$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154097.roa File: AS154097.roa (raw, json) Hash identifier: arhKPtkgi1F8rXaDGxZAcpFzNrN0WSfwXJAJB445i9E= Subject key identifier: 56:97:BF:3E:2D:7E:1F:57:DC:BC:FD:30:0B:7F:F1:B5:17:A4:D9:C3 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 64354743F27973133E7ACE32EDC6CCCA445A1B0A Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154097.roa Signing time: Sat 02 May 2026 09:25:07 +0000 ROA not before: Sat 02 May 2026 09:20:07 +0000 ROA not after: Sat 01 May 2027 09:25:07 +0000 asID: 154097 IP address blocks: 165.99.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:35:47:43:f2:79:73:13:3e:7a:ce:32:ed:c6:cc:ca:44:5a:1b:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:20:07 2026 GMT Not After : May 1 09:25:07 2027 GMT Subject: CN=5697BF3E2D7E1F57DCBCFD300B7FF1B517A4D9C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:35:6d:d7:f8:91:c5:c6:76:30:12:e2:7c:6a: e4:94:01:34:67:0c:c9:66:83:92:9f:6c:42:31:06: a3:4a:13:2a:7f:93:4c:14:c6:e6:35:32:99:ec:ae: f7:39:8e:7b:ab:f4:15:52:15:b2:1c:80:3c:00:97: da:65:01:06:c6:ba:6e:d6:b9:66:ee:18:d7:cf:8c: 68:41:2a:0c:18:4c:7c:73:f9:d8:0e:42:c9:97:49: 9e:cf:a1:05:b2:d8:9b:d5:70:73:72:90:9f:54:19: 76:ac:18:7b:61:51:0f:f8:72:e3:5e:b8:28:da:c0: b7:8d:1a:9e:37:2e:16:b0:13:c8:17:4f:2f:d8:27: f4:6c:63:b9:07:aa:ea:ae:f6:61:8c:c1:f4:ee:00: 18:1f:d7:3c:3b:26:16:65:9b:0c:c4:93:76:a0:c6: 9d:92:02:b3:b6:2c:2f:7b:ab:f7:e6:4e:25:ec:83: d2:f5:6e:bd:70:34:b0:90:38:2c:57:0b:4a:5f:e9: 15:51:89:03:29:7e:95:05:c1:dc:66:8c:cc:76:e2: 46:fa:4f:ce:7c:ea:60:21:ff:78:ec:e5:25:ce:20: 38:33:21:66:be:8f:28:5f:a8:f8:5f:0c:3c:3c:f5: 79:a5:df:23:60:c5:58:8e:d9:bf:65:c3:c7:5f:1e: 29:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:97:BF:3E:2D:7E:1F:57:DC:BC:FD:30:0B:7F:F1:B5:17:A4:D9:C3 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154097.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.98.0/24 Signature Algorithm: sha256WithRSAEncryption a4:48:b2:d7:f5:09:34:f8:47:76:6f:39:08:4d:21:07:39:95: c9:e4:34:38:da:5f:50:66:16:13:55:7c:8d:c2:5c:08:72:c0: 4b:ee:db:94:b9:90:91:5a:76:41:62:be:d3:7e:2b:7e:7e:ed: f9:6c:03:c6:8c:d9:86:4f:8c:a2:87:33:49:bd:1d:2f:df:95: a4:b4:38:e9:41:af:40:f0:fe:b1:5e:92:51:f8:be:18:19:4b: d2:35:d4:7a:b4:df:4e:59:fb:d9:e9:5b:e6:60:86:9e:b2:b7: 76:3d:bf:69:53:49:92:b3:a9:30:4f:64:39:01:fb:4f:e3:1d: 5d:8a:62:ea:2a:a2:55:a0:79:cd:9a:43:91:d8:84:1a:fc:10: 15:b6:03:ff:1e:06:05:60:f5:12:2f:e6:6c:a9:77:a0:46:ba: 95:e5:a4:ba:fe:ef:96:73:31:0b:ac:46:63:ed:89:b6:c1:7d: 55:70:bf:6e:20:08:a3:ce:47:7f:a4:6d:0e:8b:b0:80:24:83: 48:b3:d6:7a:b6:e0:1e:8c:8f:9b:4b:b4:1a:77:4c:0f:6e:9e: f7:5c:0c:52:a5:ec:0c:57:37:5f:73:91:74:f4:f9:78:28:e7: 2d:95:49:ef:7b:cc:44:4f:e0:9f:2b:fb:9a:7b:f8:02:5e:d3: 8c:49:d7:87 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUZDVHQ/J5cxM+es4y7cbMykRaGwowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MjAwN1oX DTI3MDUwMTA5MjUwN1owMzExMC8GA1UEAxMoNTY5N0JGM0UyRDdFMUY1N0RDQkNG RDMwMEI3RkYxQjUxN0E0RDlDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO01bdf4kcXGdjAS4nxq5JQBNGcMyWaDkp9sQjEGo0oTKn+TTBTG5jUymeyu 9zmOe6v0FVIVshyAPACX2mUBBsa6bta5Zu4Y18+MaEEqDBhMfHP52A5CyZdJns+h BbLYm9Vwc3KQn1QZdqwYe2FRD/hy4164KNrAt40anjcuFrATyBdPL9gn9GxjuQeq 6q72YYzB9O4AGB/XPDsmFmWbDMSTdqDGnZICs7YsL3ur9+ZOJeyD0vVuvXA0sJA4 LFcLSl/pFVGJAyl+lQXB3GaMzHbiRvpPznzqYCH/eOzlJc4gODMhZr6PKF+o+F8M PDz1eaXfI2DFWI7Zv2XDx18eKcsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRWl78+ LX4fV9y8/TALf/G1F6TZwzAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0MDk3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQApWNiMA0GCSqGSIb3DQEBCwUAA4IBAQCkSLLX9Qk0+Ed2bzkITSEHOZXJ 5DQ42l9QZhYTVXyNwlwIcsBL7tuUuZCRWnZBYr7Tfit+fu35bAPGjNmGT4yihzNJ vR0v35WktDjpQa9A8P6xXpJR+L4YGUvSNdR6tN9OWfvZ6VvmYIaesrd2Pb9pU0mS s6kwT2Q5AftP4x1dimLqKqJVoHnNmkOR2IQa/BAVtgP/HgYFYPUSL+ZsqXegRrqV 5aS6/u+WczELrEZj7Ym2wX1VcL9uIAijzkd/pG0Oi7CAJINIs9Z6tuAejI+bS7Qa d0wPbp73XAxSpewMVzdfc5F09Pl4KOctlUnve8xET+CfK/uae/gCXtOMSdeH -----END CERTIFICATE-----Generated at Sat May 2 21:03:33 2026 by rpki-client