$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154475.roa File: AS154475.roa (raw, json) Hash identifier: 5xKWx1IOKHi3hf3Mg4H/WVAIfPq2H83jAW2w3qXnlC4= Subject key identifier: D4:68:DA:B5:10:78:4A:0D:51:1F:35:6F:A7:42:29:7A:18:48:CF:94 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1EDA2923229C5C3B98E15DA4D20BAFFC54B8FF0A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154475.roa Signing time: Sat 02 May 2026 09:27:02 +0000 ROA not before: Sat 02 May 2026 09:22:02 +0000 ROA not after: Sat 01 May 2027 09:27:02 +0000 asID: 154475 IP address blocks: 2001:df6:8140::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:da:29:23:22:9c:5c:3b:98:e1:5d:a4:d2:0b:af:fc:54:b8:ff:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:02 2026 GMT Not After : May 1 09:27:02 2027 GMT Subject: CN=D468DAB510784A0D511F356FA742297A1848CF94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d2:7a:19:19:c5:5b:57:f4:d6:24:ca:4b:ae: 8b:74:04:87:74:f6:20:44:27:25:af:70:c8:55:a6: 70:50:2a:e2:9e:6d:6c:73:dd:a8:f2:dd:ce:d0:7e: 10:6a:7a:09:56:db:95:cf:71:bd:6b:23:12:38:4f: 46:81:14:28:bd:eb:aa:7e:55:97:4b:11:68:98:78: 8d:01:72:b6:44:94:ca:fe:68:75:a3:dc:e0:22:b6: ab:98:7f:23:51:88:2f:81:17:c9:a5:55:00:26:2f: 00:d4:82:a4:72:ce:8f:9c:89:be:b2:47:5f:eb:15: f7:8b:70:f8:37:17:93:08:be:88:fe:ff:98:98:62: 12:1c:3d:99:1e:4b:b8:19:47:63:e0:9a:05:bd:c6: 05:06:25:07:84:77:44:fe:9d:6b:55:48:d0:bf:7a: 53:f5:60:64:cd:35:ff:03:61:79:a7:a3:fd:9f:f8: c4:e5:d3:55:7c:13:db:9d:e8:25:9b:23:d4:6f:0b: 2a:49:da:42:4d:9c:0e:1f:f5:b9:f0:09:56:29:5a: 69:d9:4f:f5:f6:a9:a2:11:44:98:1b:0d:62:4f:63: 45:93:2b:d6:c7:e9:2b:a3:b4:27:33:d4:13:b7:f8: 40:1e:d2:96:48:15:36:13:63:33:83:c6:75:5e:78: f8:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:68:DA:B5:10:78:4A:0D:51:1F:35:6F:A7:42:29:7A:18:48:CF:94 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154475.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:8140::/48 Signature Algorithm: sha256WithRSAEncryption 30:a6:11:d9:1c:0e:9f:7c:50:1b:e5:a8:fb:a6:e6:bf:a9:06: 39:3b:70:26:b2:46:7f:ac:1d:a0:5f:df:35:79:1e:5e:e9:77: cc:2e:c9:b3:14:a5:67:ae:01:d0:7b:59:75:62:2a:a4:ca:0d: 62:13:8e:d6:97:8c:93:27:a7:6f:30:8d:dd:80:bd:d5:55:60: 37:5e:80:6c:d3:29:bd:4f:54:ca:18:2a:7c:d2:03:36:be:c0: 7a:8f:69:86:be:68:45:6e:88:e1:0a:66:85:12:83:54:68:97: da:16:c0:b6:d9:0a:24:89:10:79:ea:d0:8a:57:3d:ae:93:f4: fa:91:fa:a3:69:11:f1:5b:01:01:50:81:f3:23:a7:6f:07:66: 66:0d:53:67:46:b8:53:0e:12:5e:49:62:19:0a:8e:11:fc:4c: 03:33:ee:a7:1b:5c:91:c5:b8:bf:2b:47:a2:47:9d:44:65:30: 3c:1c:0a:e7:19:e9:97:e3:49:17:d3:39:2e:33:0c:88:9a:49: 6a:45:56:45:27:53:91:4c:2f:a3:5f:2a:db:3a:5d:b4:fd:eb: 51:a1:56:0c:86:4d:1e:58:0e:24:af:16:0e:f1:68:11:f8:82: 7b:bc:91:cb:f5:93:23:28:a3:93:8f:cf:af:3c:46:f7:27:96: e0:fe:4d:ab -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUHtopIyKcXDuY4V2k0guv/FS4/wowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwMloX DTI3MDUwMTA5MjcwMlowMzExMC8GA1UEAxMoRDQ2OERBQjUxMDc4NEEwRDUxMUYz NTZGQTc0MjI5N0ExODQ4Q0Y5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7SehkZxVtX9NYkykuui3QEh3T2IEQnJa9wyFWmcFAq4p5tbHPdqPLdztB+ EGp6CVbblc9xvWsjEjhPRoEUKL3rqn5Vl0sRaJh4jQFytkSUyv5odaPc4CK2q5h/ I1GIL4EXyaVVACYvANSCpHLOj5yJvrJHX+sV94tw+DcXkwi+iP7/mJhiEhw9mR5L uBlHY+CaBb3GBQYlB4R3RP6da1VI0L96U/VgZM01/wNheaej/Z/4xOXTVXwT253o JZsj1G8LKknaQk2cDh/1ufAJVilaadlP9fapohFEmBsNYk9jRZMr1sfpK6O0JzPU E7f4QB7SlkgVNhNjM4PGdV54+OMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTUaNq1 EHhKDVEfNW+nQil6GEjPlDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NDc1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9oFAMA0GCSqGSIb3DQEBCwUAA4IBAQAwphHZHA6ffFAb5aj7pua/ qQY5O3AmskZ/rB2gX981eR5e6XfMLsmzFKVnrgHQe1l1Yiqkyg1iE47Wl4yTJ6dv MI3dgL3VVWA3XoBs0ym9T1TKGCp80gM2vsB6j2mGvmhFbojhCmaFEoNUaJfaFsC2 2QokiRB56tCKVz2uk/T6kfqjaRHxWwEBUIHzI6dvB2ZmDVNnRrhTDhJeSWIZCo4R /EwDM+6nG1yRxbi/K0eiR51EZTA8HArnGemX40kX0zkuMwyImklqRVZFJ1ORTC+j XyrbOl20/etRoVYMhk0eWA4krxYO8WgR+IJ7vJHL9ZMjKKOTj8+vPEb3J5bg/k2r -----END CERTIFICATE-----Generated at Sun May 3 00:39:39 2026 by rpki-client