$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154123.roa File: AS154123.roa (raw, json) Hash identifier: yrMx6CVaXdfbHYv8SHHyp0jjpfxkoqynuQ1jpU91etE= Subject key identifier: 1B:E7:E4:1D:54:43:5B:43:26:3E:C5:86:09:08:2C:A4:E4:E7:68:64 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 27EF4E791AC9632D53FE9D23B2826A4ADBD1B398 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154123.roa Signing time: Sat 02 May 2026 08:36:07 +0000 ROA not before: Sat 02 May 2026 08:31:07 +0000 ROA not after: Sat 01 May 2027 08:36:07 +0000 asID: 154123 IP address blocks: 2001:df5:eec0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:ef:4e:79:1a:c9:63:2d:53:fe:9d:23:b2:82:6a:4a:db:d1:b3:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:31:07 2026 GMT Not After : May 1 08:36:07 2027 GMT Subject: CN=1BE7E41D54435B43263EC58609082CA4E4E76864 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:4a:cf:9f:fd:10:ad:cf:c9:d0:fe:b8:9b:f2: 4d:5c:b1:6a:b9:26:2e:75:e2:a8:f0:94:6b:be:03: cd:44:2e:be:a9:c3:24:74:88:9d:55:a4:05:e9:46: 2b:0f:4b:7e:b6:12:80:2c:ae:cc:4b:db:33:8a:20: 7f:dc:56:69:44:89:1f:f6:23:d9:83:97:22:b5:ad: 2b:ba:f7:1e:e3:d1:5b:cd:72:05:07:b6:48:fd:67: af:8f:e3:60:5c:80:e7:be:d6:af:f3:69:86:9e:64: ed:85:a4:c3:69:13:71:10:87:cd:35:7f:d6:05:f0: 00:e6:32:ca:18:31:e9:73:9a:a3:a1:1e:be:1f:24: 99:3d:ff:87:4b:97:95:c1:10:c5:41:92:d0:e8:c6: 3b:ea:f3:5e:a8:19:92:6a:00:03:2c:a4:15:91:1e: 0d:78:26:8c:a8:39:b7:22:42:83:4c:8f:21:86:38: 74:b6:29:02:53:34:18:22:73:f4:69:96:64:e7:94: 91:db:f9:76:d9:f3:ef:01:72:ca:a4:1b:25:0f:bb: aa:4b:ef:31:81:f6:df:e4:cc:56:bb:55:aa:1f:68: 9c:d0:a8:30:fb:c5:5f:08:bd:c6:68:61:25:2f:e7: 9d:62:fd:ec:33:46:3c:b2:6e:1e:36:05:43:05:b9: 06:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:E7:E4:1D:54:43:5B:43:26:3E:C5:86:09:08:2C:A4:E4:E7:68:64 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154123.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:eec0::/48 Signature Algorithm: sha256WithRSAEncryption 08:39:3c:1e:c9:64:0c:78:e6:58:39:0a:d4:5f:d0:07:61:be: d1:4d:8d:9c:5e:50:89:c9:b4:b2:84:a2:45:43:09:65:c9:f9: 4b:fa:ed:64:66:99:7e:02:46:b0:5b:6e:54:9a:63:bc:2f:27: 31:d6:30:54:13:22:6e:84:08:0d:89:4e:47:4e:a4:73:e7:ee: f9:c5:11:0f:53:f4:f3:5d:0d:04:32:aa:61:c1:1c:2d:26:98: 14:94:90:b7:e7:1a:58:53:28:2c:bd:b6:7e:94:0f:f1:88:64: 5e:2f:46:91:3d:e7:95:f1:ca:9c:2f:ec:86:5e:fb:fb:cc:5e: 42:8a:03:f2:a3:1f:3b:01:36:0c:b3:81:20:06:67:c7:b6:dd: 9a:f7:e7:06:59:9f:0a:e4:d9:98:d7:95:a2:16:74:67:e7:35: 1f:53:55:71:ae:2d:e3:ff:f7:b3:d1:c9:d3:95:3d:51:82:d0: 1d:fe:ab:ed:ae:f5:2b:da:9a:12:8f:6c:5c:97:ed:29:90:aa: f4:45:09:e5:65:e2:2c:a0:49:ee:c0:e9:77:7e:4a:d3:6a:04: 98:43:2b:eb:ec:a2:d8:71:77:d2:23:fb:5c:49:87:f3:93:e3: 11:25:15:ab:cb:16:78:b3:66:06:b2:fb:26:a3:b4:41:e3:13: 76:e8:db:10 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUJ+9OeRrJYy1T/p0jsoJqStvRs5gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzEwN1oX DTI3MDUwMTA4MzYwN1owMzExMC8GA1UEAxMoMUJFN0U0MUQ1NDQzNUI0MzI2M0VD NTg2MDkwODJDQTRFNEU3Njg2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJRKz5/9EK3PydD+uJvyTVyxarkmLnXiqPCUa74DzUQuvqnDJHSInVWkBelG Kw9LfrYSgCyuzEvbM4ogf9xWaUSJH/Yj2YOXIrWtK7r3HuPRW81yBQe2SP1nr4/j YFyA577Wr/Nphp5k7YWkw2kTcRCHzTV/1gXwAOYyyhgx6XOao6Eevh8kmT3/h0uX lcEQxUGS0OjGO+rzXqgZkmoAAyykFZEeDXgmjKg5tyJCg0yPIYY4dLYpAlM0GCJz 9GmWZOeUkdv5dtnz7wFyyqQbJQ+7qkvvMYH23+TMVrtVqh9onNCoMPvFXwi9xmhh JS/nnWL97DNGPLJuHjYFQwW5BusCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQb5+Qd VENbQyY+xYYJCCyk5OdoZDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0MTIzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9e7AMA0GCSqGSIb3DQEBCwUAA4IBAQAIOTweyWQMeOZYOQrUX9AH Yb7RTY2cXlCJybSyhKJFQwllyflL+u1kZpl+AkawW25UmmO8Lycx1jBUEyJuhAgN iU5HTqRz5+75xREPU/TzXQ0EMqphwRwtJpgUlJC35xpYUygsvbZ+lA/xiGReL0aR PeeV8cqcL+yGXvv7zF5CigPyox87ATYMs4EgBmfHtt2a9+cGWZ8K5NmY15WiFnRn 5zUfU1Vxri3j//ez0cnTlT1RgtAd/qvtrvUr2poSj2xcl+0pkKr0RQnlZeIsoEnu wOl3fkrTagSYQyvr7KLYcXfSI/tcSYfzk+MRJRWryxZ4s2YGsvsmo7RB4xN26NsQ -----END CERTIFICATE-----Generated at Sun May 3 00:41:44 2026 by rpki-client