$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS151521.roa File: AS151521.roa (raw, json) Hash identifier: 2GYRn3JTS8lGcX0JxIYx8Cq24TfD2aq1glg5sRxAsOo= Subject key identifier: 5E:72:22:F3:B4:7A:2F:98:B3:31:A9:F6:39:EB:A6:6B:1A:87:40:30 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 29BC0CFB95DEAC42F2741BA8F3B65DDB1D00634E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151521.roa Signing time: Sat 02 May 2026 21:16:39 +0000 ROA not before: Sat 02 May 2026 21:11:39 +0000 ROA not after: Sat 01 May 2027 21:16:39 +0000 asID: 151521 IP address blocks: 103.176.143.0/24 maxlen: 24 103.234.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:bc:0c:fb:95:de:ac:42:f2:74:1b:a8:f3:b6:5d:db:1d:00:63:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 21:11:39 2026 GMT Not After : May 1 21:16:39 2027 GMT Subject: CN=5E7222F3B47A2F98B331A9F639EBA66B1A874030 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:db:b0:3c:6b:33:d1:fc:bb:b1:6b:3e:9b:47: 4e:b2:dd:66:d5:0e:88:23:70:5f:d2:09:16:3a:30: 25:3a:c6:42:09:3c:8c:c4:19:9e:9c:91:97:94:15: 2f:1a:ee:fc:fb:38:92:2b:87:03:36:b1:ff:f1:97: 5c:ff:fd:5a:ba:60:83:3a:ef:59:81:28:47:99:e6: c2:f4:46:f0:05:a3:e2:a1:1d:79:b1:1d:34:e9:cf: 42:eb:e4:c7:07:ef:33:2b:fd:3c:6c:9b:91:1d:37: a5:d6:44:10:c5:de:91:85:8d:08:49:8f:8c:88:20: 5e:52:c1:62:cc:67:56:dd:ab:a3:f7:22:63:39:9e: ec:ff:81:1f:19:11:90:b1:b4:52:b8:ee:4d:76:91: 71:f9:9c:69:5d:c9:ff:e9:12:4a:da:9b:43:32:16: de:e4:70:df:7a:27:42:64:35:7c:e3:37:89:11:0a: 7f:fd:0e:8f:08:12:b5:3e:ed:16:eb:fc:6a:3d:6d: 9b:ea:38:64:bb:12:91:0a:ea:c1:27:b2:47:94:3d: 78:3f:4d:7b:b5:1b:b8:61:1c:93:d5:4a:8f:aa:0f: d8:40:21:dc:cf:3e:c8:a3:db:66:b7:08:a5:fa:b4: d5:f3:ba:21:8d:68:58:d1:26:ea:11:c4:a9:19:89: 65:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:72:22:F3:B4:7A:2F:98:B3:31:A9:F6:39:EB:A6:6B:1A:87:40:30 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.176.143.0/24 103.234.34.0/23 Signature Algorithm: sha256WithRSAEncryption 5d:69:a4:e0:72:7e:1a:7b:a1:78:3b:89:e0:7c:92:be:65:eb: ec:f6:77:22:0c:b7:e4:25:66:57:e6:91:12:6a:4d:51:6e:51: d6:48:00:9c:6c:6b:a5:63:71:e7:dc:e4:e9:19:d7:4e:a5:2f: f3:65:fa:ae:c2:4b:74:39:2d:22:9e:ed:ef:ac:31:b6:93:62: b5:88:23:f0:af:d8:7d:b6:af:a0:2f:74:3b:e8:ce:e7:04:d7: 7f:d1:aa:80:77:5e:16:d8:0d:98:c2:d8:0d:6c:15:85:48:c1: 98:2b:ab:da:41:36:4d:65:42:b4:fe:fe:54:04:3c:ac:0e:21: cd:ca:3b:c5:5e:69:0b:d4:99:6c:a7:be:98:e6:be:3a:66:cb: 64:11:81:57:ac:61:f6:1e:0c:56:04:7f:7b:f8:d8:25:40:98: e1:aa:a2:ce:8c:80:35:8e:f9:e4:a2:d9:09:c7:2f:94:21:c7: 79:20:ce:10:b6:d1:ac:a0:20:19:4c:96:ea:85:7a:d7:23:91: 20:fd:5f:ce:82:8a:21:cc:bf:9d:8b:6b:76:96:94:d2:3d:35: dc:43:c1:2a:fb:0e:38:84:31:4a:8d:97:4c:35:09:33:4e:eb: 21:de:ce:4b:93:38:74:96:d3:19:b4:a1:a9:b7:31:da:2d:6f: ff:f7:4d:04 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUKbwM+5XerELydBuo87Zd2x0AY04wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIxMTEzOVoX DTI3MDUwMTIxMTYzOVowMzExMC8GA1UEAxMoNUU3MjIyRjNCNDdBMkY5OEIzMzFB OUY2MzlFQkE2NkIxQTg3NDAzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOzbsDxrM9H8u7FrPptHTrLdZtUOiCNwX9IJFjowJTrGQgk8jMQZnpyRl5QV Lxru/Ps4kiuHAzax//GXXP/9WrpggzrvWYEoR5nmwvRG8AWj4qEdebEdNOnPQuvk xwfvMyv9PGybkR03pdZEEMXekYWNCEmPjIggXlLBYsxnVt2ro/ciYzme7P+BHxkR kLG0UrjuTXaRcfmcaV3J/+kSStqbQzIW3uRw33onQmQ1fOM3iREKf/0OjwgStT7t Fuv8aj1tm+o4ZLsSkQrqwSeyR5Q9eD9Ne7UbuGEck9VKj6oP2EAh3M8+yKPbZrcI pfq01fO6IY1oWNEm6hHEqRmJZXUCAwEAAaOCAdIwggHOMB0GA1UdDgQWBBReciLz tHovmLMxqfY566ZrGodAMDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUxNTIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAZ7CPAwQBZ+oiMA0GCSqGSIb3DQEBCwUAA4IBAQBdaaTgcn4ae6F4O4ng fJK+Zevs9nciDLfkJWZX5pESak1RblHWSACcbGulY3Hn3OTpGddOpS/zZfquwkt0 OS0inu3vrDG2k2K1iCPwr9h9tq+gL3Q76M7nBNd/0aqAd14W2A2YwtgNbBWFSMGY K6vaQTZNZUK0/v5UBDysDiHNyjvFXmkL1Jlsp76Y5r46ZstkEYFXrGH2HgxWBH97 +NglQJjhqqLOjIA1jvnkotkJxy+UIcd5IM4QttGsoCAZTJbqhXrXI5Eg/V/Ogooh zL+di2t2lpTSPTXcQ8Eq+w44hDFKjZdMNQkzTush3s5Lkzh0ltMZtKGptzHaLW// 900E -----END CERTIFICATE-----Generated at Sun May 3 00:41:39 2026 by rpki-client