$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154495.roa File: AS154495.roa (raw, json) Hash identifier: 3WylT9oRBAQT53AHC2YBsth63Bz20A1byuF3VbVDmWA= Subject key identifier: B3:61:9A:7D:52:49:55:20:BD:83:89:47:F1:70:74:24:AF:2C:50:7C Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2FAEAD5396C2975D9A3DDB38AE91ED8C27ADA002 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154495.roa Signing time: Sat 02 May 2026 08:35:04 +0000 ROA not before: Sat 02 May 2026 08:30:04 +0000 ROA not after: Sat 01 May 2027 08:35:04 +0000 asID: 154495 IP address blocks: 2001:df6:9840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:ae:ad:53:96:c2:97:5d:9a:3d:db:38:ae:91:ed:8c:27:ad:a0:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:30:04 2026 GMT Not After : May 1 08:35:04 2027 GMT Subject: CN=B3619A7D52495520BD838947F1707424AF2C507C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:4b:bf:66:bc:0a:ac:fe:4c:bb:d4:cf:0c:7b: 49:bc:e1:7e:ce:f8:56:b9:1e:fc:45:f4:c2:97:f6: b5:1a:08:26:7e:b2:4f:5f:4f:10:22:4d:db:98:20: aa:cc:72:2d:32:9c:60:27:01:f3:4d:5e:4a:fe:e8: 31:ab:0b:f3:c0:e1:dc:92:a9:70:99:80:16:b9:6a: 42:ae:c2:fe:43:6e:27:96:7e:b5:af:66:01:03:dd: f8:2a:4a:20:18:53:af:02:f0:94:f9:4c:87:ad:dc: 62:98:6d:c9:6a:e4:f2:a6:64:67:f7:01:de:7d:d8: 8b:34:dc:0e:1e:1e:0d:79:b1:32:ff:97:f3:44:c0: e7:90:eb:cc:ed:80:18:46:d5:99:4f:2b:06:7f:74: a3:aa:f9:3b:31:a5:d1:1e:a0:5a:7b:55:2c:7f:3e: 10:01:9d:07:e9:6f:c5:1d:a2:f9:5a:fc:6a:c5:2f: c5:b4:9b:04:8a:20:a5:00:0c:e9:e9:59:d3:8a:a6: 63:0f:a7:da:d6:d0:73:05:c2:f3:b1:d5:df:ea:0b: 27:cc:eb:ca:c0:f3:a7:69:f0:a7:34:af:3a:bc:16: d5:d2:ca:f9:9a:b6:98:24:31:4a:21:66:65:5b:46: ba:68:81:8a:4b:7a:66:80:c9:99:9f:22:ff:2a:ce: 54:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:61:9A:7D:52:49:55:20:BD:83:89:47:F1:70:74:24:AF:2C:50:7C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154495.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:9840::/48 Signature Algorithm: sha256WithRSAEncryption 94:e3:37:48:64:0e:be:a5:da:99:4c:16:43:b2:e1:eb:14:ae: 59:6d:80:27:af:ea:cf:fa:d1:0b:e8:ed:df:74:34:cd:33:37: bd:54:fb:b7:70:2e:4f:e2:ff:43:6f:86:44:df:8f:c0:aa:cb: 5a:fd:8f:73:21:78:5b:d7:7a:dd:aa:8d:2a:60:eb:8b:c3:24: d1:33:a8:e4:b3:9b:34:8b:0a:db:5e:01:bf:8b:86:f4:09:4a: 8f:55:2b:1d:b4:bb:4a:ae:24:77:f9:37:7d:b8:c6:e1:bf:7e: 4f:61:32:f5:b4:6f:a6:b9:41:8e:87:ef:e5:9c:6c:7a:46:6b: fe:ad:0d:5b:4e:1a:b1:1d:05:00:0a:39:76:60:a5:df:86:72: 04:22:1d:9e:3a:6e:fd:7e:4f:05:cb:c3:fb:e7:87:a9:dd:be: 84:4f:69:a1:40:ec:c8:a5:04:48:69:94:ab:14:50:bb:97:0a: 83:d0:fd:a2:1c:fa:ed:fb:79:d3:e9:ad:ea:b2:5c:11:70:58: ae:71:e9:7a:c8:6d:cb:95:68:ea:e4:40:64:f2:e4:4d:df:37: 05:12:50:45:57:75:97:37:e0:9f:60:31:a8:8a:1b:53:5b:78: 32:6b:a0:71:47:d4:7f:52:d1:82:64:4e:8b:26:28:57:60:ba: 42:ac:fc:c8 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUL66tU5bCl12aPds4rpHtjCetoAIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzAwNFoX DTI3MDUwMTA4MzUwNFowMzExMC8GA1UEAxMoQjM2MTlBN0Q1MjQ5NTUyMEJEODM4 OTQ3RjE3MDc0MjRBRjJDNTA3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIdLv2a8Cqz+TLvUzwx7Sbzhfs74Vrke/EX0wpf2tRoIJn6yT19PECJN25gg qsxyLTKcYCcB801eSv7oMasL88Dh3JKpcJmAFrlqQq7C/kNuJ5Z+ta9mAQPd+CpK IBhTrwLwlPlMh63cYphtyWrk8qZkZ/cB3n3YizTcDh4eDXmxMv+X80TA55DrzO2A GEbVmU8rBn90o6r5OzGl0R6gWntVLH8+EAGdB+lvxR2i+Vr8asUvxbSbBIogpQAM 6elZ04qmYw+n2tbQcwXC87HV3+oLJ8zrysDzp2nwpzSvOrwW1dLK+Zq2mCQxSiFm ZVtGumiBikt6ZoDJmZ8i/yrOVGsCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSzYZp9 UklVIL2DiUfxcHQkryxQfDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NDk1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9phAMA0GCSqGSIb3DQEBCwUAA4IBAQCU4zdIZA6+pdqZTBZDsuHr FK5ZbYAnr+rP+tEL6O3fdDTNMze9VPu3cC5P4v9Db4ZE34/Aqsta/Y9zIXhb13rd qo0qYOuLwyTRM6jks5s0iwrbXgG/i4b0CUqPVSsdtLtKriR3+Td9uMbhv35PYTL1 tG+muUGOh+/lnGx6Rmv+rQ1bThqxHQUACjl2YKXfhnIEIh2eOm79fk8Fy8P754ep 3b6ET2mhQOzIpQRIaZSrFFC7lwqD0P2iHPrt+3nT6a3qslwRcFiucel6yG3LlWjq 5EBk8uRN3zcFElBFV3WXN+CfYDGoihtTW3gya6BxR9R/UtGCZE6LJihXYLpCrPzI -----END CERTIFICATE-----Generated at Sun May 3 00:39:41 2026 by rpki-client