$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153985.roa File: AS153985.roa (raw, json) Hash identifier: cRtggV86pqPGolPbMxCRyUYl8aLcJSASYAKdLV7BwXI= Subject key identifier: 83:FC:C3:5A:7A:20:F6:0A:4F:13:C4:DE:8E:FA:B3:79:64:FF:1A:CD Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0A271555F60DF819E45938CE005B43902149AF06 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153985.roa Signing time: Sat 02 May 2026 09:26:50 +0000 ROA not before: Sat 02 May 2026 09:21:50 +0000 ROA not after: Sat 01 May 2027 09:26:50 +0000 asID: 153985 IP address blocks: 2001:df5:be40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:27:15:55:f6:0d:f8:19:e4:59:38:ce:00:5b:43:90:21:49:af:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:50 2026 GMT Not After : May 1 09:26:50 2027 GMT Subject: CN=83FCC35A7A20F60A4F13C4DE8EFAB37964FF1ACD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e8:68:d2:45:a0:ea:ae:ba:f9:4a:30:c3:4d: 1d:31:7b:72:9d:5a:87:f3:77:4a:d9:96:68:92:bf: e0:a4:12:ad:a5:13:a0:21:25:4f:7c:0d:3f:eb:01: f9:b0:99:d3:08:e8:28:d0:ec:8c:ba:1d:dd:76:fc: 3f:fd:1f:bc:b9:3a:5d:bc:ea:f7:58:a4:5d:1a:1e: d7:3e:33:bb:76:cd:5b:f6:b3:76:58:90:61:f6:ce: d1:92:85:60:04:96:a6:00:cc:4e:fd:c6:18:16:6b: 20:8a:9e:1e:56:ef:5d:79:d2:fd:10:c5:34:a1:09: 7c:0d:af:02:1f:bb:e1:77:0a:03:14:19:ca:ee:c2: 26:80:be:05:2b:82:a7:a5:97:8a:42:89:1b:23:c0: 6f:39:c7:ac:e3:c3:04:83:c9:e8:26:e4:e1:a7:03: db:70:57:fc:f9:1f:c2:b8:5f:89:a3:08:75:03:b6: 2f:a3:78:09:e0:55:5f:45:e5:fe:9a:bc:d6:2b:f4: e0:de:a7:02:ba:a2:4f:b5:f6:17:9c:74:c0:6f:0c: 5a:5a:c2:63:81:dc:42:71:cd:f3:69:c6:c4:90:01: 74:3e:5a:23:b8:d0:43:9f:38:e4:17:de:bc:bd:51: 53:64:06:5b:5c:ba:48:89:15:73:7e:92:58:aa:2e: e2:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:FC:C3:5A:7A:20:F6:0A:4F:13:C4:DE:8E:FA:B3:79:64:FF:1A:CD X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153985.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:be40::/48 Signature Algorithm: sha256WithRSAEncryption 37:89:3d:23:10:94:97:0f:78:f0:39:8d:8d:2d:4f:2e:ea:7b: c5:a1:a4:6d:54:0c:d6:31:d5:21:0d:62:b1:6f:48:e2:51:dc: ba:95:01:58:1f:17:42:1c:c9:d4:f4:b4:f5:65:9d:06:de:35: 6a:b2:65:f9:01:3c:86:09:f8:8e:7d:2a:11:a8:e3:cd:cf:98: 60:4a:36:18:70:ff:cb:39:78:81:8b:4c:1e:48:29:f4:6f:d7: f0:c7:68:9d:78:06:f7:e5:94:ea:26:f4:28:4f:a5:e8:58:dd: c5:ab:af:d9:11:dd:91:30:70:33:3e:93:3f:21:23:f9:75:99: 72:04:2c:b2:7b:c9:4c:77:24:bb:6a:b7:80:3d:fd:b4:d7:89: 6e:81:e0:14:e3:bc:cb:4a:ad:4d:28:8f:63:04:53:81:b2:1a: ee:ef:ed:93:a6:6a:5b:be:35:57:9a:a7:57:f3:3d:47:c1:b1: 66:05:26:c6:91:8f:8f:bf:d2:ba:dc:08:de:44:2d:19:3a:80: 02:9f:9f:d7:cb:e2:af:49:7a:be:6e:51:b9:47:dd:a9:04:4e: 0f:e5:e9:79:2b:fc:5b:6f:0b:7b:ab:f1:18:84:e3:7e:6e:ba: f4:76:e8:34:28:32:23:ed:ce:4f:3a:8a:43:b4:42:67:cb:5a: b1:e9:b9:4d -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUCicVVfYN+BnkWTjOAFtDkCFJrwYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjE1MFoX DTI3MDUwMTA5MjY1MFowMzExMC8GA1UEAxMoODNGQ0MzNUE3QTIwRjYwQTRGMTND NERFOEVGQUIzNzk2NEZGMUFDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALLoaNJFoOquuvlKMMNNHTF7cp1ah/N3StmWaJK/4KQSraUToCElT3wNP+sB +bCZ0wjoKNDsjLod3Xb8P/0fvLk6Xbzq91ikXRoe1z4zu3bNW/azdliQYfbO0ZKF YASWpgDMTv3GGBZrIIqeHlbvXXnS/RDFNKEJfA2vAh+74XcKAxQZyu7CJoC+BSuC p6WXikKJGyPAbznHrOPDBIPJ6Cbk4acD23BX/PkfwrhfiaMIdQO2L6N4CeBVX0Xl /pq81iv04N6nArqiT7X2F5x0wG8MWlrCY4HcQnHN82nGxJABdD5aI7jQQ5845Bfe vL1RU2QGW1y6SIkVc36SWKou4l0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSD/MNa eiD2Ck8TxN6O+rN5ZP8azTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTg1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9b5AMA0GCSqGSIb3DQEBCwUAA4IBAQA3iT0jEJSXD3jwOY2NLU8u 6nvFoaRtVAzWMdUhDWKxb0jiUdy6lQFYHxdCHMnU9LT1ZZ0G3jVqsmX5ATyGCfiO fSoRqOPNz5hgSjYYcP/LOXiBi0weSCn0b9fwx2ideAb35ZTqJvQoT6XoWN3Fq6/Z Ed2RMHAzPpM/ISP5dZlyBCyye8lMdyS7areAPf2014lugeAU47zLSq1NKI9jBFOB shru7+2TpmpbvjVXmqdX8z1HwbFmBSbGkY+Pv9K63AjeRC0ZOoACn5/Xy+KvSXq+ blG5R92pBE4P5el5K/xbbwt7q/EYhON+brr0dug0KDIj7c5POopDtEJny1qx6blN -----END CERTIFICATE-----Generated at Sun May 3 01:40:06 2026 by rpki-client