$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153768.roa File: AS153768.roa (raw, json) Hash identifier: AZPftKFM0y3c6v0fT610+D+7EIEG0+yYxG0fptZ33yQ= Subject key identifier: 18:FB:A2:2F:8B:F5:91:2B:EB:30:A1:1C:0A:42:4B:BB:33:A2:81:68 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3D2EE2C518EEC7A9D87FA56EDD91B3BAF8FA9D2E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153768.roa Signing time: Sat 02 May 2026 09:24:45 +0000 ROA not before: Sat 02 May 2026 09:19:45 +0000 ROA not after: Sat 01 May 2027 09:24:45 +0000 asID: 153768 IP address blocks: 163.223.116.0/23 maxlen: 24 2001:df5:3e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:2e:e2:c5:18:ee:c7:a9:d8:7f:a5:6e:dd:91:b3:ba:f8:fa:9d:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:19:45 2026 GMT Not After : May 1 09:24:45 2027 GMT Subject: CN=18FBA22F8BF5912BEB30A11C0A424BBB33A28168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:30:73:c4:90:b5:f5:4e:3c:c7:17:5c:0a:62: ab:11:11:84:c9:c3:09:65:09:fe:27:9e:d8:39:62: 48:3f:97:98:95:cd:68:dc:01:b9:d9:f8:1e:af:cf: 5c:b7:5b:06:4b:5a:c6:a5:a6:81:ac:f6:a0:11:ec: 5f:b1:b5:9d:24:7f:71:a2:f2:58:f6:6e:51:61:18: ba:54:97:76:f3:d2:28:5e:69:aa:d6:70:75:71:03: ce:1a:b9:6d:7d:d4:f4:e9:b7:45:b3:51:c5:99:67: f3:ec:79:62:3e:3e:9c:67:93:e4:fa:9c:ae:f3:66: cb:0c:05:6d:93:09:80:d3:a8:7d:ed:e5:9e:50:d4: 39:21:b9:36:5a:9c:e9:5e:72:e6:c1:c5:07:55:7c: 9c:da:a9:ec:3c:a6:31:5c:1f:98:7f:64:34:7e:db: d9:b1:ce:26:a1:76:2e:5e:24:b9:8c:7d:0f:be:d0: 09:27:70:f3:95:ff:77:9c:1b:28:85:05:b8:f6:30: 6f:8d:57:23:5b:ec:e6:b0:ce:d9:81:ff:d4:bb:ed: 24:12:20:61:f0:36:a9:3c:6f:39:48:0f:a2:41:e2: 87:c5:9f:c1:85:64:60:58:f7:3e:ac:0c:6c:ee:d8: 06:67:ae:e8:e2:bc:6d:3e:56:49:dc:14:4a:5a:db: 63:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:FB:A2:2F:8B:F5:91:2B:EB:30:A1:1C:0A:42:4B:BB:33:A2:81:68 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153768.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.116.0/23 IPv6: 2001:df5:3e40::/48 Signature Algorithm: sha256WithRSAEncryption 97:6e:cd:99:66:c2:03:57:90:a8:5f:24:54:8a:19:53:62:d6: 19:02:4b:17:6c:b2:45:71:fa:75:5f:5d:25:aa:2b:66:b6:da: 53:dc:b2:ed:9c:12:f8:78:73:31:21:1f:8d:c8:cf:e4:0d:24: a9:4c:bb:7f:9a:a7:ec:25:7e:2a:3e:c5:d4:4f:78:f5:23:f9: e3:7d:2e:27:f3:dd:8e:54:71:66:9c:8a:a1:09:b5:b6:93:e4: fe:63:3b:68:d2:00:f1:a0:c9:7a:a7:62:1f:0c:f2:42:9a:1e: 1b:b4:59:dc:aa:97:d6:0d:bb:48:6b:38:09:ee:cf:23:cd:b8: 83:b3:94:ea:e0:a9:58:4c:4f:2b:ce:55:dd:42:b9:51:7d:3a: 4b:0a:d4:c9:13:6b:c0:a5:79:f1:c1:a2:ec:56:80:0c:84:85: 1b:8d:03:db:14:ac:61:20:fa:ec:8c:9c:03:df:fc:e2:55:e3: 05:d8:78:21:aa:40:de:6c:f5:5c:bd:5c:50:12:a6:31:68:e2: 7c:7e:ff:bd:17:96:e2:50:42:78:b0:26:15:64:a8:e9:52:41: 32:11:60:e6:9e:cc:b5:55:2b:ee:87:05:1a:f2:fc:49:2e:37: 1b:73:fb:42:4d:72:aa:17:a1:f2:9c:a2:55:31:3c:97:8c:e4: 7c:ec:9a:54 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUPS7ixRjux6nYf6Vu3ZGzuvj6nS4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTk0NVoX DTI3MDUwMTA5MjQ0NVowMzExMC8GA1UEAxMoMThGQkEyMkY4QkY1OTEyQkVCMzBB MTFDMEE0MjRCQkIzM0EyODE2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKIwc8SQtfVOPMcXXApiqxERhMnDCWUJ/iee2DliSD+XmJXNaNwBudn4Hq/P XLdbBktaxqWmgaz2oBHsX7G1nSR/caLyWPZuUWEYulSXdvPSKF5pqtZwdXEDzhq5 bX3U9Om3RbNRxZln8+x5Yj4+nGeT5PqcrvNmywwFbZMJgNOofe3lnlDUOSG5Nlqc 6V5y5sHFB1V8nNqp7DymMVwfmH9kNH7b2bHOJqF2Ll4kuYx9D77QCSdw85X/d5wb KIUFuPYwb41XI1vs5rDO2YH/1LvtJBIgYfA2qTxvOUgPokHih8WfwYVkYFj3PqwM bO7YBmeu6OK8bT5WSdwUSlrbY6UCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBQY+6Iv i/WRK+swoRwKQku7M6KBaDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzNzY4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBo990MA8EAgACMAkDBwAgAQ31PkAwDQYJKoZIhvcNAQELBQADggEBAJdu zZlmwgNXkKhfJFSKGVNi1hkCSxdsskVx+nVfXSWqK2a22lPcsu2cEvh4czEhH43I z+QNJKlMu3+ap+wlfio+xdRPePUj+eN9Lifz3Y5UcWaciqEJtbaT5P5jO2jSAPGg yXqnYh8M8kKaHhu0Wdyql9YNu0hrOAnuzyPNuIOzlOrgqVhMTyvOVd1CuVF9OksK 1MkTa8ClefHBouxWgAyEhRuNA9sUrGEg+uyMnAPf/OJV4wXYeCGqQN5s9Vy9XFAS pjFo4nx+/70XluJQQniwJhVkqOlSQTIRYOaezLVVK+6HBRry/EkuNxtz+0JNcqoX ofKcolUxPJeM5HzsmlQ= -----END CERTIFICATE-----Generated at Sun May 3 01:40:57 2026 by rpki-client