$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153925.roa File: AS153925.roa (raw, json) Hash identifier: mg7v7Q7R7a7RGokLI9CYCiCtLSYsEcFj2PQmbSw9+rU= Subject key identifier: 7D:8B:D7:16:AE:A5:AE:C7:3D:C3:5C:33:FB:F7:84:8A:D5:2A:FB:04 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 600A5BBE673BB013081A60DFCB1E9F7D233FE3D6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153925.roa Signing time: Sat 02 May 2026 09:26:42 +0000 ROA not before: Sat 02 May 2026 09:21:42 +0000 ROA not after: Sat 01 May 2027 09:26:42 +0000 asID: 153925 IP address blocks: 2001:df5:92c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:0a:5b:be:67:3b:b0:13:08:1a:60:df:cb:1e:9f:7d:23:3f:e3:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:42 2026 GMT Not After : May 1 09:26:42 2027 GMT Subject: CN=7D8BD716AEA5AEC73DC35C33FBF7848AD52AFB04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ed:d0:d6:a1:97:8c:23:60:e8:54:1e:df:d3: f0:dc:89:13:96:32:20:58:b5:00:e0:c5:2f:d2:62: 94:cf:df:20:8b:e6:6e:05:c6:2a:6b:67:47:80:4e: 2d:c2:45:b8:80:a8:ea:97:25:f1:ef:57:36:f2:ea: 71:df:ec:65:43:f8:f2:6e:e1:05:1a:09:8d:8c:32: f6:89:9d:72:5d:c9:dc:b9:8e:ca:68:df:46:c8:64: 94:a6:14:d1:5e:01:56:09:31:d1:03:62:72:ab:a1: 61:6f:d0:f6:84:88:c5:4e:df:1e:57:6c:01:ad:aa: af:af:96:c9:bf:0e:82:f5:1d:0c:3d:49:86:10:7c: f4:e9:78:5a:fc:e6:93:81:22:2a:c7:ef:4a:b4:95: bb:93:9f:27:1c:57:cc:61:a8:27:57:37:4e:d7:b0: 50:00:f9:c3:a7:ea:be:78:13:82:30:15:72:f0:68: 6f:9d:d7:eb:09:9d:6f:0a:73:e4:e3:e3:05:8a:3d: 3f:aa:d9:84:a4:83:c2:0b:c3:4c:1a:f5:59:71:5f: db:95:ae:ac:be:e6:cf:11:b4:0d:0e:55:23:e1:a8: 82:2a:83:d0:1c:d0:9f:28:a0:49:cf:48:26:02:71: 03:3a:30:2b:ea:73:50:c3:7f:d8:8e:48:b0:69:4d: d0:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:8B:D7:16:AE:A5:AE:C7:3D:C3:5C:33:FB:F7:84:8A:D5:2A:FB:04 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153925.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:92c0::/48 Signature Algorithm: sha256WithRSAEncryption 6c:95:b1:07:0a:ef:95:af:19:7a:b6:d5:f3:b1:c7:66:83:96: 5c:38:1a:70:1a:2f:96:dd:a2:d4:f4:59:ac:fb:2b:bc:10:a4: 8e:53:39:0e:5b:9a:75:cb:2c:e0:0b:36:e2:cd:cf:8f:66:57: 51:09:98:3b:73:03:27:20:c7:97:04:d2:e4:f5:16:d8:60:f6: ff:ed:fb:27:9d:ef:10:82:0b:5b:d6:ac:ae:72:62:ff:f2:c3: 15:04:ef:ed:e1:4c:c9:05:46:88:b2:81:21:98:5a:f3:93:bc: 00:ee:62:85:f0:7b:18:f7:70:4d:64:2f:9a:32:a4:8c:48:3f: ef:75:80:03:94:27:b6:3a:e0:72:28:85:8d:e7:c5:e8:7d:71: 76:52:04:8c:7c:ad:af:e6:05:4a:35:c6:06:04:78:95:10:71: 02:cb:7d:0b:ed:f8:e5:84:7a:0a:f8:7b:5d:56:99:5d:98:bb: 37:42:04:48:ef:bb:67:f8:28:c8:a0:b8:09:38:dd:f1:c0:3e: 03:09:cf:cf:a7:de:3a:38:74:51:67:ea:e7:ac:45:02:7a:50: b6:d9:2c:df:6f:10:ee:36:67:0d:18:75:51:49:4c:db:56:e3: 58:b1:8b:82:27:0a:77:ae:d8:30:4e:b2:18:8f:7b:bc:f5:f2: 95:45:14:03 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUYApbvmc7sBMIGmDfyx6ffSM/49YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjE0MloX DTI3MDUwMTA5MjY0MlowMzExMC8GA1UEAxMoN0Q4QkQ3MTZBRUE1QUVDNzNEQzM1 QzMzRkJGNzg0OEFENTJBRkIwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANjt0Nahl4wjYOhUHt/T8NyJE5YyIFi1AODFL9JilM/fIIvmbgXGKmtnR4BO LcJFuICo6pcl8e9XNvLqcd/sZUP48m7hBRoJjYwy9omdcl3J3LmOymjfRshklKYU 0V4BVgkx0QNicquhYW/Q9oSIxU7fHldsAa2qr6+Wyb8OgvUdDD1JhhB89Ol4Wvzm k4EiKsfvSrSVu5OfJxxXzGGoJ1c3TtewUAD5w6fqvngTgjAVcvBob53X6wmdbwpz 5OPjBYo9P6rZhKSDwgvDTBr1WXFf25WurL7mzxG0DQ5VI+GogiqD0BzQnyigSc9I JgJxAzowK+pzUMN/2I5IsGlN0PsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBR9i9cW rqWuxz3DXDP794SK1Sr7BDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9ZLAMA0GCSqGSIb3DQEBCwUAA4IBAQBslbEHCu+Vrxl6ttXzscdm g5ZcOBpwGi+W3aLU9Fms+yu8EKSOUzkOW5p1yyzgCzbizc+PZldRCZg7cwMnIMeX BNLk9RbYYPb/7fsnne8Qggtb1qyucmL/8sMVBO/t4UzJBUaIsoEhmFrzk7wA7mKF 8HsY93BNZC+aMqSMSD/vdYADlCe2OuByKIWN58XofXF2UgSMfK2v5gVKNcYGBHiV EHECy30L7fjlhHoK+HtdVpldmLs3QgRI77tn+CjIoLgJON3xwD4DCc/Pp946OHRR Z+rnrEUCelC22SzfbxDuNmcNGHVRSUzbVuNYsYuCJwp3rtgwTrIYj3u89fKVRRQD -----END CERTIFICATE-----Generated at Sun May 3 00:41:51 2026 by rpki-client