$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153946.roa File: AS153946.roa (raw, json) Hash identifier: pKrPTuBBneUnYGLkJRZEsE+L1robJN3JJvjakZBS0nk= Subject key identifier: A1:46:11:3E:C5:53:7F:8E:51:D1:F3:2F:F6:00:FB:86:39:C9:07:87 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3F06F85B2CFE844F588EF396FEB391988B9A76E0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153946.roa Signing time: Sat 02 May 2026 09:26:24 +0000 ROA not before: Sat 02 May 2026 09:21:24 +0000 ROA not after: Sat 01 May 2027 09:26:24 +0000 asID: 153946 IP address blocks: 2001:df5:97c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:06:f8:5b:2c:fe:84:4f:58:8e:f3:96:fe:b3:91:98:8b:9a:76:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:24 2026 GMT Not After : May 1 09:26:24 2027 GMT Subject: CN=A146113EC5537F8E51D1F32FF600FB8639C90787 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:c8:37:53:d8:14:c8:f5:68:57:70:a7:1d:d9: 67:bf:1e:a2:1f:b6:95:98:96:a7:28:a0:07:f6:a5: 87:98:51:71:38:51:cc:28:50:84:59:73:5c:52:a8: cf:31:d4:3a:ee:10:f5:e2:1d:74:53:c5:91:1c:3b: 0e:cf:14:c3:19:23:e1:e3:be:c2:10:83:32:85:0a: e3:1d:cb:76:3d:2a:e0:69:df:57:7b:e2:d9:3f:b7: d6:f6:03:63:a3:5f:eb:42:ec:8d:b6:e0:35:bd:a3: d4:6b:2e:34:68:f6:09:c1:3d:68:aa:aa:11:07:bc: 78:cf:0d:54:4c:ca:fa:c2:9d:de:9b:60:cc:ef:ee: ee:a1:43:3c:c6:c6:88:f4:f5:39:e3:dd:aa:f7:e2: 71:79:e6:1c:17:4e:e0:50:6a:d0:70:c4:51:62:87: 5c:37:55:3b:0f:87:e7:aa:16:dd:91:32:96:3f:a3: 25:0d:66:ad:f1:2b:55:93:a5:e0:34:a7:5a:1b:73: 53:9d:f5:85:5c:f2:79:30:0d:f5:34:49:74:d1:ee: 42:b4:89:8a:8f:f6:cd:4b:1d:1a:02:5b:6f:b9:0a: 52:43:ec:e6:31:bd:01:a9:6b:d5:11:4b:95:ec:bf: bd:7b:73:bb:e9:fc:cc:89:30:53:6a:79:a9:10:90: 4b:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:46:11:3E:C5:53:7F:8E:51:D1:F3:2F:F6:00:FB:86:39:C9:07:87 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153946.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:97c0::/48 Signature Algorithm: sha256WithRSAEncryption 07:dd:42:e4:b6:15:34:3a:c3:ed:07:8b:07:5d:fe:7d:35:67: 6a:ec:26:58:f7:bc:8f:71:69:dc:af:50:41:3b:15:8d:4a:47: bd:78:70:7f:74:23:6d:24:3a:34:89:e7:bd:7b:70:4d:e5:58: 6b:9e:2f:a3:1c:16:56:b2:8d:bd:d8:d4:25:8c:9e:9e:df:0f: f1:60:1d:57:af:db:7d:d4:f5:51:e8:2d:b7:92:40:ab:3f:11: 89:1b:09:71:12:40:e4:61:1f:32:b6:0a:99:69:4d:8d:cf:16: e0:89:81:09:61:96:76:ae:74:eb:bb:09:bc:b2:8b:87:ea:6b: 26:c2:cc:47:2e:da:0b:7c:b3:19:df:35:f7:10:c4:4f:39:82: bb:c6:37:bf:59:39:e7:3d:1a:f9:c8:65:2b:85:71:85:af:ef: e8:78:09:b0:34:40:ac:dd:47:24:84:d1:78:40:ae:1d:cd:a6: 2c:20:c6:21:2f:25:b8:56:b8:be:55:e9:55:7c:3c:13:40:f1: 78:e1:0c:c9:12:3a:65:1a:74:06:81:ef:34:df:ba:50:78:6f: 72:1e:75:53:bb:54:32:f9:c4:95:d0:b3:8a:2c:94:82:5c:0c: 02:a6:2c:7f:ea:6d:98:20:f0:fb:34:f0:0a:a6:ee:cb:d2:63: e4:11:70:05 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUPwb4Wyz+hE9YjvOW/rORmIuaduAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEyNFoX DTI3MDUwMTA5MjYyNFowMzExMC8GA1UEAxMoQTE0NjExM0VDNTUzN0Y4RTUxRDFG MzJGRjYwMEZCODYzOUM5MDc4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKTIN1PYFMj1aFdwpx3ZZ78eoh+2lZiWpyigB/alh5hRcThRzChQhFlzXFKo zzHUOu4Q9eIddFPFkRw7Ds8Uwxkj4eO+whCDMoUK4x3Ldj0q4GnfV3vi2T+31vYD Y6Nf60LsjbbgNb2j1GsuNGj2CcE9aKqqEQe8eM8NVEzK+sKd3ptgzO/u7qFDPMbG iPT1OePdqvficXnmHBdO4FBq0HDEUWKHXDdVOw+H56oW3ZEylj+jJQ1mrfErVZOl 4DSnWhtzU531hVzyeTAN9TRJdNHuQrSJio/2zUsdGgJbb7kKUkPs5jG9Aalr1RFL ley/vXtzu+n8zIkwU2p5qRCQS3kCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBShRhE+ xVN/jlHR8y/2APuGOckHhzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTQ2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9ZfAMA0GCSqGSIb3DQEBCwUAA4IBAQAH3ULkthU0OsPtB4sHXf59 NWdq7CZY97yPcWncr1BBOxWNSke9eHB/dCNtJDo0iee9e3BN5Vhrni+jHBZWso29 2NQljJ6e3w/xYB1Xr9t91PVR6C23kkCrPxGJGwlxEkDkYR8ytgqZaU2NzxbgiYEJ YZZ2rnTruwm8souH6msmwsxHLtoLfLMZ3zX3EMRPOYK7xje/WTnnPRr5yGUrhXGF r+/oeAmwNECs3UckhNF4QK4dzaYsIMYhLyW4Vri+VelVfDwTQPF44QzJEjplGnQG ge8037pQeG9yHnVTu1Qy+cSV0LOKLJSCXAwCpix/6m2YIPD7NPAKpu7L0mPkEXAF -----END CERTIFICATE-----Generated at Sun May 3 01:40:55 2026 by rpki-client