CN=1D2F42A1E2C08591BB1716D110B9ED40B1CD1C38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:be:fe:ea:24:34:1b:88:5d:e4:82:79:28:60: 13:5f:6c:c0:08:96:2d:ca:f7:a0:d1:78:8f:64:be: f4:4f:a9:40:5e:5f:7a:01:b9:99:76:86:b8:3f:3c: a3:12:97:48:0d:1c:6d:b2:bf:4b:b9:66:92:f1:e7: 04:39:29:f1:68:10:49:db:13:e4:a3:3e:ce:64:61: b5:9f:f5:ab:6d:c7:de:98:e6:0d:79:09:b4:e1:99: a1:92:84:92:b2:e6:18:24:9f:d6:c9:2d:03:12:eb: a5:4b:ca:c8:0a:86:af:a3:aa:4c:99:a1:df:e7:dd: 03:46:22:91:cd:41:ad:9a:37:cd:35:a5:56:1e:a6: f3:3e:ba:9f:e7:3f:98:f7:fe:61:87:36:27:e1:f6: 45:16:96:8f:d5:a5:f3:6f:7f:62:31:44:b4:aa:02: 81:17:ce:bd:9b:73:f5:2e:81:7b:6c:22:fa:9e:ab: 66:b1:f5:42:2f:39:ff:76:03:a6:3f:30:56:8d:90: e8:09:a5:c6:73:7c:fe:6b:41:a4:6a:a0:8c:60:44: 2a:51:07:f4:28:aa:c3:cd:31:0f:47:38:4c:c4:6c: 2d:d0:37:1a:b0:51:5e:4d:1c:33:16:d9:d7:1b:b9: 4c:5b:ae:63:7c:e0:dc:01:5b:73:23:e4:e0:64:77: 9c:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:2F:42:A1:E2:C0:85:91:BB:17:16:D1:10:B9:ED:40:B1:CD:1C:38 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.92.0/24 165.99.57.0/24 Signature Algorithm: sha256WithRSAEncryption 37:3b:40:c8:d0:bd:e2:51:ec:0e:de:fc:5f:1b:a5:ff:d1:d0: 60:c6:d0:a6:52:66:87:0e:56:1a:e5:c5:21:59:fc:cf:68:68: 82:33:24:00:37:6d:3d:c8:7c:3e:f3:8f:2f:f1:86:90:c4:f0: 7b:79:44:5c:74:72:44:93:d9:1a:d5:5e:f3:32:7d:68:d9:3e: 04:5e:4f:f6:50:97:94:19:a9:30:2b:e5:45:da:96:a9:50:54: 93:bf:6c:48:87:88:32:e3:92:21:d8:91:82:9a:da:6a:3f:0c: 55:a5:fc:fa:6d:36:ef:8c:0c:16:78:60:7f:1b:44:9a:38:cf: 8f:43:e6:f4:57:47:06:9b:82:9f:40:18:53:17:42:c6:ff:e2: 19:58:78:12:8c:96:22:af:80:8b:2a:13:9d:50:72:79:3f:94: 69:65:1c:75:21:d6:68:09:28:a1:e2:b9:c7:c2:72:6e:64:41: f0:ad:66:a5:7d:53:d2:5b:c9:37:3f:32:61:8a:b0:5a:26:f0: b9:db:94:8f:77:4c:be:9d:c7:a3:4f:57:4d:a2:7d:a5:3b:22: 09:bc:a0:0c:fd:9d:6b:02:a3:d3:ec:c4:c2:61:f8:99:61:cc: 45:83:6b:da:a7:b7:bd:cc:f4:d4:1b:f4:3a:7e:ee:4b:88:57: d7:f6:77:08 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUZrlIJXbC9klJYTQHe8/5ytDLKiUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwMFoX DTI3MDUwMTA5MjUwMFowMzExMC8GA1UEAxMoMUQyRjQyQTFFMkMwODU5MUJCMTcx NkQxMTBCOUVENDBCMUNEMUMzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMa+/uokNBuIXeSCeShgE19swAiWLcr3oNF4j2S+9E+pQF5fegG5mXaGuD88 oxKXSA0cbbK/S7lmkvHnBDkp8WgQSdsT5KM+zmRhtZ/1q23H3pjmDXkJtOGZoZKE krLmGCSf1sktAxLrpUvKyAqGr6OqTJmh3+fdA0Yikc1BrZo3zTWlVh6m8z66n+c/ mPf+YYc2J+H2RRaWj9Wl829/YjFEtKoCgRfOvZtz9S6Be2wi+p6rZrH1Qi85/3YD pj8wVo2Q6AmlxnN8/mtBpGqgjGBEKlEH9Ciqw80xD0c4TMRsLdA3GrBRXk0cMxbZ 1xu5TFuuY3zg3AFbcyPk4GR3nLECAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQdL0Kh 4sCFkbsXFtEQue1Asc0cODAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0MDM5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAivxcAwQApWM5MA0GCSqGSIb3DQEBCwUAA4IBAQA3O0DI0L3iUewO3vxf G6X/0dBgxtCmUmaHDlYa5cUhWfzPaGiCMyQAN209yHw+848v8YaQxPB7eURcdHJE k9ka1V7zMn1o2T4EXk/2UJeUGakwK+VF2papUFSTv2xIh4gy45Ih2JGCmtpqPwxV pfz6bTbvjAwWeGB/G0SaOM+PQ+b0V0cGm4KfQBhTF0LG/+IZWHgSjJYir4CLKhOd UHJ5P5RpZRx1IdZoCSih4rnHwnJuZEHwrWalfVPSW8k3PzJhirBaJvC525SPd0y+ ncejT1dNon2lOyIJvKAM/Z1rAqPT7MTCYfiZYcxFg2vap7e9zPTUG/Q6fu5LiFfX 9ncI -----END CERTIFICATE-----Generated at Sat May 2 21:06:05 2026 by rpki-client