$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153727.roa File: AS153727.roa (raw, json) Hash identifier: 43akkuEiNFpvJxlToU93hKdvxhTgFE8/axP/Cdlh0ao= Subject key identifier: 3A:55:67:B9:CD:E0:96:87:C6:5E:5B:54:1D:4B:01:E1:12:59:70:39 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3BB2A91129A8CBFC8EF3CD57B316F9310E656911 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153727.roa Signing time: Sat 02 May 2026 09:26:18 +0000 ROA not before: Sat 02 May 2026 09:21:18 +0000 ROA not after: Sat 01 May 2027 09:26:18 +0000 asID: 153727 IP address blocks: 163.223.137.0/24 maxlen: 24 2001:df5:42c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:b2:a9:11:29:a8:cb:fc:8e:f3:cd:57:b3:16:f9:31:0e:65:69:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:18 2026 GMT Not After : May 1 09:26:18 2027 GMT Subject: CN=3A5567B9CDE09687C65E5B541D4B01E112597039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ad:bc:c7:f4:b7:27:dc:dd:41:27:81:e6:09: a3:8f:10:fa:5d:92:54:61:2b:0a:7e:a4:7e:eb:da: 52:36:31:12:52:84:e4:b2:38:5a:06:8e:42:7e:f2: 0f:b1:39:8a:e7:c1:11:76:dc:17:02:c3:30:4a:55: 64:68:68:63:89:ba:50:cd:5f:f5:d5:4d:73:52:2e: ae:69:6f:d4:9b:00:36:0a:b5:91:e9:6b:53:37:8f: fe:bf:f7:2e:32:a7:0b:d5:0e:af:74:3e:a8:9e:44: 5a:27:40:d5:b4:0d:34:ed:cd:33:48:c4:7a:86:5b: 7d:ec:5c:9d:08:aa:c1:d8:e6:3d:66:bd:7e:74:e5: c1:11:90:57:72:9e:88:36:08:87:67:89:d1:62:99: ee:a1:05:8f:a2:ac:5c:32:a0:73:fa:35:91:0e:63: b9:56:66:1f:e3:88:6d:5b:24:c2:f9:94:10:eb:5a: 77:8e:fe:1a:23:04:7a:5f:c4:a9:f9:d5:d3:e1:39: 45:2b:82:73:71:e1:8f:15:53:9a:40:3c:16:78:12: 85:35:3c:67:d0:3a:b8:31:5c:ea:67:37:7f:13:3e: 79:19:b1:f8:b2:59:35:55:0c:25:29:81:24:da:6b: 2e:fa:b5:58:00:92:f4:68:3f:26:6d:7f:6e:3b:e0: 85:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:55:67:B9:CD:E0:96:87:C6:5E:5B:54:1D:4B:01:E1:12:59:70:39 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153727.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.137.0/24 IPv6: 2001:df5:42c0::/48 Signature Algorithm: sha256WithRSAEncryption 82:80:2d:38:e0:65:08:26:6c:a6:af:64:eb:80:9a:c9:19:08: 64:2c:eb:cb:49:f6:c8:6a:27:54:6e:17:52:fb:ce:40:dc:72: 7c:9c:c8:5d:97:31:cd:47:4b:9b:55:87:43:8e:83:47:7f:b6: 53:77:88:d1:39:c0:b3:e9:9a:dc:93:98:b2:b0:fb:23:91:84: 51:e1:68:80:16:67:94:26:73:33:df:b6:9b:60:af:55:14:d2: 8a:66:14:2a:53:d3:8d:a8:e7:c7:e0:8c:f6:6a:06:f6:77:36: e8:73:81:c6:57:7b:65:93:24:f4:3f:8c:8a:06:28:e4:d2:93: e0:b2:e6:d8:f7:91:31:c5:29:49:8b:c6:f8:6d:f0:b1:29:53: 83:93:df:1c:4f:30:da:1c:d1:67:1a:8d:65:fe:58:d5:8a:c9: d8:d8:67:37:f6:32:b1:2c:ff:16:53:2e:90:61:e3:65:70:ec: 10:74:c5:c4:ea:7d:2f:cd:a8:03:1a:72:43:2b:bb:38:67:0c: 80:5d:9e:91:28:5a:5e:9c:f2:db:df:72:35:8b:39:80:28:a9: d2:da:01:8b:34:75:fb:5d:2c:39:f4:d9:29:8b:ec:fb:96:65: c6:08:4f:f3:eb:92:b3:99:6a:00:d0:a5:49:6d:77:c7:e4:35: ae:46:0f:62 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUO7KpESmoy/yO881Xsxb5MQ5laREwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjExOFoX DTI3MDUwMTA5MjYxOFowMzExMC8GA1UEAxMoM0E1NTY3QjlDREUwOTY4N0M2NUU1 QjU0MUQ0QjAxRTExMjU5NzAzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM6tvMf0tyfc3UEngeYJo48Q+l2SVGErCn6kfuvaUjYxElKE5LI4WgaOQn7y D7E5iufBEXbcFwLDMEpVZGhoY4m6UM1f9dVNc1Iurmlv1JsANgq1kelrUzeP/r/3 LjKnC9UOr3Q+qJ5EWidA1bQNNO3NM0jEeoZbfexcnQiqwdjmPWa9fnTlwRGQV3Ke iDYIh2eJ0WKZ7qEFj6KsXDKgc/o1kQ5juVZmH+OIbVskwvmUEOtad47+GiMEel/E qfnV0+E5RSuCc3HhjxVTmkA8FngShTU8Z9A6uDFc6mc3fxM+eRmx+LJZNVUMJSmB JNprLvq1WACS9Gg/Jm1/bjvghb8CAwEAAaOCAd0wggHZMB0GA1UdDgQWBBQ6VWe5 zeCWh8ZeW1QdSwHhEllwOTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNzI3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQAo9+JMA8EAgACMAkDBwAgAQ31QsAwDQYJKoZIhvcNAQELBQADggEBAIKA LTjgZQgmbKavZOuAmskZCGQs68tJ9shqJ1RuF1L7zkDccnycyF2XMc1HS5tVh0OO g0d/tlN3iNE5wLPpmtyTmLKw+yORhFHhaIAWZ5QmczPftptgr1UU0opmFCpT042o 58fgjPZqBvZ3NuhzgcZXe2WTJPQ/jIoGKOTSk+Cy5tj3kTHFKUmLxvht8LEpU4OT 3xxPMNoc0WcajWX+WNWKydjYZzf2MrEs/xZTLpBh42Vw7BB0xcTqfS/NqAMackMr uzhnDIBdnpEoWl6c8tvfcjWLOYAoqdLaAYs0dftdLDn02SmL7PuWZcYIT/PrkrOZ agDQpUltd8fkNa5GD2I= -----END CERTIFICATE-----Generated at Sun May 3 00:39:51 2026 by rpki-client