$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153126.roa File: AS153126.roa (raw, json) Hash identifier: vn0wrgKOVQsaCd8Xyc82aFVIOzGLilRfjnXuJPgmOYo= Subject key identifier: F0:D0:66:1A:5E:AD:9D:B6:F5:25:D6:DF:9C:3B:59:DE:B8:C7:A2:D0 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 27B99C6A3DC5143145847E9D96DD82BFCC4048B5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153126.roa Signing time: Sat 02 May 2026 09:26:04 +0000 ROA not before: Sat 02 May 2026 09:21:04 +0000 ROA not after: Sat 01 May 2027 09:26:04 +0000 asID: 153126 IP address blocks: 2001:df4:48c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:b9:9c:6a:3d:c5:14:31:45:84:7e:9d:96:dd:82:bf:cc:40:48:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:04 2026 GMT Not After : May 1 09:26:04 2027 GMT Subject: CN=F0D0661A5EAD9DB6F525D6DF9C3B59DEB8C7A2D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:08:ed:4a:1f:13:f5:0b:2f:05:94:09:fc:37: 44:61:7f:b5:6a:97:d9:c0:cc:94:8a:9f:3f:e8:72: 10:69:c0:89:19:23:50:20:16:64:b3:87:31:18:6f: 66:f5:ba:4a:ca:b2:b9:b3:b9:02:05:57:28:c3:cf: 5d:c3:d9:05:fd:29:67:4c:6f:1b:d9:aa:d9:35:a7: 2d:32:4f:3f:16:d6:0f:2d:a1:62:80:d6:39:56:a3: f3:e0:5c:54:f3:57:af:08:0e:6a:9c:29:14:f7:0d: 75:0b:c9:01:6f:59:08:04:34:f2:18:f2:6e:a1:ea: e8:83:ed:da:17:da:78:ee:23:a7:e1:35:09:3d:00: 2e:9c:dc:c5:4b:83:73:af:bb:7c:eb:07:bf:c2:8f: ee:c2:39:5d:08:98:aa:f9:70:14:c8:09:7a:52:9d: 49:94:66:92:3a:6e:77:fc:40:31:db:1f:38:1e:8d: 89:4f:15:4c:53:71:02:cd:f5:5d:bf:fc:de:0e:eb: df:c9:dd:cd:25:3e:d4:86:58:98:dd:b1:0a:f8:d0: 3d:d0:a9:12:67:e6:4f:5d:b1:9a:87:7e:84:c0:92: 1f:02:b8:09:3a:9c:ec:4d:82:74:2f:09:59:e5:d9: 4c:24:7b:e8:ac:f7:d7:26:93:df:e7:17:6d:f7:62: 9d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:D0:66:1A:5E:AD:9D:B6:F5:25:D6:DF:9C:3B:59:DE:B8:C7:A2:D0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153126.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:48c0::/48 Signature Algorithm: sha256WithRSAEncryption 94:af:b0:f7:5e:39:0d:a9:af:eb:33:a0:72:54:d7:1d:31:9f: 07:64:4b:d6:44:b0:9c:5c:7b:26:cd:88:3d:fb:44:4b:3c:14: b3:02:00:af:42:20:0a:35:8c:ca:54:01:c6:90:84:11:f3:0f: 16:ca:7c:d1:7a:b2:68:80:ba:65:8d:19:73:47:80:19:e0:24: b6:30:b6:6a:78:6b:b8:c0:a6:8a:f3:a0:8f:3a:ac:fa:1f:cd: b3:e5:35:e4:f5:f5:a1:60:1a:1f:e9:c7:ff:a1:a9:f4:7c:a1: 67:8f:28:b7:c5:38:f5:26:25:dd:b9:8e:1e:53:63:b6:b6:27: f3:18:ae:56:87:ff:18:b7:67:7f:6c:91:7e:a4:71:41:72:00: a1:82:c2:61:07:f5:0d:7d:63:31:c6:ee:2a:ac:f3:da:91:98: 86:08:c2:3f:9b:ab:4e:96:86:c4:8a:9d:a9:31:22:15:ab:4a: 3d:ef:6f:ed:d9:04:66:ed:43:5a:04:45:7e:a9:80:23:32:4a: 32:0b:5e:6f:56:8b:66:a4:42:22:1e:66:81:2b:3a:b3:7d:07: 33:67:ac:f8:a0:ac:55:c2:4f:7b:8c:bd:5d:03:e9:f7:6c:9b: 77:7d:ce:7d:fd:fe:67:b6:1f:53:de:41:2a:1a:a4:8a:bd:4a: 6b:76:8d:17 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUJ7mcaj3FFDFFhH6dlt2Cv8xASLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwNFoX DTI3MDUwMTA5MjYwNFowMzExMC8GA1UEAxMoRjBEMDY2MUE1RUFEOURCNkY1MjVE NkRGOUMzQjU5REVCOEM3QTJEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0I7UofE/ULLwWUCfw3RGF/tWqX2cDMlIqfP+hyEGnAiRkjUCAWZLOHMRhv ZvW6SsqyubO5AgVXKMPPXcPZBf0pZ0xvG9mq2TWnLTJPPxbWDy2hYoDWOVaj8+Bc VPNXrwgOapwpFPcNdQvJAW9ZCAQ08hjybqHq6IPt2hfaeO4jp+E1CT0ALpzcxUuD c6+7fOsHv8KP7sI5XQiYqvlwFMgJelKdSZRmkjpud/xAMdsfOB6NiU8VTFNxAs31 Xb/83g7r38ndzSU+1IZYmN2xCvjQPdCpEmfmT12xmod+hMCSHwK4CTqc7E2CdC8J WeXZTCR76Kz31yaT3+cXbfdinesCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTw0GYa Xq2dtvUl1t+cO1neuMei0DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMTI2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9EjAMA0GCSqGSIb3DQEBCwUAA4IBAQCUr7D3XjkNqa/rM6ByVNcd MZ8HZEvWRLCcXHsmzYg9+0RLPBSzAgCvQiAKNYzKVAHGkIQR8w8WynzRerJogLpl jRlzR4AZ4CS2MLZqeGu4wKaK86CPOqz6H82z5TXk9fWhYBof6cf/oan0fKFnjyi3 xTj1JiXduY4eU2O2tifzGK5Wh/8Yt2d/bJF+pHFBcgChgsJhB/UNfWMxxu4qrPPa kZiGCMI/m6tOlobEip2pMSIVq0o972/t2QRm7UNaBEV+qYAjMkoyC15vVotmpEIi HmaBKzqzfQczZ6z4oKxVwk97jL1dA+n3bJt3fc59/f5nth9T3kEqGqSKvUprdo0X -----END CERTIFICATE-----Generated at Sun May 3 00:41:48 2026 by rpki-client