$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153068.roa File: AS153068.roa (raw, json) Hash identifier: RJdQ4XdttLw69w61Xtg2ym3ny5nCZDSHKgkMXQQTNFE= Subject key identifier: C7:36:6E:65:9C:22:D7:D3:8D:51:0E:95:56:23:7D:2D:2C:AF:4A:0C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6A31E3F97706205CDDEBACFE145F53EFD2138948 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153068.roa Signing time: Sat 02 May 2026 21:04:40 +0000 ROA not before: Sat 02 May 2026 20:59:40 +0000 ROA not after: Sat 01 May 2027 21:04:40 +0000 asID: 153068 IP address blocks: 103.136.76.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:31:e3:f9:77:06:20:5c:dd:eb:ac:fe:14:5f:53:ef:d2:13:89:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 20:59:40 2026 GMT Not After : May 1 21:04:40 2027 GMT Subject: CN=C7366E659C22D7D38D510E9556237D2D2CAF4A0C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:0d:e4:24:c8:b4:3e:5c:d3:d6:17:ff:ca:98: d9:de:9e:97:79:c4:94:97:e6:bb:a6:03:99:eb:1d: b1:71:81:22:0a:7b:09:76:ac:6b:49:a3:a6:f1:14: 8e:dd:7e:c8:d7:59:90:51:1a:b4:4e:6d:1c:78:db: cf:32:bb:c4:b2:8d:80:27:3f:e7:9d:91:8b:5f:9e: cb:5c:59:69:f7:9d:b5:65:3f:66:d3:0f:00:22:fb: e5:2d:12:cc:a4:28:e2:4f:7b:83:be:dd:8d:9d:6d: 30:e8:95:4a:d6:d6:21:98:cc:96:f0:78:67:70:08: 0c:04:f9:3d:ad:6f:8e:89:50:d8:e1:a9:21:53:4e: e0:29:c0:b7:50:74:fb:c6:41:eb:aa:c0:53:34:a2: c1:27:78:f1:49:a0:a2:79:6e:90:18:67:07:f6:0a: 32:ca:19:31:4a:30:27:0f:f6:39:0c:c3:f2:ea:0c: f8:32:59:51:a5:fe:1b:81:ca:69:87:48:c6:92:14: 0b:fe:8e:30:45:2f:6a:00:d1:3b:4d:3a:86:f8:b6: 00:e6:84:98:d3:2f:cf:4d:74:32:f2:d7:fc:63:6f: 81:dd:5b:19:f4:22:42:de:fe:19:6e:3e:fd:e5:ec: cf:c4:5d:d4:41:ed:77:ec:5e:6b:2d:9f:64:b5:14: d5:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:36:6E:65:9C:22:D7:D3:8D:51:0E:95:56:23:7D:2D:2C:AF:4A:0C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153068.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.136.76.0/23 Signature Algorithm: sha256WithRSAEncryption 45:01:ec:7e:c7:79:41:e9:89:f7:02:ce:62:ab:5c:a1:e8:a2: 52:ab:2a:c6:b4:33:24:f8:e2:97:11:c8:50:94:35:30:d1:46: d0:81:f9:dd:39:e8:32:71:80:67:d4:57:8a:90:e2:98:fa:5b: ad:6f:57:97:d3:93:fa:4a:f8:2a:75:67:5a:73:79:82:50:e3: 9c:af:a3:43:37:e2:82:a4:60:e9:68:97:3e:9d:df:73:b2:2c: dd:c6:59:da:92:21:b2:ea:d6:9a:f3:40:d7:45:37:4f:36:54: f8:91:13:8a:1b:81:8b:1c:4f:62:34:26:41:f9:c6:2e:95:d8: b6:f7:04:ca:c0:45:bd:a3:6e:8b:07:3f:30:72:68:ea:1c:36: 18:4c:4c:b3:73:55:3f:13:2d:fd:7a:69:5b:47:2a:86:cf:3f: d7:e4:f0:3d:ab:c5:7b:40:3f:d2:4b:c8:61:e5:be:2c:e6:29: 1f:b9:a0:83:b9:b2:73:08:ea:ba:81:ba:9a:bf:5f:d5:06:62: fa:70:39:85:7e:e6:a0:e6:fa:50:ad:f2:a2:1c:ae:37:aa:d6: 2f:b4:3d:0a:86:01:bc:2e:14:16:f9:23:9b:28:0c:ed:9e:d8: 61:8d:cf:71:16:56:ad:be:67:67:db:40:08:90:6e:a9:e9:59: 8e:3e:01:27 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUajHj+XcGIFzd66z+FF9T79ITiUgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIwNTk0MFoX DTI3MDUwMTIxMDQ0MFowMzExMC8GA1UEAxMoQzczNjZFNjU5QzIyRDdEMzhENTEw RTk1NTYyMzdEMkQyQ0FGNEEwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwN5CTItD5c09YX/8qY2d6el3nElJfmu6YDmesdsXGBIgp7CXasa0mjpvEU jt1+yNdZkFEatE5tHHjbzzK7xLKNgCc/552Ri1+ey1xZafedtWU/ZtMPACL75S0S zKQo4k97g77djZ1tMOiVStbWIZjMlvB4Z3AIDAT5Pa1vjolQ2OGpIVNO4CnAt1B0 +8ZB66rAUzSiwSd48UmgonlukBhnB/YKMsoZMUowJw/2OQzD8uoM+DJZUaX+G4HK aYdIxpIUC/6OMEUvagDRO006hvi2AOaEmNMvz010MvLX/GNvgd1bGfQiQt7+GW4+ /eXsz8Rd1EHtd+xeay2fZLUU1dcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTHNm5l nCLX041RDpVWI30tLK9KDDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMDY4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ4hMMA0GCSqGSIb3DQEBCwUAA4IBAQBFAex+x3lB6Yn3As5iq1yh6KJS qyrGtDMk+OKXEchQlDUw0UbQgfndOegycYBn1FeKkOKY+lutb1eX05P6SvgqdWda c3mCUOOcr6NDN+KCpGDpaJc+nd9zsizdxlnakiGy6taa80DXRTdPNlT4kROKG4GL HE9iNCZB+cYuldi29wTKwEW9o26LBz8wcmjqHDYYTEyzc1U/Ey39emlbRyqGzz/X 5PA9q8V7QD/SS8hh5b4s5ikfuaCDubJzCOq6gbqav1/VBmL6cDmFfuag5vpQrfKi HK43qtYvtD0KhgG8LhQW+SObKAztnthhjc9xFlatvmdn20AIkG6p6VmOPgEn -----END CERTIFICATE-----Generated at Sun May 3 01:40:57 2026 by rpki-client