$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153155.roa File: AS153155.roa (raw, json) Hash identifier: XSD000Uq5erWi7LnP5/PlKLuvF5/H0m6GXgClbCpAHA= Subject key identifier: AA:D8:42:FF:ED:EA:F7:46:08:BF:C2:E4:09:09:83:9E:09:27:2B:1F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 37690A07A102FD674DAAA12E3FB53FF78AF9A12E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153155.roa Signing time: Sat 02 May 2026 09:25:50 +0000 ROA not before: Sat 02 May 2026 09:20:50 +0000 ROA not after: Sat 01 May 2027 09:25:50 +0000 asID: 153155 IP address blocks: 2001:df4:8fc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:69:0a:07:a1:02:fd:67:4d:aa:a1:2e:3f:b5:3f:f7:8a:f9:a1:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:50 2026 GMT Not After : May 1 09:25:50 2027 GMT Subject: CN=AAD842FFEDEAF74608BFC2E40909839E09272B1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c7:2b:5c:be:92:f9:fb:b3:af:f3:09:5a:97: 27:09:b1:3f:88:e5:bd:15:cd:38:4f:b0:96:28:b9: bc:26:d5:a5:c4:84:a9:94:60:9a:e5:e0:9c:f3:47: 98:63:6f:f6:ec:c5:a7:42:1d:b9:dc:48:6d:36:98: 58:74:ee:bd:63:75:14:fb:20:5e:87:41:c5:59:de: fa:47:0d:ca:68:03:74:fd:9c:61:20:cb:a3:06:3b: 2b:36:68:3c:76:21:f4:3a:a7:37:7f:a9:7c:0a:cc: b1:b5:c0:a8:c1:5d:64:2e:db:97:ae:a8:f2:de:ea: 99:72:f5:a0:f3:79:37:f8:7e:05:ba:c7:e6:16:18: 00:8f:f6:53:87:5b:67:2c:87:b9:62:0a:f5:ce:5c: 6d:c3:26:a5:fb:8b:44:7c:66:15:f7:ad:3b:b7:ef: 39:a3:2f:f2:b4:8d:b9:53:59:70:ef:cd:06:5f:df: 63:4b:0b:a5:e6:5d:3a:b1:05:60:50:c8:8a:0c:0d: 52:f0:e3:a1:0c:ff:66:f9:f5:6e:0d:31:dd:be:d9: cf:f1:74:4f:e4:4c:1c:a1:4e:d9:12:9a:1a:10:3d: fb:8e:38:19:26:5a:5c:6a:85:f8:3b:47:17:4d:69: 0b:2a:10:84:4f:17:ff:0b:d4:ee:9c:dd:5a:bb:35: 95:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:D8:42:FF:ED:EA:F7:46:08:BF:C2:E4:09:09:83:9E:09:27:2B:1F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153155.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:8fc0::/48 Signature Algorithm: sha256WithRSAEncryption 04:f0:7a:f8:de:93:e6:53:ea:59:7f:57:54:d6:60:74:20:63: 80:3f:8a:05:c2:02:61:9f:fd:44:fa:93:39:39:b7:05:87:9a: b2:89:b5:33:d0:d5:48:de:4a:ce:03:05:81:61:f1:bf:95:d0: 1d:46:a0:b4:8d:b3:a0:5b:29:8c:5a:fc:b9:f8:a3:fe:11:71: f8:79:8c:7e:7f:33:7d:d4:d6:e4:6f:20:52:64:74:81:3c:9d: 03:5d:f9:fd:6f:3f:bb:f8:7c:76:03:32:c7:3a:8b:8f:88:13: 49:c1:8f:28:04:58:b7:9f:89:88:b2:c4:6c:a5:05:67:ff:5f: b7:a7:73:2c:dc:0a:32:56:ca:ed:2d:36:ad:a1:97:a3:14:4a: eb:86:bc:a1:84:b6:84:8b:0f:77:bd:b6:f4:52:ba:82:39:ee: fc:02:99:88:d7:94:76:d0:06:26:b5:2c:9b:ff:58:a9:5b:ff: cb:50:25:be:cc:f5:df:5d:8a:9c:ef:d2:2a:42:ae:1a:d7:7f: c5:ef:98:50:76:02:fb:b1:34:fa:e9:ee:b2:4d:2c:a8:51:21: 96:99:d6:e2:6e:97:68:cc:c9:7a:eb:0d:44:36:28:49:55:0f: e9:06:74:d4:fd:ca:40:d3:a3:ec:ed:16:70:f4:ec:57:17:ab: 26:70:42:05 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUN2kKB6EC/WdNqqEuP7U/94r5oS4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1MFoX DTI3MDUwMTA5MjU1MFowMzExMC8GA1UEAxMoQUFEODQyRkZFREVBRjc0NjA4QkZD MkU0MDkwOTgzOUUwOTI3MkIxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJrHK1y+kvn7s6/zCVqXJwmxP4jlvRXNOE+wlii5vCbVpcSEqZRgmuXgnPNH mGNv9uzFp0IdudxIbTaYWHTuvWN1FPsgXodBxVne+kcNymgDdP2cYSDLowY7KzZo PHYh9DqnN3+pfArMsbXAqMFdZC7bl66o8t7qmXL1oPN5N/h+BbrH5hYYAI/2U4db ZyyHuWIK9c5cbcMmpfuLRHxmFfetO7fvOaMv8rSNuVNZcO/NBl/fY0sLpeZdOrEF YFDIigwNUvDjoQz/Zvn1bg0x3b7Zz/F0T+RMHKFO2RKaGhA9+444GSZaXGqF+DtH F01pCyoQhE8X/wvU7pzdWrs1lZ0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSq2EL/ 7er3Rgi/wuQJCYOeCScrHzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMTU1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9I/AMA0GCSqGSIb3DQEBCwUAA4IBAQAE8Hr43pPmU+pZf1dU1mB0 IGOAP4oFwgJhn/1E+pM5ObcFh5qyibUz0NVI3krOAwWBYfG/ldAdRqC0jbOgWymM Wvy5+KP+EXH4eYx+fzN91NbkbyBSZHSBPJ0DXfn9bz+7+Hx2AzLHOouPiBNJwY8o BFi3n4mIssRspQVn/1+3p3Ms3AoyVsrtLTatoZejFErrhryhhLaEiw93vbb0UrqC Oe78ApmI15R20AYmtSyb/1ipW//LUCW+zPXfXYqc79IqQq4a13/F75hQdgL7sTT6 6e6yTSyoUSGWmdbibpdozMl66w1ENihJVQ/pBnTU/cpA06Ps7RZw9OxXF6smcEIF -----END CERTIFICATE-----Generated at Sun May 3 00:40:22 2026 by rpki-client