$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153554.roa File: AS153554.roa (raw, json) Hash identifier: IyzS10QLFmcyzwk8HiBJOi6a2PJCoV7SCztv8lEC9hw= Subject key identifier: B0:03:7C:41:5D:48:68:AD:1A:6D:3C:16:A7:14:36:4A:91:62:6E:E7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5C7CAE7CFC43C3E82C44BE97057490787D4E5926 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153554.roa Signing time: Sat 02 May 2026 09:26:00 +0000 ROA not before: Sat 02 May 2026 09:21:00 +0000 ROA not after: Sat 01 May 2027 09:26:00 +0000 asID: 153554 IP address blocks: 2001:df4:e3c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:7c:ae:7c:fc:43:c3:e8:2c:44:be:97:05:74:90:78:7d:4e:59:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:00 2026 GMT Not After : May 1 09:26:00 2027 GMT Subject: CN=B0037C415D4868AD1A6D3C16A714364A91626EE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:37:2a:be:03:10:93:a5:d3:3b:de:0e:4b:cc: 1d:09:27:51:8d:5a:62:33:dd:a3:c9:20:f5:76:47: af:dd:86:35:6b:f4:4e:36:dc:71:d2:4d:c8:ad:b7: 9f:65:75:9e:38:5d:3b:df:07:6b:35:44:c8:fa:70: 68:d5:db:77:2c:4a:91:55:33:91:c9:03:3b:9f:f7: fd:10:69:72:85:50:8d:84:89:e2:a9:f4:9c:10:50: 01:bf:a3:d4:2a:73:d4:0d:7a:11:72:1e:13:4b:05: 95:07:9a:ad:43:d1:54:15:e3:52:e4:6d:d0:a5:0d: cd:07:d0:64:29:dc:c6:2e:26:d3:c8:f8:d8:33:33: 58:0c:6e:e6:6e:e3:15:ed:04:0f:66:65:10:bc:f7: e9:2c:f8:31:0d:2a:7e:ce:09:5a:ff:79:d3:6f:6c: dd:54:1a:55:bb:b9:c3:c4:dc:cc:b5:a6:39:dc:94: c4:ef:bc:1c:83:68:90:19:e2:d8:10:3b:06:f2:ca: 53:e6:a0:3c:af:92:da:58:f6:5c:f8:1d:57:4c:f4: cd:e0:b8:5e:f6:d4:72:8b:b1:6f:00:18:01:d3:72: 30:3e:b4:14:f4:1a:92:3f:73:86:72:9b:b8:88:db: 95:21:fe:29:ac:36:cf:8d:f2:69:e3:e2:c2:aa:3e: b5:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:03:7C:41:5D:48:68:AD:1A:6D:3C:16:A7:14:36:4A:91:62:6E:E7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153554.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:e3c0::/48 Signature Algorithm: sha256WithRSAEncryption 67:e7:85:36:90:6f:73:70:47:15:f6:4a:30:dd:ec:2c:6e:ae: 1e:71:1e:5b:55:4f:5c:48:aa:f6:83:b0:3a:56:df:95:ad:77: a1:bc:27:a0:14:6b:b1:aa:33:8e:de:8c:a6:8a:80:71:c6:dd: b4:18:56:95:15:06:2f:8a:fe:48:c8:bd:74:53:8d:07:4f:d6: ee:1e:89:f4:68:31:be:f9:ef:01:13:26:e8:97:f6:81:09:be: 91:06:ed:1e:2b:f0:9a:2d:64:70:5c:93:45:4d:60:a9:cf:a5: 38:c5:f4:b6:0c:46:4c:2c:49:81:ac:44:15:c1:ef:24:6a:1a: 68:4c:c9:7d:20:e4:97:76:4b:4b:84:1e:39:7e:b2:f8:47:b7: 6f:d7:ff:f0:f2:9b:36:1a:39:c1:34:68:78:b1:7a:35:3d:21: b0:49:6b:d0:f8:20:15:13:dd:1c:ab:c8:ae:87:40:a4:c1:2b: 36:fe:a9:1f:2a:48:46:7b:a0:e7:c8:0d:7c:16:7d:c8:f0:45: 08:f5:b9:c0:dc:45:f2:cd:5a:53:4d:70:01:b7:7a:ec:bc:10: e1:a7:93:69:be:02:dc:f1:f3:a3:ec:89:50:5f:7f:9a:5b:9f: 47:e2:d8:20:e0:41:80:71:0c:e0:fb:88:af:a2:e2:c4:ff:42: d5:f5:e2:37 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUXHyufPxDw+gsRL6XBXSQeH1OWSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwMFoX DTI3MDUwMTA5MjYwMFowMzExMC8GA1UEAxMoQjAwMzdDNDE1RDQ4NjhBRDFBNkQz QzE2QTcxNDM2NEE5MTYyNkVFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL03Kr4DEJOl0zveDkvMHQknUY1aYjPdo8kg9XZHr92GNWv0TjbccdJNyK23 n2V1njhdO98HazVEyPpwaNXbdyxKkVUzkckDO5/3/RBpcoVQjYSJ4qn0nBBQAb+j 1Cpz1A16EXIeE0sFlQearUPRVBXjUuRt0KUNzQfQZCncxi4m08j42DMzWAxu5m7j Fe0ED2ZlELz36Sz4MQ0qfs4JWv95029s3VQaVbu5w8TczLWmOdyUxO+8HINokBni 2BA7BvLKU+agPK+S2lj2XPgdV0z0zeC4XvbUcouxbwAYAdNyMD60FPQakj9zhnKb uIjblSH+Kaw2z43yaePiwqo+tVsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSwA3xB XUhorRptPBanFDZKkWJu5zAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNTU0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9OPAMA0GCSqGSIb3DQEBCwUAA4IBAQBn54U2kG9zcEcV9kow3ews bq4ecR5bVU9cSKr2g7A6Vt+VrXehvCegFGuxqjOO3oymioBxxt20GFaVFQYviv5I yL10U40HT9buHon0aDG++e8BEybol/aBCb6RBu0eK/CaLWRwXJNFTWCpz6U4xfS2 DEZMLEmBrEQVwe8kahpoTMl9IOSXdktLhB45frL4R7dv1//w8ps2GjnBNGh4sXo1 PSGwSWvQ+CAVE90cq8iuh0CkwSs2/qkfKkhGe6DnyA18Fn3I8EUI9bnA3EXyzVpT TXABt3rsvBDhp5NpvgLc8fOj7IlQX3+aW59H4tgg4EGAcQzg+4ivouLE/0LV9eI3 -----END CERTIFICATE-----Generated at Sun May 3 00:39:42 2026 by rpki-client