$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153936.roa File: AS153936.roa (raw, json) Hash identifier: GVnv8Cj72hCAmgkpgbVU1M5HJgajVpKojYuu3Y7HtDs= Subject key identifier: E3:38:C0:3A:4A:6A:8E:F8:06:EE:B7:08:4A:4C:FD:3B:80:73:29:4F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 40FFEFE95A3E9627BB30901B2324D446E7BE174E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153936.roa Signing time: Sat 02 May 2026 09:26:37 +0000 ROA not before: Sat 02 May 2026 09:21:37 +0000 ROA not after: Sat 01 May 2027 09:26:37 +0000 asID: 153936 IP address blocks: 2001:df5:a1c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:ff:ef:e9:5a:3e:96:27:bb:30:90:1b:23:24:d4:46:e7:be:17:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:37 2026 GMT Not After : May 1 09:26:37 2027 GMT Subject: CN=E338C03A4A6A8EF806EEB7084A4CFD3B8073294F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:da:99:e3:a5:52:c2:ac:6f:3f:58:1e:ab:eb: 98:77:f0:3b:3d:b5:b2:b8:9c:d7:fe:c0:53:55:97: a7:11:8f:f8:fc:19:dc:f4:6f:0c:3f:8f:fe:08:69: 7b:d0:e4:a0:23:ea:7b:be:7c:52:8e:f3:51:ff:a9: 12:ec:4b:14:fd:79:fa:55:76:b6:26:f3:b0:91:a8: d8:ff:3a:c2:9c:60:1c:84:90:e5:be:bc:05:d5:a1: 10:63:0f:6e:0c:73:f3:fe:d2:63:8d:8e:fc:93:4f: 76:59:85:12:54:cc:40:ad:fd:3b:46:37:0e:68:07: 55:9f:42:d7:52:a2:5f:fa:a6:3e:57:c2:67:3d:ee: af:26:86:05:c4:50:95:34:32:31:f9:61:3f:cd:54: f4:70:43:71:3a:28:23:b4:eb:fa:8a:75:9e:c4:ea: 79:fc:03:99:2a:41:90:4a:8d:69:2c:6a:36:61:5a: b1:37:6e:38:07:63:74:62:4f:a6:6b:3a:28:ad:75: af:84:f6:c4:13:53:28:09:63:9c:71:5e:60:1f:fa: 85:6a:36:9b:23:ce:50:23:80:99:76:55:c3:78:c7: 06:43:ff:7f:92:8e:1d:20:6a:ea:ca:b2:fd:81:af: 73:b2:df:49:5e:25:ec:91:ca:b8:e7:df:0b:8b:b4: 7e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:38:C0:3A:4A:6A:8E:F8:06:EE:B7:08:4A:4C:FD:3B:80:73:29:4F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153936.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:a1c0::/48 Signature Algorithm: sha256WithRSAEncryption 0b:bb:9d:c7:fa:7e:9f:e3:25:51:ff:93:25:89:11:f9:95:a3: a9:f0:8c:59:6d:81:66:2b:25:75:39:fc:1f:0d:24:d8:ee:bb: f9:f7:ec:a4:db:c7:00:e6:7f:1c:40:39:5a:dc:39:45:9a:eb: b7:58:bf:aa:7b:8e:72:f6:0e:3e:df:6d:d8:aa:f1:f3:2a:2c: 4f:9f:99:33:2a:40:71:33:2d:bc:14:a1:71:74:76:03:9f:e6: a7:70:52:01:ea:7f:33:de:68:52:c2:fe:25:6f:4b:2c:0d:58: c5:3a:1a:97:55:3a:d5:54:2a:39:69:3b:06:f6:ec:0e:d7:21: 5f:b3:d4:18:b3:b5:cc:fa:8d:05:d9:08:fd:83:0c:28:57:ca: 36:2c:4b:ef:e0:db:e0:7c:e5:36:dd:7a:47:4f:88:ae:2e:f1: 79:cd:45:e1:39:03:8f:0f:d6:8c:b5:fd:aa:71:35:2b:42:bf: 57:e1:07:e0:01:4d:aa:e3:8b:1d:03:3f:fb:8e:58:99:ae:86: d9:1e:5c:27:95:db:de:bc:9d:25:97:52:f8:9a:09:27:06:fd: f3:1c:4b:5d:d5:7c:69:5e:21:3c:4d:67:29:94:3e:7b:be:79: 3f:c3:8c:d8:82:72:f1:ae:64:90:8d:c1:aa:ef:ea:be:5f:35: 8d:d1:08:d8 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUQP/v6Vo+lie7MJAbIyTURue+F04wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEzN1oX DTI3MDUwMTA5MjYzN1owMzExMC8GA1UEAxMoRTMzOEMwM0E0QTZBOEVGODA2RUVC NzA4NEE0Q0ZEM0I4MDczMjk0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIfameOlUsKsbz9YHqvrmHfwOz21sric1/7AU1WXpxGP+PwZ3PRvDD+P/ghp e9DkoCPqe758Uo7zUf+pEuxLFP15+lV2tibzsJGo2P86wpxgHISQ5b68BdWhEGMP bgxz8/7SY42O/JNPdlmFElTMQK39O0Y3DmgHVZ9C11KiX/qmPlfCZz3uryaGBcRQ lTQyMflhP81U9HBDcTooI7Tr+op1nsTqefwDmSpBkEqNaSxqNmFasTduOAdjdGJP pms6KK11r4T2xBNTKAljnHFeYB/6hWo2myPOUCOAmXZVw3jHBkP/f5KOHSBq6sqy /YGvc7LfSV4l7JHKuOffC4u0fg8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTjOMA6 SmqO+AbutwhKTP07gHMpTzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTM2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9aHAMA0GCSqGSIb3DQEBCwUAA4IBAQALu53H+n6f4yVR/5MliRH5 laOp8IxZbYFmKyV1OfwfDSTY7rv59+yk28cA5n8cQDla3DlFmuu3WL+qe45y9g4+ 323YqvHzKixPn5kzKkBxMy28FKFxdHYDn+ancFIB6n8z3mhSwv4lb0ssDVjFOhqX VTrVVCo5aTsG9uwO1yFfs9QYs7XM+o0F2Qj9gwwoV8o2LEvv4NvgfOU23XpHT4iu LvF5zUXhOQOPD9aMtf2qcTUrQr9X4QfgAU2q44sdAz/7jliZrobZHlwnldvevJ0l l1L4mgknBv3zHEtd1XxpXiE8TWcplD57vnk/w4zYgnLxrmSQjcGq7+q+XzWN0QjY -----END CERTIFICATE-----Generated at Sun May 3 00:39:52 2026 by rpki-client