$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153986.roa File: AS153986.roa (raw, json) Hash identifier: s0U33YkWqjWRQl9HsBTajmpdfFDUu1ejq/IPGkVyA6w= Subject key identifier: 15:D1:41:B4:97:15:9E:59:4E:A8:23:86:79:5D:5D:30:31:35:F1:AE Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5A45BDA08A0A4516F10D1C09C4AF5353B59D32C8 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153986.roa Signing time: Sat 02 May 2026 08:35:03 +0000 ROA not before: Sat 02 May 2026 08:30:03 +0000 ROA not after: Sat 01 May 2027 08:35:03 +0000 asID: 153986 IP address blocks: 2001:df5:a8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:45:bd:a0:8a:0a:45:16:f1:0d:1c:09:c4:af:53:53:b5:9d:32:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:03 2026 GMT Not After : May 1 08:35:03 2027 GMT Subject: CN=15D141B497159E594EA82386795D5D303135F1AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:11:c6:ca:dd:2f:bf:4a:d1:75:50:b4:5a:64: fc:8f:b6:ca:ac:10:bf:02:4e:51:ac:1d:55:9d:a4: 69:6d:ec:f6:b9:ac:6c:1a:ee:00:e3:e4:e1:58:09: 65:63:38:3b:ad:3d:63:4c:8f:a3:c6:fe:65:eb:0c: 6c:67:9a:91:52:36:ba:c8:75:73:aa:46:c6:4a:c5: cb:05:78:de:2f:c3:f9:6c:6b:d7:36:90:dc:4c:74: 86:d6:2f:31:8c:f2:4f:e6:9f:6f:42:d0:5c:4d:70: 96:0c:26:8c:89:53:cd:0c:c4:5f:38:9b:b9:07:e9: 19:16:90:e4:b4:2a:55:33:73:56:40:0a:74:ea:a2: fe:e3:3e:2f:4f:57:36:2d:a7:85:9f:2a:cd:32:73: 3c:62:52:bd:b2:d7:02:1b:2c:37:c1:0c:e6:b8:e8: 31:63:ed:d0:47:56:7e:12:79:cd:a6:31:8d:92:4d: 46:2f:ab:d2:ef:39:03:c2:81:07:65:08:05:98:0e: dc:1c:f9:1a:51:fc:e7:08:17:47:32:d9:8a:49:f8: 12:a3:8a:12:7c:94:60:be:b5:51:18:73:b5:0d:f2: 63:f8:38:80:91:9c:63:be:25:d0:6d:7d:69:2b:38: 90:ee:dd:f9:6e:c6:12:11:90:8c:61:19:43:54:3f: 61:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:D1:41:B4:97:15:9E:59:4E:A8:23:86:79:5D:5D:30:31:35:F1:AE X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153986.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:a8c0::/48 Signature Algorithm: sha256WithRSAEncryption 6e:87:ef:44:4c:86:e6:51:f0:7d:12:24:3e:62:00:f0:76:e1: 96:a9:92:32:fb:4b:23:81:8e:9e:2e:fa:f5:7b:d0:40:1e:01: 26:69:1c:ea:2d:09:e0:4b:f5:ad:2b:ae:43:6e:0c:0f:ae:ef: 97:d7:60:56:b8:e1:2d:8c:cf:23:8a:03:88:00:5f:bb:36:b4: d7:5e:e1:02:40:dc:86:80:27:d9:10:32:3f:0c:26:cc:49:37: 30:ba:d9:2a:0a:81:74:28:ef:14:07:6e:57:de:e1:99:1b:19: 59:0a:fe:6b:e4:0f:05:21:b0:ad:d6:61:92:8f:ea:79:f0:16: a3:7a:79:a4:6a:07:3c:2c:fb:2d:41:95:9e:1e:fc:8a:26:7b: 1d:ad:f1:a1:0d:03:bc:b5:30:f7:15:46:09:d5:d3:55:61:dc: 40:95:b7:6c:b0:a3:b7:f0:fd:ff:9c:43:af:15:e8:2b:c0:30: 97:28:61:b5:3b:3b:c1:7c:78:3e:d3:82:11:2a:b9:a6:37:d8: 81:f7:84:f6:b4:67:53:28:21:d4:8c:c8:93:87:a1:09:5d:b7: 2c:1b:43:66:bf:0a:37:55:57:f0:a3:8a:cf:13:e6:4d:2b:a2: 33:bc:e7:00:9f:d9:99:ae:4c:75:8d:f0:62:24:11:c7:90:3f: 11:18:26:4b -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUWkW9oIoKRRbxDRwJxK9TU7WdMsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzAwM1oX DTI3MDUwMTA4MzUwM1owMzExMC8GA1UEAxMoMTVEMTQxQjQ5NzE1OUU1OTRFQTgy Mzg2Nzk1RDVEMzAzMTM1RjFBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKoRxsrdL79K0XVQtFpk/I+2yqwQvwJOUawdVZ2kaW3s9rmsbBruAOPk4VgJ ZWM4O609Y0yPo8b+ZesMbGeakVI2ush1c6pGxkrFywV43i/D+Wxr1zaQ3Ex0htYv MYzyT+afb0LQXE1wlgwmjIlTzQzEXzibuQfpGRaQ5LQqVTNzVkAKdOqi/uM+L09X Ni2nhZ8qzTJzPGJSvbLXAhssN8EM5rjoMWPt0EdWfhJ5zaYxjZJNRi+r0u85A8KB B2UIBZgO3Bz5GlH85wgXRzLZikn4EqOKEnyUYL61URhztQ3yY/g4gJGcY74l0G19 aSs4kO7d+W7GEhGQjGEZQ1Q/YYMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQV0UG0 lxWeWU6oI4Z5XV0wMTXxrjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzOTg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9ajAMA0GCSqGSIb3DQEBCwUAA4IBAQBuh+9ETIbmUfB9EiQ+YgDw duGWqZIy+0sjgY6eLvr1e9BAHgEmaRzqLQngS/WtK65DbgwPru+X12BWuOEtjM8j igOIAF+7NrTXXuECQNyGgCfZEDI/DCbMSTcwutkqCoF0KO8UB25X3uGZGxlZCv5r 5A8FIbCt1mGSj+p58Bajenmkagc8LPstQZWeHvyKJnsdrfGhDQO8tTD3FUYJ1dNV YdxAlbdssKO38P3/nEOvFegrwDCXKGG1OzvBfHg+04IRKrmmN9iB94T2tGdTKCHU jMiTh6EJXbcsG0Nmvwo3VVfwo4rPE+ZNK6IzvOcAn9mZrkx1jfBiJBHHkD8RGCZL -----END CERTIFICATE-----Generated at Sun May 3 01:40:57 2026 by rpki-client