$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153938.roa File: AS153938.roa (raw, json) Hash identifier: L6Z4AdxaGSZmPM5pSK355ogR61XAjdHOThYcm9m9iLg= Subject key identifier: 10:F7:C4:F4:DC:22:90:08:57:06:61:43:A9:E2:B1:4C:C9:DD:05:36 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 14CB52FE34170E35EC57EA153D5E3218BED5290F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153938.roa Signing time: Sat 02 May 2026 09:26:11 +0000 ROA not before: Sat 02 May 2026 09:21:11 +0000 ROA not after: Sat 01 May 2027 09:26:11 +0000 asID: 153938 IP address blocks: 2001:df5:94c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:cb:52:fe:34:17:0e:35:ec:57:ea:15:3d:5e:32:18:be:d5:29:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:11 2026 GMT Not After : May 1 09:26:11 2027 GMT Subject: CN=10F7C4F4DC22900857066143A9E2B14CC9DD0536 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:7b:af:c4:76:e6:eb:3d:f5:69:f9:1b:1e:82: 6a:a7:f9:5b:b9:86:2f:57:12:15:4c:35:1d:d6:1c: 02:e9:bd:d4:8f:48:7a:ad:93:48:c8:46:b7:bb:23: 22:15:57:86:17:7e:a6:8e:b9:ad:23:a6:bd:74:6f: 34:a1:21:eb:3d:e8:5e:52:57:b5:fa:5c:f3:64:63: 5b:62:eb:07:87:fc:65:30:61:f7:73:52:66:a3:c2: f4:95:3f:67:7e:9e:5a:8f:05:f3:a4:60:71:61:bb: 91:80:da:97:4c:c0:ca:05:b7:86:d0:8b:9b:5d:09: 2d:55:d5:c0:24:e0:01:1a:30:d7:2b:e7:17:8c:60: e0:69:01:dd:d2:17:d0:48:b9:d1:a9:a2:b2:e4:1b: 82:26:a5:02:e1:f6:ed:bd:b1:27:f6:18:09:1a:ce: 77:ba:b2:14:b5:60:dc:ee:50:9a:cb:99:5f:a5:c2: 68:06:68:2c:7a:83:e6:ab:d6:2d:81:c9:aa:8c:ef: 6a:8c:73:fc:e4:16:a5:c8:ed:7c:4a:ba:5b:95:7d: ac:b6:3d:49:fe:3a:e4:e7:11:ff:a9:a4:c3:0b:34: 57:50:bc:d3:c2:9b:29:37:c0:85:bb:0e:e6:8f:d6: bc:9c:d7:77:73:a8:49:62:59:90:37:58:e3:89:33: 9e:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:F7:C4:F4:DC:22:90:08:57:06:61:43:A9:E2:B1:4C:C9:DD:05:36 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:94c0::/48 Signature Algorithm: sha256WithRSAEncryption 43:7c:aa:68:6c:17:2e:95:4f:21:ec:0f:1e:11:ab:c7:5e:0e: 6d:4f:94:05:0c:3d:3f:24:1e:d3:0b:cf:f1:e6:0b:3f:e0:21: 2e:0f:db:01:d4:2a:71:ba:d8:9b:42:65:c3:68:26:df:83:2a: b0:a4:c0:ad:d6:a9:da:e3:b7:3b:db:c0:1a:14:41:cc:b8:4a: a2:a6:6a:f0:50:ae:70:1a:30:80:6f:ec:85:4d:72:e7:d6:26: 7d:30:7e:88:81:c2:f0:62:e8:0a:89:ec:ae:4b:03:d0:58:7f: 27:ff:6c:c0:44:ad:f6:da:7b:0e:8b:6c:31:3e:34:9f:1a:df: ae:59:4c:f4:d1:fc:83:e8:88:ac:a1:87:83:4e:18:71:65:4a: 2f:be:20:75:ad:d4:e3:04:fa:f1:88:21:9d:77:4d:3a:37:49: 7d:d5:90:b8:bf:66:8b:e6:e6:88:34:27:0a:3d:4d:13:b0:40: 96:fc:7c:ba:cd:c8:7d:57:8a:38:10:45:98:c8:df:55:1d:08: 96:21:55:e1:c8:99:ef:09:7b:b5:87:6c:12:66:f3:7d:ee:e4: ea:a2:8f:ee:51:e0:08:f5:3a:45:7d:27:fd:4a:e3:30:7b:aa: 88:97:ab:a1:ef:c4:4d:8c:70:f6:2f:5d:69:74:08:6e:59:84: ff:2b:51:67 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUFMtS/jQXDjXsV+oVPV4yGL7VKQ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjExMVoX DTI3MDUwMTA5MjYxMVowMzExMC8GA1UEAxMoMTBGN0M0RjREQzIyOTAwODU3MDY2 MTQzQTlFMkIxNENDOUREMDUzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALl7r8R25us99Wn5Gx6Caqf5W7mGL1cSFUw1HdYcAum91I9Ieq2TSMhGt7sj IhVXhhd+po65rSOmvXRvNKEh6z3oXlJXtfpc82RjW2LrB4f8ZTBh93NSZqPC9JU/ Z36eWo8F86RgcWG7kYDal0zAygW3htCLm10JLVXVwCTgARow1yvnF4xg4GkB3dIX 0Ei50amisuQbgialAuH27b2xJ/YYCRrOd7qyFLVg3O5QmsuZX6XCaAZoLHqD5qvW LYHJqozvaoxz/OQWpcjtfEq6W5V9rLY9Sf465OcR/6mkwws0V1C808KbKTfAhbsO 5o/WvJzXd3OoSWJZkDdY44kznn0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQQ98T0 3CKQCFcGYUOp4rFMyd0FNjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTM4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9ZTAMA0GCSqGSIb3DQEBCwUAA4IBAQBDfKpobBculU8h7A8eEavH Xg5tT5QFDD0/JB7TC8/x5gs/4CEuD9sB1CpxutibQmXDaCbfgyqwpMCt1qna47c7 28AaFEHMuEqipmrwUK5wGjCAb+yFTXLn1iZ9MH6IgcLwYugKieyuSwPQWH8n/2zA RK322nsOi2wxPjSfGt+uWUz00fyD6IisoYeDThhxZUovviB1rdTjBPrxiCGdd006 N0l91ZC4v2aL5uaINCcKPU0TsECW/Hy6zch9V4o4EEWYyN9VHQiWIVXhyJnvCXu1 h2wSZvN97uTqoo/uUeAI9TpFfSf9SuMwe6qIl6uh78RNjHD2L11pdAhuWYT/K1Fn -----END CERTIFICATE-----Generated at Sun May 3 00:41:52 2026 by rpki-client