$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153903.roa File: AS153903.roa (raw, json) Hash identifier: /hwJOz2pAhBBmhqO9Z30+ykyLeUDEy1vt1lmshdQH3M= Subject key identifier: 38:62:BD:13:3B:12:DE:E7:B5:59:B5:F6:86:64:4B:12:FA:AB:39:A7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 11E6741F4AB35B59863CA6BC670E9CBEA284B991 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153903.roa Signing time: Sat 02 May 2026 09:26:22 +0000 ROA not before: Sat 02 May 2026 09:21:22 +0000 ROA not after: Sat 01 May 2027 09:26:22 +0000 asID: 153903 IP address blocks: 2001:df5:8740::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:e6:74:1f:4a:b3:5b:59:86:3c:a6:bc:67:0e:9c:be:a2:84:b9:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:22 2026 GMT Not After : May 1 09:26:22 2027 GMT Subject: CN=3862BD133B12DEE7B559B5F686644B12FAAB39A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:cf:59:79:bc:44:33:54:9a:a6:0f:d1:3a:ae: 53:5d:c2:3d:6d:1e:86:1a:e9:19:fd:41:bc:63:e3: be:e2:08:cd:d8:75:70:30:e4:87:0b:54:ef:be:db: 97:1a:e3:cc:1c:83:68:c0:a4:ba:5d:f0:d7:ed:52: cd:9c:83:51:d6:22:cd:96:89:b7:5b:53:d3:26:ca: 33:00:66:ce:80:82:57:2c:ea:76:52:b4:a2:61:68: 24:09:82:aa:fe:09:a0:b0:ea:63:10:52:8e:95:9e: 83:38:31:2b:b2:5d:c7:bb:11:e6:af:42:21:97:03: 7f:15:71:f9:3f:db:8f:34:f1:21:96:d9:a0:e2:70: 4b:b2:03:26:27:c3:1e:25:4e:46:aa:42:25:7e:48: 3e:a6:c6:d8:6e:be:de:86:d7:b4:ac:2a:8d:f4:6e: ee:07:c5:74:a5:33:b5:fa:47:5e:06:11:24:b1:50: 90:43:88:ab:4f:58:58:a4:32:cd:9b:83:53:a2:42: 84:e7:28:40:e5:9b:9b:33:e6:f6:6d:59:48:63:08: 73:30:0c:4a:cf:97:3b:0a:25:49:c9:46:f2:ec:30: 78:fe:37:e5:01:6a:2c:70:4b:a0:e2:f6:58:40:df: 27:18:fa:93:f2:1d:8f:4d:05:34:b4:e2:39:e2:f6: b9:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:62:BD:13:3B:12:DE:E7:B5:59:B5:F6:86:64:4B:12:FA:AB:39:A7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153903.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:8740::/48 Signature Algorithm: sha256WithRSAEncryption a0:52:c7:56:82:06:79:62:71:53:24:fc:94:d7:bc:e4:39:fa: 3f:7d:7f:92:8b:a8:14:a6:65:75:78:78:fb:14:47:a6:ba:9a: 60:e4:47:36:78:d9:2c:d4:a4:68:44:77:e6:d6:d6:5c:73:b8: 16:85:13:42:22:92:ff:65:66:cd:25:e3:e1:4f:62:4c:b5:c1: 18:e3:22:7c:93:73:87:1d:aa:e8:5c:b3:76:c1:b4:0c:38:7b: d6:7c:fb:a3:cb:5d:ac:21:0d:46:c9:cb:5b:aa:f6:e4:29:0e: 97:eb:af:52:0a:ac:9b:f0:45:7f:9b:d6:ac:04:58:9e:1f:88: 95:dd:22:1c:a8:a1:15:98:2a:68:c9:3b:99:36:ae:2b:1a:df: 17:9e:b1:2b:df:b6:cf:d3:ca:a2:19:01:92:bf:64:b9:14:3e: d4:09:7e:a4:1a:49:c6:07:c6:be:cf:e2:97:df:9b:1b:a8:28: 6f:49:60:b7:b2:11:25:ca:99:43:93:03:47:56:32:17:92:f8: dc:fd:45:34:bb:9f:21:87:05:a6:b8:bc:93:49:7a:8e:90:67: 69:cb:4e:e6:59:2f:c7:8f:e1:4c:74:65:12:dd:09:da:7e:28: 0c:5d:eb:4e:c1:b6:4b:4e:2b:fc:ee:c8:36:e8:03:85:89:f3: e2:40:e6:03 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUEeZ0H0qzW1mGPKa8Zw6cvqKEuZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEyMloX DTI3MDUwMTA5MjYyMlowMzExMC8GA1UEAxMoMzg2MkJEMTMzQjEyREVFN0I1NTlC NUY2ODY2NDRCMTJGQUFCMzlBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJrPWXm8RDNUmqYP0TquU13CPW0ehhrpGf1BvGPjvuIIzdh1cDDkhwtU777b lxrjzByDaMCkul3w1+1SzZyDUdYizZaJt1tT0ybKMwBmzoCCVyzqdlK0omFoJAmC qv4JoLDqYxBSjpWegzgxK7Jdx7sR5q9CIZcDfxVx+T/bjzTxIZbZoOJwS7IDJifD HiVORqpCJX5IPqbG2G6+3obXtKwqjfRu7gfFdKUztfpHXgYRJLFQkEOIq09YWKQy zZuDU6JChOcoQOWbmzPm9m1ZSGMIczAMSs+XOwolSclG8uwweP435QFqLHBLoOL2 WEDfJxj6k/Idj00FNLTiOeL2uWkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQ4Yr0T OxLe57VZtfaGZEsS+qs5pzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTAzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9YdAMA0GCSqGSIb3DQEBCwUAA4IBAQCgUsdWggZ5YnFTJPyU17zk Ofo/fX+Si6gUpmV1eHj7FEemuppg5Ec2eNks1KRoRHfm1tZcc7gWhRNCIpL/ZWbN JePhT2JMtcEY4yJ8k3OHHaroXLN2wbQMOHvWfPujy12sIQ1GyctbqvbkKQ6X669S Cqyb8EV/m9asBFieH4iV3SIcqKEVmCpoyTuZNq4rGt8XnrEr37bP08qiGQGSv2S5 FD7UCX6kGknGB8a+z+KX35sbqChvSWC3shElyplDkwNHVjIXkvjc/UU0u58hhwWm uLyTSXqOkGdpy07mWS/Hj+FMdGUS3QnafigMXetOwbZLTiv87sg26AOFifPiQOYD -----END CERTIFICATE-----Generated at Sun May 3 00:39:52 2026 by rpki-client