$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS151009.roa File: AS151009.roa (raw, json) Hash identifier: XhAqmbzvqgbyHzaJQZ7yH1walpUlxvCnORyWS/64dhA= Subject key identifier: 48:7C:5D:63:40:B9:83:9E:13:09:78:0E:B7:8B:B2:84:C7:16:8C:08 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 48A3E56FA403AB4CAE35BBCD5272FC370ADC51C7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151009.roa Signing time: Sat 02 May 2026 09:21:22 +0000 ROA not before: Sat 02 May 2026 09:16:22 +0000 ROA not after: Sat 01 May 2027 09:21:22 +0000 asID: 151009 IP address blocks: 103.214.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:a3:e5:6f:a4:03:ab:4c:ae:35:bb:cd:52:72:fc:37:0a:dc:51:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:22 2026 GMT Not After : May 1 09:21:22 2027 GMT Subject: CN=487C5D6340B9839E1309780EB78BB284C7168C08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:10:77:06:40:bf:8b:32:0a:17:62:c9:cf:7e: d4:1a:a7:0f:67:78:e7:75:e9:43:a8:7f:e1:aa:0b: c9:f1:ef:d0:59:e6:1d:d9:a9:d8:69:79:52:87:7a: f6:41:58:14:a2:df:2c:d6:a8:b9:cb:9a:b2:c0:07: a7:7c:46:f0:38:e3:06:ae:c7:4a:b3:ef:1c:09:39: 71:58:fd:6d:72:df:81:10:a1:b3:1f:ba:61:8c:4c: 57:12:84:aa:91:83:69:ba:c7:b1:03:77:44:5d:5f: bb:62:e3:4f:8a:8e:8c:9a:5e:ea:90:b8:ce:d0:81: 5c:ef:89:ab:fd:ad:a0:28:6e:21:8f:87:e1:b9:2f: 21:c7:4d:45:3d:22:2b:0e:31:10:cc:b4:48:ae:43: 69:c5:ae:a2:46:47:86:a8:8b:2e:bb:f8:a7:b2:e7: 2f:80:e6:b4:54:ed:e1:8c:19:71:91:65:b5:ac:a8: ea:63:73:5b:b9:73:2b:9d:32:49:ea:6d:d8:5d:1c: 2e:1d:99:b1:9d:61:97:f2:e1:31:2d:57:b8:39:92: 39:15:b0:e7:54:3f:a4:5b:26:17:b0:fe:57:56:e8: 28:29:bb:67:c2:d4:51:f2:7a:d2:9b:7f:f5:d4:96: 52:02:f7:c5:38:38:43:1c:82:d7:23:e1:a6:0c:09: de:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:7C:5D:63:40:B9:83:9E:13:09:78:0E:B7:8B:B2:84:C7:16:8C:08 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.214.251.0/24 Signature Algorithm: sha256WithRSAEncryption 6e:44:e8:9e:85:65:8f:66:15:6f:6f:1a:9d:fb:81:d0:eb:3e: bb:0e:7f:e8:7e:12:17:d9:2b:5c:3c:a6:1a:e0:2a:6c:75:8d: 35:33:d4:fa:41:85:7a:cd:39:5e:ba:7a:75:f2:c2:95:36:ff: 6b:7e:79:78:1e:6f:fb:a0:a6:3d:17:9c:06:23:9e:4f:92:43: 82:72:41:47:2f:f9:1e:69:8c:14:3d:25:cf:fd:d4:18:3f:a6: c0:37:0e:c5:d7:c8:dc:21:35:d4:e1:26:65:0f:73:6b:10:d3: 24:82:86:6b:bb:60:25:69:85:d3:18:30:fe:95:24:a4:40:30: 3a:cd:16:e6:8f:fe:99:30:30:4a:87:f6:f3:bf:03:17:12:8e: 8f:25:d2:1c:78:5c:7e:f5:5c:dd:39:22:0d:ca:61:3d:f3:04: 1f:ed:20:dd:8f:e6:cd:ce:b5:1e:11:d4:ce:b9:48:4d:a2:0d: 5c:37:4b:c7:7c:f7:2f:58:89:90:f6:fa:6b:3e:f3:77:84:ed: f6:2c:14:0d:25:ca:b2:cd:a8:54:96:ba:90:c4:32:f8:f3:12: 4d:c2:eb:90:98:8f:98:e7:4a:20:39:41:aa:1f:b4:79:af:75: b5:83:67:6c:9f:d0:36:ca:75:ad:63:83:66:91:03:20:4c:5a: 3a:43:3f:02 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUSKPlb6QDq0yuNbvNUnL8NwrcUccwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTYyMloX DTI3MDUwMTA5MjEyMlowMzExMC8GA1UEAxMoNDg3QzVENjM0MEI5ODM5RTEzMDk3 ODBFQjc4QkIyODRDNzE2OEMwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwQdwZAv4syChdiyc9+1BqnD2d453XpQ6h/4aoLyfHv0FnmHdmp2Gl5Uod6 9kFYFKLfLNaoucuassAHp3xG8DjjBq7HSrPvHAk5cVj9bXLfgRChsx+6YYxMVxKE qpGDabrHsQN3RF1fu2LjT4qOjJpe6pC4ztCBXO+Jq/2toChuIY+H4bkvIcdNRT0i Kw4xEMy0SK5DacWuokZHhqiLLrv4p7LnL4DmtFTt4YwZcZFltayo6mNzW7lzK50y Sept2F0cLh2ZsZ1hl/LhMS1XuDmSORWw51Q/pFsmF7D+V1boKCm7Z8LUUfJ60pt/ 9dSWUgL3xTg4QxyC1yPhpgwJ3qUCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRIfF1j QLmDnhMJeA63i7KExxaMCDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUxMDA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAZ9b7MA0GCSqGSIb3DQEBCwUAA4IBAQBuROiehWWPZhVvbxqd+4HQ6z67 Dn/ofhIX2StcPKYa4CpsdY01M9T6QYV6zTleunp18sKVNv9rfnl4Hm/7oKY9F5wG I55PkkOCckFHL/keaYwUPSXP/dQYP6bANw7F18jcITXU4SZlD3NrENMkgoZru2Al aYXTGDD+lSSkQDA6zRbmj/6ZMDBKh/bzvwMXEo6PJdIceFx+9VzdOSINymE98wQf 7SDdj+bNzrUeEdTOuUhNog1cN0vHfPcvWImQ9vprPvN3hO32LBQNJcqyzahUlrqQ xDL48xJNwuuQmI+Y50ogOUGqH7R5r3W1g2dsn9A2ynWtY4NmkQMgTFo6Qz8C -----END CERTIFICATE-----Generated at Sun May 3 01:40:54 2026 by rpki-client