$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153658.roa File: AS153658.roa (raw, json) Hash identifier: x0Ny8fYhFTsYFFGTuRipob82cUpp/TOuvUJtx5U64b8= Subject key identifier: 04:E2:FB:A2:D7:A8:E2:12:91:69:6D:5B:8C:62:A9:D7:A7:A5:57:C3 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7048F8330242EB22DAF39E2A94C2F048F12E2764 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153658.roa Signing time: Sat 02 May 2026 08:35:33 +0000 ROA not before: Sat 02 May 2026 08:30:33 +0000 ROA not after: Sat 01 May 2027 08:35:33 +0000 asID: 153658 IP address blocks: 163.61.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:48:f8:33:02:42:eb:22:da:f3:9e:2a:94:c2:f0:48:f1:2e:27:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:33 2026 GMT Not After : May 1 08:35:33 2027 GMT Subject: CN=04E2FBA2D7A8E21291696D5B8C62A9D7A7A557C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c1:f6:fd:77:0b:af:83:74:51:8c:8f:da:e4: ac:f3:41:1d:e9:8b:83:3a:1b:97:ab:72:7b:e8:26: b4:96:bb:f3:f2:81:52:86:e4:1d:5c:f2:34:04:f4: 90:d8:5f:ce:6b:80:42:38:70:4d:4e:07:05:8b:a3: 29:f2:57:e8:67:2e:d9:49:79:32:5e:c9:c4:f6:cd: 54:2a:73:cd:04:90:c5:c3:5e:b2:d6:19:9d:3c:d1: f1:9d:c3:8d:5d:66:2f:41:d0:e9:de:ff:78:0c:01: 80:17:bd:29:b1:4b:92:b6:50:d1:54:e6:d8:7f:b9: c7:cc:cd:be:9f:67:17:a4:e4:1b:4b:99:1d:a0:1f: 9e:8c:fb:5e:7c:7c:55:cc:dc:2a:84:ef:13:17:c3: 46:bc:a4:84:fb:91:94:d6:18:b6:1d:11:17:2b:d3: 0d:a0:40:66:99:38:bd:7b:88:e9:77:07:ea:f4:0a: 3d:0c:64:ab:ab:39:0d:c1:04:b2:04:98:b8:9a:fc: 8c:f2:0e:8a:8c:7d:1e:39:59:15:1f:c5:0f:d2:59: 7a:e8:86:9a:7e:c9:f3:6d:fa:62:65:4a:96:0d:ce: 6c:37:1f:df:1f:cf:8b:ae:64:cc:61:f3:30:a7:7a: 7f:87:1c:62:60:dd:9c:be:af:a6:2a:f1:fa:c1:74: fa:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:E2:FB:A2:D7:A8:E2:12:91:69:6D:5B:8C:62:A9:D7:A7:A5:57:C3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153658.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.254.0/24 Signature Algorithm: sha256WithRSAEncryption 75:eb:c3:17:a5:b7:66:4f:46:ba:a2:06:4f:9b:9c:9c:f1:6a: 0a:74:e6:a1:66:48:51:60:af:e1:09:c8:d8:b0:55:67:99:2b: 22:25:55:fb:fd:9c:4b:c3:99:15:04:32:4c:ab:27:73:2a:45: ce:4d:55:99:a0:0b:4a:b4:07:7f:f6:9d:02:44:62:87:ad:a9: 0a:cb:af:34:5b:d2:03:de:ca:b5:90:5d:f0:eb:be:53:3a:4b: 87:03:b7:78:32:fe:a0:3f:81:2e:79:a3:41:98:64:d2:8c:ed: 6f:b1:f9:e9:1a:af:ef:41:0b:e7:a2:1b:61:c2:81:3d:61:ae: 2c:a8:cc:f3:46:47:c0:87:48:65:b5:fd:e9:59:04:b5:a4:31: 7d:a9:77:e9:17:bf:c7:7a:84:42:99:4c:86:83:17:69:5e:c5: d1:bf:eb:ed:16:93:8f:8e:86:df:e7:73:da:d9:70:d6:aa:c9: 46:54:1f:f8:98:d3:09:ae:2e:1d:ea:be:37:56:ea:78:0b:fe: 27:80:dd:e1:37:ba:48:3b:af:94:22:09:c5:75:f0:04:f2:dc: 94:5e:f0:3f:6c:7b:ca:3a:d2:ae:27:e8:f6:5e:64:2c:6d:88: 94:85:c9:1c:1a:3c:ff:b3:67:24:54:bd:5d:83:ea:64:34:c4: 04:42:94:df -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUcEj4MwJC6yLa854qlMLwSPEuJ2QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzAzM1oX DTI3MDUwMTA4MzUzM1owMzExMC8GA1UEAxMoMDRFMkZCQTJEN0E4RTIxMjkxNjk2 RDVCOEM2MkE5RDdBN0E1NTdDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7B9v13C6+DdFGMj9rkrPNBHemLgzobl6tye+gmtJa78/KBUobkHVzyNAT0 kNhfzmuAQjhwTU4HBYujKfJX6Gcu2Ul5Ml7JxPbNVCpzzQSQxcNestYZnTzR8Z3D jV1mL0HQ6d7/eAwBgBe9KbFLkrZQ0VTm2H+5x8zNvp9nF6TkG0uZHaAfnoz7Xnx8 VczcKoTvExfDRrykhPuRlNYYth0RFyvTDaBAZpk4vXuI6XcH6vQKPQxkq6s5DcEE sgSYuJr8jPIOiox9HjlZFR/FD9JZeuiGmn7J8236YmVKlg3ObDcf3x/Pi65kzGHz MKd6f4ccYmDdnL6vpirx+sF0+m8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQE4vui 16jiEpFpbVuMYqnXp6VXwzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNjU4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAoz3+MA0GCSqGSIb3DQEBCwUAA4IBAQB168MXpbdmT0a6ogZPm5yc8WoK dOahZkhRYK/hCcjYsFVnmSsiJVX7/ZxLw5kVBDJMqydzKkXOTVWZoAtKtAd/9p0C RGKHrakKy680W9ID3sq1kF3w675TOkuHA7d4Mv6gP4EueaNBmGTSjO1vsfnpGq/v QQvnohthwoE9Ya4sqMzzRkfAh0hltf3pWQS1pDF9qXfpF7/HeoRCmUyGgxdpXsXR v+vtFpOPjobf53Pa2XDWqslGVB/4mNMJri4d6r43Vup4C/4ngN3hN7pIO6+UIgnF dfAE8tyUXvA/bHvKOtKuJ+j2XmQsbYiUhckcGjz/s2ckVL1dg+pkNMQEQpTf -----END CERTIFICATE-----Generated at Sun May 3 00:39:54 2026 by rpki-client