$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153152.roa File: AS153152.roa (raw, json) Hash identifier: JHTteZgpQ9g7OMk7tGJ5Je0I4J1/hyfZpsg9PiY8cI8= Subject key identifier: 5C:37:3A:C3:33:9A:55:78:DB:7B:7C:5A:0E:91:F9:DD:25:53:57:27 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 492EBC1BBA676B31CBB627F8CC12BDE01F04261D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153152.roa Signing time: Sat 02 May 2026 09:25:56 +0000 ROA not before: Sat 02 May 2026 09:20:56 +0000 ROA not after: Sat 01 May 2027 09:25:56 +0000 asID: 153152 IP address blocks: 2001:df4:8ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:2e:bc:1b:ba:67:6b:31:cb:b6:27:f8:cc:12:bd:e0:1f:04:26:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:56 2026 GMT Not After : May 1 09:25:56 2027 GMT Subject: CN=5C373AC3339A5578DB7B7C5A0E91F9DD25535727 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:95:7e:a1:bb:30:d0:0e:43:4f:f7:4f:04:5c: b6:75:f0:e8:38:c9:bd:d2:76:ec:7b:06:5a:20:a1: bf:46:0e:aa:0b:32:c1:d3:f9:6e:17:95:a0:7a:63: a6:91:11:aa:dc:17:dc:32:af:65:27:1f:ba:f0:e3: f4:2a:42:69:9a:d4:d8:97:5f:4b:7b:52:8b:77:f1: 1f:ab:b2:17:5d:0c:b8:b5:2f:ff:25:73:75:73:f9: f3:39:5e:2a:2d:18:c5:41:8e:79:aa:c5:2c:f7:25: 4b:43:d0:0e:a7:e1:a2:bd:75:93:b8:e7:9b:02:a9: d5:7a:ed:e2:84:3e:49:11:f0:96:9b:5d:7b:87:2b: 45:0b:27:21:21:b8:c9:ca:16:d1:42:1b:83:d9:b5: bf:3c:5f:b1:64:11:99:11:c2:1c:e5:b1:55:5e:7d: 78:19:60:87:58:cc:38:8e:3c:38:29:1b:f4:74:4c: 22:6c:62:db:d2:8b:83:30:9c:13:b8:85:36:20:3f: 90:a1:b8:fa:dc:e0:6f:64:e2:39:99:65:38:f8:ba: d3:37:f1:dd:1d:34:72:6e:17:d2:84:3b:88:74:d4: 53:2a:a6:f7:dd:ac:87:3f:73:a4:6b:84:b6:8a:ba: 72:a5:e1:03:cc:76:bc:a6:5c:18:43:ec:fa:fe:59: 83:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:37:3A:C3:33:9A:55:78:DB:7B:7C:5A:0E:91:F9:DD:25:53:57:27 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:8ec0::/48 Signature Algorithm: sha256WithRSAEncryption 37:c8:a1:8e:1a:04:a2:70:e1:95:9e:bd:33:59:bb:ed:50:74: 8e:a6:f9:ae:b6:a7:a2:89:d3:1e:a0:16:4c:26:52:83:36:c1: 3a:43:8f:25:d9:c4:5b:69:d2:a3:fb:5d:25:d3:70:49:80:9d: 2b:8d:3a:79:37:f0:db:ee:9c:1c:b0:fb:8a:5a:11:f3:44:93: 79:fd:a0:d2:d0:f0:d0:ae:12:5d:19:3e:63:f0:ae:71:e7:7d: 8d:d2:4e:50:a6:11:a3:54:5f:33:2f:1c:52:9d:db:96:33:cd: ba:c2:ca:36:46:d9:14:1c:9d:f9:9a:3b:13:9b:31:f8:7f:72: 56:28:85:53:50:72:7d:c0:35:89:92:4a:0d:bc:c6:ca:57:d7: 38:8c:c6:5e:dd:47:00:54:f6:c6:39:93:54:c9:25:91:1d:b0: 23:11:f9:a1:b7:bc:97:ea:d5:0a:dc:47:f1:b9:bf:d8:61:05: 21:89:16:92:1f:84:c2:d5:ce:c0:09:2b:cf:d0:7f:05:59:38: 76:67:2b:f1:68:f0:1c:37:f1:fc:12:a6:33:60:06:9b:b4:bf: ba:40:48:d8:b6:f2:cc:37:3a:2a:d7:38:98:97:35:c1:98:cf: ae:d9:84:dd:1a:a5:a2:7a:8e:dd:07:4d:dc:2f:0b:32:8d:2a: 61:b2:69:f5 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUSS68G7pnazHLtif4zBK94B8EJh0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1NloX DTI3MDUwMTA5MjU1NlowMzExMC8GA1UEAxMoNUMzNzNBQzMzMzlBNTU3OERCN0I3 QzVBMEU5MUY5REQyNTUzNTcyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuVfqG7MNAOQ0/3TwRctnXw6DjJvdJ27HsGWiChv0YOqgsywdP5bheVoHpj ppERqtwX3DKvZScfuvDj9CpCaZrU2JdfS3tSi3fxH6uyF10MuLUv/yVzdXP58zle Ki0YxUGOearFLPclS0PQDqfhor11k7jnmwKp1Xrt4oQ+SRHwlptde4crRQsnISG4 ycoW0UIbg9m1vzxfsWQRmRHCHOWxVV59eBlgh1jMOI48OCkb9HRMImxi29KLgzCc E7iFNiA/kKG4+tzgb2TiOZllOPi60zfx3R00cm4X0oQ7iHTUUyqm992shz9zpGuE toq6cqXhA8x2vKZcGEPs+v5Zg1MCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRcNzrD M5pVeNt7fFoOkfndJVNXJzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMTUyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9I7AMA0GCSqGSIb3DQEBCwUAA4IBAQA3yKGOGgSicOGVnr0zWbvt UHSOpvmutqeiidMeoBZMJlKDNsE6Q48l2cRbadKj+10l03BJgJ0rjTp5N/Db7pwc sPuKWhHzRJN5/aDS0PDQrhJdGT5j8K5x532N0k5QphGjVF8zLxxSnduWM826wso2 RtkUHJ35mjsTmzH4f3JWKIVTUHJ9wDWJkkoNvMbKV9c4jMZe3UcAVPbGOZNUySWR HbAjEfmht7yX6tUK3Efxub/YYQUhiRaSH4TC1c7ACSvP0H8FWTh2ZyvxaPAcN/H8 EqYzYAabtL+6QEjYtvLMNzoq1ziYlzXBmM+u2YTdGqWieo7dB03cLwsyjSphsmn1 -----END CERTIFICATE-----Generated at Sun May 3 00:39:48 2026 by rpki-client