$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153717.roa File: AS153717.roa (raw, json) Hash identifier: 4PkYJ0s/j6mLkos8v2E3JP6W3Mvw/W3G9JB/mAUdEEU= Subject key identifier: D7:08:90:75:4B:D2:36:5F:A7:FD:8C:51:B6:3D:99:FD:76:74:76:10 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0BE824479030EA5DEFA769D15B6646C38D90F229 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153717.roa Signing time: Sat 02 May 2026 09:26:29 +0000 ROA not before: Sat 02 May 2026 09:21:29 +0000 ROA not after: Sat 01 May 2027 09:26:29 +0000 asID: 153717 IP address blocks: 163.223.142.0/23 maxlen: 24 2001:df5:4240::/48 maxlen: 48 2407:ed40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:e8:24:47:90:30:ea:5d:ef:a7:69:d1:5b:66:46:c3:8d:90:f2:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:29 2026 GMT Not After : May 1 09:26:29 2027 GMT Subject: CN=D70890754BD2365FA7FD8C51B63D99FD76747610 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:dc:36:e7:e6:f9:52:c4:b6:8c:b7:fb:75:37: 6e:ae:e5:a9:c9:9e:5a:46:d9:67:e0:eb:fd:8b:c4: b6:6e:00:cb:94:8f:85:f5:25:74:97:8b:8d:42:f3: 26:cd:64:5d:27:42:d5:16:ed:6c:90:19:ad:7b:e0: 94:81:04:32:7f:0c:eb:29:86:b5:25:86:95:7d:63: 58:a6:72:cd:70:49:4b:97:42:bf:67:2b:da:07:15: 35:00:7b:20:27:41:ea:32:8a:71:54:8c:db:c5:2a: d9:49:b3:e3:02:ab:09:d6:24:1f:b6:89:e4:94:ae: d1:7b:58:98:1b:2a:bc:bf:e1:79:03:81:b3:43:6b: 09:a6:d4:d1:91:1a:d8:ab:c8:e5:09:2c:db:bd:1d: 2c:e4:82:43:43:81:ce:79:f4:1a:d9:5c:18:98:c7: cf:9f:87:d5:53:18:61:7d:58:39:d8:df:bd:c2:4c: cf:db:c0:f7:23:b5:b1:cc:e5:84:9a:86:b4:3c:e5: 2f:92:2e:5b:9c:92:07:c0:40:95:4b:6b:8e:d0:33: 17:cf:43:b8:11:c4:85:d4:06:e5:19:92:54:c5:98: e9:21:ff:85:f5:a9:6c:47:b9:97:12:0e:ad:73:9c: ce:3b:fb:32:b3:c2:69:8a:34:38:93:bd:c9:50:eb: 00:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:08:90:75:4B:D2:36:5F:A7:FD:8C:51:B6:3D:99:FD:76:74:76:10 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153717.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.142.0/23 IPv6: 2001:df5:4240::/48 2407:ed40::/32 Signature Algorithm: sha256WithRSAEncryption 89:51:b7:8a:9e:dd:87:7d:c5:70:94:b5:98:43:0c:d8:02:17: 1b:fd:f2:58:05:65:aa:31:60:9b:fc:a2:9e:34:25:54:19:6a: 78:be:a2:18:cd:e4:f5:86:8a:76:05:93:de:8d:f1:54:df:bd: c4:de:c6:48:91:b2:b1:8d:76:c7:1a:e0:95:4f:ab:a4:9b:e5: f2:69:eb:78:3d:50:93:9c:9b:cb:04:8f:3f:01:fb:ea:d3:6e: ac:d9:7f:54:7a:5f:69:3e:c4:20:e4:2a:2f:21:d2:d9:0b:c3: 9e:79:ee:2a:d1:02:d8:8d:c9:22:20:ff:c0:fd:b7:14:f7:d7: c8:ac:10:44:b0:52:4c:2c:31:a7:78:17:f0:f7:38:34:5d:08: 74:6d:9f:a7:95:c0:af:1b:c0:03:4a:ac:ba:47:7f:3e:31:dd: e5:4c:be:5e:e1:75:dd:4f:1b:18:76:f7:79:50:8c:2d:fb:bf: 04:f6:cf:dc:b9:c0:ec:af:4f:7b:e1:00:79:71:5b:73:6f:64: 11:40:1a:28:9c:f4:20:8c:b8:4a:48:c1:c4:fb:66:7d:52:90: bb:e1:68:a8:f4:30:2f:5c:b0:67:e2:bc:7c:d4:5a:24:e3:e4: 67:d1:51:10:78:65:f6:c4:73:6f:3c:b8:e0:b1:4b:48:f9:36: 3a:85:a2:c3 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUC+gkR5Aw6l3vp2nRW2ZGw42Q8ikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEyOVoX DTI3MDUwMTA5MjYyOVowMzExMC8GA1UEAxMoRDcwODkwNzU0QkQyMzY1RkE3RkQ4 QzUxQjYzRDk5RkQ3Njc0NzYxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKbcNufm+VLEtoy3+3U3bq7lqcmeWkbZZ+Dr/YvEtm4Ay5SPhfUldJeLjULz Js1kXSdC1RbtbJAZrXvglIEEMn8M6ymGtSWGlX1jWKZyzXBJS5dCv2cr2gcVNQB7 ICdB6jKKcVSM28Uq2Umz4wKrCdYkH7aJ5JSu0XtYmBsqvL/heQOBs0NrCabU0ZEa 2KvI5Qks270dLOSCQ0OBznn0GtlcGJjHz5+H1VMYYX1YOdjfvcJMz9vA9yO1sczl hJqGtDzlL5IuW5ySB8BAlUtrjtAzF89DuBHEhdQG5RmSVMWY6SH/hfWpbEe5lxIO rXOczjv7MrPCaYo0OJO9yVDrAGUCAwEAAaOCAeQwggHgMB0GA1UdDgQWBBTXCJB1 S9I2X6f9jFG2PZn9dnR2EDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNzE3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIA ATAGAwQBo9+OMBYEAgACMBADBwAgAQ31QkADBQAkB+1AMA0GCSqGSIb3DQEBCwUA A4IBAQCJUbeKnt2HfcVwlLWYQwzYAhcb/fJYBWWqMWCb/KKeNCVUGWp4vqIYzeT1 hop2BZPejfFU373E3sZIkbKxjXbHGuCVT6ukm+Xyaet4PVCTnJvLBI8/Afvq026s 2X9Uel9pPsQg5CovIdLZC8Oeee4q0QLYjckiIP/A/bcU99fIrBBEsFJMLDGneBfw 9zg0XQh0bZ+nlcCvG8ADSqy6R38+Md3lTL5e4XXdTxsYdvd5UIwt+78E9s/cucDs r0974QB5cVtzb2QRQBoonPQgjLhKSMHE+2Z9UpC74Wio9DAvXLBn4rx81Fok4+Rn 0VEQeGX2xHNvPLjgsUtI+TY6haLD -----END CERTIFICATE-----Generated at Sun May 3 00:39:49 2026 by rpki-client