$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153119.roa File: AS153119.roa (raw, json) Hash identifier: lQpPs5DqZPlw5atWNe4TCqbpzpr3QT5z3apptA2XZcQ= Subject key identifier: 2A:6A:62:4F:DF:50:2D:2F:A8:00:F5:1E:6E:B6:E7:A5:16:F6:F1:2B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 12CA3AA39ADCA261E4B18054F069957ABD4341D6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153119.roa Signing time: Sat 02 May 2026 09:25:50 +0000 ROA not before: Sat 02 May 2026 09:20:50 +0000 ROA not after: Sat 01 May 2027 09:25:50 +0000 asID: 153119 IP address blocks: 2001:df4:4e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:ca:3a:a3:9a:dc:a2:61:e4:b1:80:54:f0:69:95:7a:bd:43:41:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:50 2026 GMT Not After : May 1 09:25:50 2027 GMT Subject: CN=2A6A624FDF502D2FA800F51E6EB6E7A516F6F12B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f5:d5:aa:14:54:11:4e:2d:61:ae:7e:21:e4: 6c:20:0e:26:4e:1b:2c:6a:c1:12:47:6d:ae:6e:3e: eb:26:5b:2e:38:6a:cd:56:6d:c1:11:0a:78:72:53: 89:f4:fd:ac:23:ca:05:be:16:93:cb:4d:5f:10:11: e9:57:eb:1e:be:2b:db:3d:c2:f3:cb:6a:26:34:1f: 58:cb:6b:aa:9a:4f:60:be:95:4d:32:d9:f8:97:68: e0:06:ed:c4:a9:bb:b2:42:ae:fd:2d:0c:bb:2f:dd: 2c:6b:0e:c8:7e:e6:76:4a:89:da:69:88:e1:80:ac: ac:19:85:ae:0b:0c:32:c3:02:c0:91:f9:74:4e:c0: a0:f4:d8:38:48:62:e9:40:0c:1e:90:37:08:2f:a7: 3f:62:43:bb:a5:14:e5:2e:c3:b8:42:65:61:9e:ea: d9:1d:70:c5:ce:ea:cd:84:12:f0:ce:ba:8a:bd:2e: e5:e7:bb:39:d6:36:a3:32:66:78:ce:33:f4:a3:db: b9:fe:23:8c:b4:58:5e:3b:7b:e0:4e:33:b3:62:2e: 2b:29:15:9f:d9:b1:48:0f:16:0c:d7:bd:1d:22:85: 81:11:45:2f:6d:7e:dc:5e:b5:d6:ef:8a:b6:e6:4e: f6:79:27:d4:7d:ed:78:79:54:6a:02:3f:b2:ee:23: cf:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:6A:62:4F:DF:50:2D:2F:A8:00:F5:1E:6E:B6:E7:A5:16:F6:F1:2B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153119.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:4e40::/48 Signature Algorithm: sha256WithRSAEncryption 1d:64:00:8c:54:c4:0d:ce:36:b0:02:9f:ed:d6:8b:c0:1f:b1: dc:0f:61:6c:f8:19:ca:cd:ac:ae:cb:62:0b:89:ad:a4:7f:96: ae:c6:8b:7d:9d:e9:83:21:18:47:bc:68:d5:ad:71:50:7f:9c: e9:c4:77:d3:02:63:aa:da:83:66:49:6d:b1:17:d7:37:0b:b4: a4:a8:19:aa:3a:f1:cd:f6:33:6d:d3:49:d1:86:c2:61:66:ba: 69:1a:78:04:71:c2:88:b0:91:9f:4a:d3:0c:1a:dc:c3:57:05: eb:98:08:42:d2:cc:e3:8f:24:a7:da:73:c1:bb:18:9f:ca:0f: 1d:0f:c7:f7:43:6b:da:d0:e7:f2:e9:a4:e9:05:cf:0d:e5:df: c9:a1:58:3a:bd:4f:05:7d:2b:83:af:7d:81:b0:d5:66:fe:d8: 7d:a3:07:f9:c9:98:91:4d:53:ce:8b:a8:28:91:a0:07:48:da: 7d:86:f6:f8:c8:b4:c8:80:f3:ef:7b:89:8a:72:3f:a2:ae:81: b7:4d:dc:be:86:fb:e1:42:e9:a2:27:4b:9f:4c:01:b0:ff:9e: a6:6e:dc:6c:0d:a6:e2:05:8a:ca:72:2c:6d:c7:40:d9:ce:a3: 53:da:cf:69:8a:7a:11:68:b6:8a:5f:3d:bd:4a:bf:77:50:62: ef:34:1a:bd -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUEso6o5rcomHksYBU8GmVer1DQdYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1MFoX DTI3MDUwMTA5MjU1MFowMzExMC8GA1UEAxMoMkE2QTYyNEZERjUwMkQyRkE4MDBG NTFFNkVCNkU3QTUxNkY2RjEyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJn11aoUVBFOLWGufiHkbCAOJk4bLGrBEkdtrm4+6yZbLjhqzVZtwREKeHJT ifT9rCPKBb4Wk8tNXxAR6VfrHr4r2z3C88tqJjQfWMtrqppPYL6VTTLZ+Jdo4Abt xKm7skKu/S0Muy/dLGsOyH7mdkqJ2mmI4YCsrBmFrgsMMsMCwJH5dE7AoPTYOEhi 6UAMHpA3CC+nP2JDu6UU5S7DuEJlYZ7q2R1wxc7qzYQS8M66ir0u5ee7OdY2ozJm eM4z9KPbuf4jjLRYXjt74E4zs2IuKykVn9mxSA8WDNe9HSKFgRFFL21+3F611u+K tuZO9nkn1H3teHlUagI/su4jz+MCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQqamJP 31AtL6gA9R5utuelFvbxKzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMTE5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9E5AMA0GCSqGSIb3DQEBCwUAA4IBAQAdZACMVMQNzjawAp/t1ovA H7HcD2Fs+BnKzayuy2ILia2kf5auxot9nemDIRhHvGjVrXFQf5zpxHfTAmOq2oNm SW2xF9c3C7SkqBmqOvHN9jNt00nRhsJhZrppGngEccKIsJGfStMMGtzDVwXrmAhC 0szjjySn2nPBuxifyg8dD8f3Q2va0Ofy6aTpBc8N5d/JoVg6vU8FfSuDr32BsNVm /th9owf5yZiRTVPOi6gokaAHSNp9hvb4yLTIgPPve4mKcj+iroG3Tdy+hvvhQumi J0ufTAGw/56mbtxsDabiBYrKcixtx0DZzqNT2s9pinoRaLaKXz29Sr93UGLvNBq9 -----END CERTIFICATE-----Generated at Sun May 3 00:40:23 2026 by rpki-client