$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154291.roa File: AS154291.roa (raw, json) Hash identifier: FtXMVHt1WHXmwkryQg6O86btAoWEltilMHJbkpo62ow= Subject key identifier: BC:15:81:FD:B7:F3:09:B9:74:0A:11:B7:56:A3:41:2D:DB:2E:35:9E Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3856542985932ED0DBF46E824B729805E9608B20 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154291.roa Signing time: Sat 02 May 2026 09:22:50 +0000 ROA not before: Sat 02 May 2026 09:17:50 +0000 ROA not after: Sat 01 May 2027 09:22:50 +0000 asID: 154291 IP address blocks: 138.252.16.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:56:54:29:85:93:2e:d0:db:f4:6e:82:4b:72:98:05:e9:60:8b:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:17:50 2026 GMT Not After : May 1 09:22:50 2027 GMT Subject: CN=BC1581FDB7F309B9740A11B756A3412DDB2E359E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c0:4e:62:19:7b:c1:ba:c7:9a:e5:0e:86:3a: 06:22:8f:e5:9d:7b:5b:98:b2:a4:fd:9f:b4:ec:ca: 9b:14:b8:a8:93:0a:26:ed:0f:1b:b8:62:34:f8:70: 91:ae:9a:41:3d:67:4a:10:e6:71:1f:7b:b0:08:9e: 59:be:c1:c1:c0:e4:9a:fb:49:b2:23:55:25:de:1e: 94:59:09:de:16:7e:87:93:69:1a:86:e0:97:44:cf: dc:81:e0:00:08:e5:92:9f:1c:f3:e9:83:70:9e:80: 1a:25:68:bb:58:28:ae:f4:7a:60:6a:54:08:f0:e5: fc:d1:86:b7:5f:0d:5d:49:bc:35:71:57:91:38:59: 1e:a8:34:cf:01:65:1d:f4:d0:7a:d6:c5:12:73:c7: 00:07:61:84:c6:2e:fe:b1:33:71:cf:b8:f2:56:81: 91:3b:9a:42:fa:49:7f:77:af:53:3b:54:aa:15:02: e9:4c:eb:b3:56:c9:65:7e:cb:43:43:c4:57:12:bd: c4:bc:7e:e9:c9:c3:da:8f:01:27:4d:02:6b:8d:fe: 7d:64:ab:4c:c8:b0:57:11:00:0f:f5:29:79:44:fe: 5d:3f:6a:61:bd:96:22:a1:91:ac:e0:fb:c4:55:64: 97:a1:69:4b:ae:4d:8c:4a:1e:26:38:15:da:be:03: db:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:15:81:FD:B7:F3:09:B9:74:0A:11:B7:56:A3:41:2D:DB:2E:35:9E X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154291.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.16.0/24 Signature Algorithm: sha256WithRSAEncryption 36:dd:3f:71:fc:3b:09:99:62:48:68:7f:5c:cc:92:33:a2:12: 3e:36:fe:d6:3a:c8:bd:4e:a6:f6:da:a4:66:71:a2:5f:b6:12: 77:34:69:2d:2d:df:10:ea:da:c9:02:12:36:e6:f6:fa:17:50: bc:bd:fb:22:b7:2f:fa:67:37:c7:49:6a:d0:ff:93:e0:33:a2: a3:fd:0d:ef:03:5d:7b:bd:30:33:47:03:10:63:66:bd:68:f6: 5c:c1:4f:06:a5:8e:26:2c:b7:72:c6:dc:ea:3d:4c:cc:8a:b5: 4b:92:8b:ea:2b:c5:2e:ae:64:19:66:4c:59:c1:48:35:38:f9: 8d:0a:07:ff:64:ae:78:db:fe:98:8f:19:f3:3c:51:ba:11:fa: d7:ee:4f:6a:cb:9b:1f:98:b4:fe:a6:20:af:1a:a5:77:4b:de: 50:76:33:9b:7e:ca:3b:92:df:a6:a8:c5:ce:88:c3:9a:56:cf: 46:ee:af:93:39:0e:6b:d4:d2:dd:bf:3c:1f:d4:2d:85:76:11: 9c:39:66:9e:24:fa:6a:be:d8:83:7d:3a:8f:ab:21:b6:51:a2: fd:12:c0:fc:de:58:4e:8f:4f:16:e9:09:a5:6e:ca:ed:55:93: 80:33:cd:82:4b:f8:77:b9:d1:88:92:63:75:26:6b:d6:f2:cb: 68:5b:bf:3d -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUOFZUKYWTLtDb9G6CS3KYBelgiyAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTc1MFoX DTI3MDUwMTA5MjI1MFowMzExMC8GA1UEAxMoQkMxNTgxRkRCN0YzMDlCOTc0MEEx MUI3NTZBMzQxMkREQjJFMzU5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnATmIZe8G6x5rlDoY6BiKP5Z17W5iypP2ftOzKmxS4qJMKJu0PG7hiNPhw ka6aQT1nShDmcR97sAieWb7BwcDkmvtJsiNVJd4elFkJ3hZ+h5NpGobgl0TP3IHg AAjlkp8c8+mDcJ6AGiVou1gorvR6YGpUCPDl/NGGt18NXUm8NXFXkThZHqg0zwFl HfTQetbFEnPHAAdhhMYu/rEzcc+48laBkTuaQvpJf3evUztUqhUC6Uzrs1bJZX7L Q0PEVxK9xLx+6cnD2o8BJ00Ca43+fWSrTMiwVxEAD/UpeUT+XT9qYb2WIqGRrOD7 xFVkl6FpS65NjEoeJjgV2r4D25sCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBS8FYH9 t/MJuXQKEbdWo0Et2y41njAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0MjkxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAivwQMA0GCSqGSIb3DQEBCwUAA4IBAQA23T9x/DsJmWJIaH9czJIzohI+ Nv7WOsi9Tqb22qRmcaJfthJ3NGktLd8Q6trJAhI25vb6F1C8vfsity/6ZzfHSWrQ /5PgM6Kj/Q3vA117vTAzRwMQY2a9aPZcwU8GpY4mLLdyxtzqPUzMirVLkovqK8Uu rmQZZkxZwUg1OPmNCgf/ZK542/6YjxnzPFG6EfrX7k9qy5sfmLT+piCvGqV3S95Q djObfso7kt+mqMXOiMOaVs9G7q+TOQ5r1NLdvzwf1C2FdhGcOWaeJPpqvtiDfTqP qyG2UaL9EsD83lhOj08W6QmlbsrtVZOAM82CS/h3udGIkmN1JmvW8stoW789 -----END CERTIFICATE-----Generated at Sat May 2 21:04:34 2026 by rpki-client