$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153910.roa File: AS153910.roa (raw, json) Hash identifier: kmua7knCgFbzqWwj/oaLvWy1PXBFranCUw21COJUCLg= Subject key identifier: 23:79:09:98:13:7D:7F:AA:12:30:F0:50:F9:87:AC:77:9B:59:AD:51 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3AC0E89FECE5C3DF8FD02A1DF1C7325841EBEFA3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153910.roa Signing time: Sat 02 May 2026 08:34:48 +0000 ROA not before: Sat 02 May 2026 08:29:48 +0000 ROA not after: Sat 01 May 2027 08:34:48 +0000 asID: 153910 IP address blocks: 2001:df5:93c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:c0:e8:9f:ec:e5:c3:df:8f:d0:2a:1d:f1:c7:32:58:41:eb:ef:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:29:48 2026 GMT Not After : May 1 08:34:48 2027 GMT Subject: CN=23790998137D7FAA1230F050F987AC779B59AD51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:83:b7:24:33:05:98:29:61:cb:96:b8:b2:87: 2b:db:09:47:83:14:c9:28:98:32:e1:61:70:3d:30: 91:d3:12:14:29:53:f7:d9:80:aa:52:75:95:23:20: 58:f0:d9:c0:61:ce:8f:9c:c4:84:4b:f2:f0:6b:cf: cc:9f:d6:2e:2e:1c:1e:43:83:c5:c2:bb:61:08:6a: ea:0f:96:0e:01:fa:65:41:3f:e5:a1:7e:c5:b5:c4: 39:45:c2:25:95:9f:cf:c7:35:23:6d:38:5c:a4:f5: 01:f9:d3:15:ec:90:bb:67:37:b6:ba:a0:ff:7d:a5: 4b:20:ae:62:78:5e:eb:b7:ec:80:c7:c1:1a:e2:78: 07:3c:78:d4:fd:2e:e0:b9:26:57:c7:c3:cf:fd:3e: 29:77:c2:da:c5:3c:8e:ea:5d:bf:53:46:58:3e:5b: 41:14:f3:f9:f6:e2:02:99:dc:c8:d0:ba:70:c0:c5: c3:21:91:39:dd:14:31:bc:c8:25:ab:bf:f4:71:f3: aa:c8:da:1a:a3:8b:4d:01:b2:2f:70:fd:66:99:25: de:06:bf:ab:c1:3b:c6:11:03:8e:e0:00:f3:0b:33: 69:e2:63:4b:f8:8f:da:71:a2:75:ab:a5:0d:1e:b3: 87:cf:af:06:45:63:5a:42:4c:9d:ba:0b:82:49:23: a6:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:79:09:98:13:7D:7F:AA:12:30:F0:50:F9:87:AC:77:9B:59:AD:51 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153910.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:93c0::/48 Signature Algorithm: sha256WithRSAEncryption 3a:39:d4:39:49:26:bd:f1:e2:b4:e9:96:37:ca:65:12:3b:eb: 81:dd:dd:67:97:65:fa:25:4f:a4:f7:2a:66:94:b5:8d:28:99: 96:31:a4:de:c8:ca:6a:80:66:b6:47:21:5c:0a:56:ef:de:c1: 22:46:f8:cc:28:48:fc:95:99:06:e7:19:e8:90:e7:e0:33:2e: fe:fe:0f:7e:71:a6:87:f4:d4:40:e1:ae:6c:72:d2:34:8e:c2: a2:f4:8e:6c:eb:05:10:ab:cb:f9:a1:61:3b:a5:50:25:72:35: 3e:d8:65:e0:92:ba:d4:cb:53:38:d2:d2:f8:9b:bb:92:d4:1d: 4f:78:ce:88:77:3a:55:fa:4d:30:a0:a4:2a:87:82:2c:c8:95: f6:fd:c7:d2:f2:c3:f0:01:3e:65:c6:97:80:4c:82:31:ce:40: dd:6f:bc:2d:34:d5:78:e9:86:fc:01:98:fb:73:5f:e1:e9:42: ec:2a:d3:d5:53:ef:ac:f2:d6:b4:fb:63:d9:22:ae:fa:38:f3: 1d:e5:98:9a:9d:0c:ca:65:94:7c:ee:ce:94:b5:0d:6f:9e:b1: 31:1d:58:b2:7c:31:d6:d8:54:2b:4b:9a:0c:da:fa:7b:13:70: d7:be:1b:a6:ca:39:50:7c:8f:4d:04:58:0a:eb:d8:d7:cd:24: 7e:c5:1f:67 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUOsDon+zlw9+P0Cod8ccyWEHr76MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4Mjk0OFoX DTI3MDUwMTA4MzQ0OFowMzExMC8GA1UEAxMoMjM3OTA5OTgxMzdEN0ZBQTEyMzBG MDUwRjk4N0FDNzc5QjU5QUQ1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKCDtyQzBZgpYcuWuLKHK9sJR4MUySiYMuFhcD0wkdMSFClT99mAqlJ1lSMg WPDZwGHOj5zEhEvy8GvPzJ/WLi4cHkODxcK7YQhq6g+WDgH6ZUE/5aF+xbXEOUXC JZWfz8c1I204XKT1AfnTFeyQu2c3trqg/32lSyCuYnhe67fsgMfBGuJ4Bzx41P0u 4LkmV8fDz/0+KXfC2sU8jupdv1NGWD5bQRTz+fbiApncyNC6cMDFwyGROd0UMbzI Jau/9HHzqsjaGqOLTQGyL3D9Zpkl3ga/q8E7xhEDjuAA8wszaeJjS/iP2nGidaul DR6zh8+vBkVjWkJMnboLgkkjppsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQjeQmY E31/qhIw8FD5h6x3m1mtUTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTEwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9ZPAMA0GCSqGSIb3DQEBCwUAA4IBAQA6OdQ5SSa98eK06ZY3ymUS O+uB3d1nl2X6JU+k9ypmlLWNKJmWMaTeyMpqgGa2RyFcClbv3sEiRvjMKEj8lZkG 5xnokOfgMy7+/g9+caaH9NRA4a5sctI0jsKi9I5s6wUQq8v5oWE7pVAlcjU+2GXg krrUy1M40tL4m7uS1B1PeM6IdzpV+k0woKQqh4IsyJX2/cfS8sPwAT5lxpeATIIx zkDdb7wtNNV46Yb8AZj7c1/h6ULsKtPVU++s8ta0+2PZIq76OPMd5ZianQzKZZR8 7s6UtQ1vnrExHViyfDHW2FQrS5oM2vp7E3DXvhumyjlQfI9NBFgK69jXzSR+xR9n -----END CERTIFICATE-----Generated at Sun May 3 00:39:47 2026 by rpki-client