$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153573.roa File: AS153573.roa (raw, json) Hash identifier: DG2DwHXZpawqLmTbhclQ669roSGDSnScoWJgQcV2/Ns= Subject key identifier: 48:4F:46:8D:5A:BE:1C:8C:CF:1B:C6:A4:08:A8:BF:2D:1C:10:D7:3B Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 35E84A4D0AC614086F20EDA89898368F5188D2B6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153573.roa Signing time: Sat 02 May 2026 09:25:21 +0000 ROA not before: Sat 02 May 2026 09:20:21 +0000 ROA not after: Sat 01 May 2027 09:25:21 +0000 asID: 153573 IP address blocks: 163.61.47.0/24 maxlen: 24 2001:df5:740::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e8:4a:4d:0a:c6:14:08:6f:20:ed:a8:98:98:36:8f:51:88:d2:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:21 2026 GMT Not After : May 1 09:25:21 2027 GMT Subject: CN=484F468D5ABE1C8CCF1BC6A408A8BF2D1C10D73B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:51:be:f7:76:9b:b8:b0:bd:20:f7:6f:07:48: 42:ce:ac:ef:85:05:2a:85:0f:f0:0d:e7:03:c2:fb: f4:f6:6a:b5:14:7a:db:22:27:12:a4:ae:d1:d3:40: f3:01:f3:92:31:59:2f:32:fb:29:0a:38:fd:b0:5b: 00:a4:38:d2:c0:91:d9:8c:dc:0b:e4:d7:f4:2f:5e: eb:7d:39:8d:bc:6e:38:30:d4:b4:25:5c:97:45:d3: ef:e7:2e:40:ef:de:7e:25:c6:78:29:34:a0:6f:17: 1b:28:16:e7:d3:ed:34:79:98:01:4a:c6:1d:f7:67: 1f:d5:07:b5:26:b0:57:ad:f7:83:2c:8f:ac:c8:92: 04:61:6a:c0:b5:49:65:8e:a2:7f:54:26:6e:55:81: d1:62:58:5f:27:29:e2:63:ea:4c:9b:6d:f5:82:f5: 41:a9:6f:ee:19:ba:32:bb:8a:f3:a2:97:47:e1:78: 5f:69:d9:d4:8a:79:6c:fe:3a:e9:df:c3:0b:5f:bc: 8a:92:12:15:49:af:66:d7:8c:5a:bc:be:9b:f3:0b: 31:ad:c2:e3:ae:ab:e0:9f:09:2f:13:fd:3e:e9:34: 1f:27:95:2c:bf:9a:66:5c:3e:26:13:b3:fa:4c:7f: e2:9a:0c:ff:6b:b6:5f:dc:f0:af:39:08:d9:75:e2: 53:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:4F:46:8D:5A:BE:1C:8C:CF:1B:C6:A4:08:A8:BF:2D:1C:10:D7:3B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153573.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.47.0/24 IPv6: 2001:df5:740::/48 Signature Algorithm: sha256WithRSAEncryption 68:bc:ff:35:c1:53:18:aa:65:cc:ef:64:f8:44:a7:0c:00:86: 8d:bb:98:be:ce:ae:e2:72:7f:62:c0:66:42:67:c4:13:30:53: 21:de:ab:f6:d6:d6:d3:11:9c:c9:cc:fb:0f:a8:f9:56:3a:68: 14:ca:4f:42:03:fd:40:a1:59:de:78:2c:26:2f:c7:64:fc:89: 83:d0:60:0c:33:90:3f:8b:00:6e:ab:69:14:32:e7:e9:a0:d8: d0:5d:e5:b5:bf:fd:c3:27:2e:69:18:db:b8:c5:ae:cf:e9:62: ed:0f:1b:55:97:54:b5:9a:d7:54:4b:53:0d:b4:f0:b1:1f:fd: 3c:f2:2a:e5:ca:9f:15:cb:55:70:6a:25:19:a6:f5:f6:cb:8d: 2e:ae:7d:65:93:03:8e:8b:9e:19:c8:5a:f9:b0:6f:e6:37:9d: 3e:65:6e:87:12:36:7c:76:cc:be:73:70:98:4f:5e:3d:36:3d: 80:1c:a4:bc:a5:9b:84:40:74:5e:5a:f0:1f:8f:c4:df:23:fa: db:65:58:b8:eb:32:9f:33:a1:32:a7:85:3f:ed:a0:c5:86:94: fd:6c:c7:19:00:e4:ce:78:c7:44:ef:6d:4a:d0:b3:14:28:69: fe:08:f6:0f:2c:c3:41:70:37:3e:90:2d:00:82:92:68:b2:b9: 75:d1:fd:dc -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUNehKTQrGFAhvIO2omJg2j1GI0rYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjAyMVoX DTI3MDUwMTA5MjUyMVowMzExMC8GA1UEAxMoNDg0RjQ2OEQ1QUJFMUM4Q0NGMUJD NkE0MDhBOEJGMkQxQzEwRDczQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK1Rvvd2m7iwvSD3bwdIQs6s74UFKoUP8A3nA8L79PZqtRR62yInEqSu0dNA 8wHzkjFZLzL7KQo4/bBbAKQ40sCR2YzcC+TX9C9e6305jbxuODDUtCVcl0XT7+cu QO/efiXGeCk0oG8XGygW59PtNHmYAUrGHfdnH9UHtSawV633gyyPrMiSBGFqwLVJ ZY6if1QmblWB0WJYXycp4mPqTJtt9YL1Qalv7hm6MruK86KXR+F4X2nZ1Ip5bP46 6d/DC1+8ipISFUmvZteMWry+m/MLMa3C466r4J8JLxP9Puk0HyeVLL+aZlw+JhOz +kx/4poM/2u2X9zwrzkI2XXiUyMCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBRIT0aN Wr4cjM8bxqQIqL8tHBDXOzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNTczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQAoz0vMA8EAgACMAkDBwAgAQ31B0AwDQYJKoZIhvcNAQELBQADggEBAGi8 /zXBUxiqZczvZPhEpwwAho27mL7OruJyf2LAZkJnxBMwUyHeq/bW1tMRnMnM+w+o +VY6aBTKT0ID/UChWd54LCYvx2T8iYPQYAwzkD+LAG6raRQy5+mg2NBd5bW//cMn LmkY27jFrs/pYu0PG1WXVLWa11RLUw208LEf/TzyKuXKnxXLVXBqJRmm9fbLjS6u fWWTA46LnhnIWvmwb+Y3nT5lbocSNnx2zL5zcJhPXj02PYAcpLylm4RAdF5a8B+P xN8j+ttlWLjrMp8zoTKnhT/toMWGlP1sxxkA5M54x0TvbUrQsxQoaf4I9g8sw0Fw Nz6QLQCCkmiyuXXR/dw= -----END CERTIFICATE-----Generated at Sun May 3 00:40:40 2026 by rpki-client