$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS154353.roa File: AS154353.roa (raw, json) Hash identifier: VxyK6XXxpbzqESJRl7tgvvjODRSUvUwaT6adOuS6nsk= Subject key identifier: 9A:89:41:8A:F7:3D:A8:52:9E:5D:29:36:89:91:ED:2B:EA:C0:F6:AE Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 624179AE9F20342B8A7096B9114BF7FA0B344103 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154353.roa Signing time: Sat 02 May 2026 09:23:08 +0000 ROA not before: Sat 02 May 2026 09:18:08 +0000 ROA not after: Sat 01 May 2027 09:23:08 +0000 asID: 154353 IP address blocks: 138.252.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:41:79:ae:9f:20:34:2b:8a:70:96:b9:11:4b:f7:fa:0b:34:41:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:08 2026 GMT Not After : May 1 09:23:08 2027 GMT Subject: CN=9A89418AF73DA8529E5D29368991ED2BEAC0F6AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ca:72:ff:97:8d:0c:58:c8:bb:c1:b4:d0:0c: 86:ff:6d:c3:8e:ec:6c:24:51:1f:13:c2:83:28:79: 8e:ae:0e:65:81:01:17:c4:be:c8:d9:4c:a4:3c:d3: d3:d4:81:3f:eb:97:d2:30:94:37:64:3e:6a:e5:d3: 35:c8:79:c1:5e:6d:b0:82:66:5e:1f:53:23:df:b5: 0e:83:5d:a5:bb:66:c8:64:a1:ee:84:8b:ca:38:fb: bc:2a:c6:8d:8a:5b:2a:67:81:2f:ed:37:5c:2b:3d: 88:86:8d:f5:0c:df:a5:92:82:30:94:a9:a2:2b:9c: 4b:f2:25:c7:ea:c9:a8:5e:24:69:0f:4a:a0:7c:91: c3:75:83:40:f9:cf:e4:06:b8:b4:b1:73:ee:97:60: 5c:3c:88:5e:22:93:50:8b:83:83:30:b8:0e:96:01: a8:03:da:78:a2:24:b1:bd:4d:47:57:7d:6c:fa:28: 1c:e1:c1:4d:02:92:2c:a2:00:47:b8:56:48:00:3f: d9:c1:7f:d2:7f:fe:4c:02:17:e6:6f:51:22:ff:b4: b5:e5:fb:49:c8:46:62:66:40:84:64:b6:ba:68:66: d6:f5:89:6d:fb:54:90:b8:27:f9:0c:a9:73:6d:1b: 56:9e:40:53:ad:45:50:6f:14:5e:e1:31:0f:11:8f: 60:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:89:41:8A:F7:3D:A8:52:9E:5D:29:36:89:91:ED:2B:EA:C0:F6:AE X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS154353.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.114.0/24 Signature Algorithm: sha256WithRSAEncryption 93:b1:1c:99:e6:ad:00:63:5f:9d:a4:33:95:be:5e:1d:75:e5: 68:d8:29:c6:76:ba:fb:1d:71:b4:1a:e1:9c:0b:27:6d:03:be: 09:23:a7:a2:d0:a6:4f:71:83:77:b9:0e:65:b9:59:7b:b1:67: e0:f3:bc:2f:d4:3c:8a:b0:de:e9:63:f7:b0:52:98:0d:4f:a1: 8a:f4:70:d4:d8:d4:fd:de:4a:b5:fa:fb:49:b8:a7:04:70:e6: 93:14:f8:50:cd:a5:d8:e1:cd:75:30:0c:d8:2c:8f:80:5a:b2: c8:fd:12:fa:09:d5:ff:76:9d:22:ff:10:0f:36:60:fa:0a:87: 9e:d1:d6:93:2f:6a:f6:16:16:c1:e0:33:1c:04:bd:e6:2f:31: 5b:a8:10:d7:11:3d:da:22:ce:a8:df:e6:2b:91:36:d3:2c:68: 94:79:37:b3:5c:30:5e:69:89:bd:4e:81:f8:78:6b:cf:e0:dc: 77:82:2e:b3:98:70:14:31:5f:1d:6b:4e:1a:dd:76:d9:72:a5: 45:b0:74:28:2b:20:66:84:ba:c4:c6:6b:44:31:7c:04:b4:50: a4:02:85:d2:7d:26:41:4f:7b:42:e5:25:3c:de:18:b2:01:07: 3f:b9:99:bf:5b:bc:a8:58:50:a3:7e:2c:b4:58:ba:86:e6:5c: fc:e2:35:c1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUYkF5rp8gNCuKcJa5EUv3+gs0QQMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgwOFoX DTI3MDUwMTA5MjMwOFowMzExMC8GA1UEAxMoOUE4OTQxOEFGNzNEQTg1MjlFNUQy OTM2ODk5MUVEMkJFQUMwRjZBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfKcv+XjQxYyLvBtNAMhv9tw47sbCRRHxPCgyh5jq4OZYEBF8S+yNlMpDzT 09SBP+uX0jCUN2Q+auXTNch5wV5tsIJmXh9TI9+1DoNdpbtmyGSh7oSLyjj7vCrG jYpbKmeBL+03XCs9iIaN9QzfpZKCMJSpoiucS/Ilx+rJqF4kaQ9KoHyRw3WDQPnP 5Aa4tLFz7pdgXDyIXiKTUIuDgzC4DpYBqAPaeKIksb1NR1d9bPooHOHBTQKSLKIA R7hWSAA/2cF/0n/+TAIX5m9RIv+0teX7SchGYmZAhGS2umhm1vWJbftUkLgn+Qyp c20bVp5AU61FUG8UXuExDxGPYJkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSaiUGK 9z2oUp5dKTaJke0r6sD2rjAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTU0MzUzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAivxyMA0GCSqGSIb3DQEBCwUAA4IBAQCTsRyZ5q0AY1+dpDOVvl4ddeVo 2CnGdrr7HXG0GuGcCydtA74JI6ei0KZPcYN3uQ5luVl7sWfg87wv1DyKsN7pY/ew UpgNT6GK9HDU2NT93kq1+vtJuKcEcOaTFPhQzaXY4c11MAzYLI+AWrLI/RL6CdX/ dp0i/xAPNmD6Coee0daTL2r2FhbB4DMcBL3mLzFbqBDXET3aIs6o3+YrkTbTLGiU eTezXDBeaYm9ToH4eGvP4Nx3gi6zmHAUMV8da04a3XbZcqVFsHQoKyBmhLrExmtE MXwEtFCkAoXSfSZBT3tC5SU83hiyAQc/uZm/W7yoWFCjfiy0WLqG5lz84jXB -----END CERTIFICATE-----Generated at Sat May 2 21:05:17 2026 by rpki-client