$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154509.roa File: AS154509.roa (raw, json) Hash identifier: Qttm35emKKzyOBnXAJQfDJraMdZBxzWXFPy9nyKyvIw= Subject key identifier: C8:09:D4:E8:70:87:A5:94:F8:E6:75:47:0B:6A:3D:3B:0D:3A:15:C6 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0CCE1DBF23FB1D81B7188913857C2F2AFFDFDA5C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154509.roa Signing time: Sat 02 May 2026 08:36:10 +0000 ROA not before: Sat 02 May 2026 08:31:10 +0000 ROA not after: Sat 01 May 2027 08:36:10 +0000 asID: 154509 IP address blocks: 2001:df6:b640::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:ce:1d:bf:23:fb:1d:81:b7:18:89:13:85:7c:2f:2a:ff:df:da:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 08:31:10 2026 GMT Not After : May 1 08:36:10 2027 GMT Subject: CN=C809D4E87087A594F8E675470B6A3D3B0D3A15C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:93:73:c2:9c:1e:66:0e:fd:ac:4a:f6:23:f0: 29:71:47:71:c4:1d:80:ed:8f:0b:ca:bb:76:8f:3f: f6:86:ba:64:40:47:e3:3f:94:bc:d0:b9:e0:34:0c: b7:74:ba:2d:79:3b:d2:1c:da:8f:fd:ed:e4:79:94: a1:f1:30:2d:31:0e:0a:90:e0:f4:32:42:15:f9:e2: bf:ab:cc:36:17:89:cb:6e:a7:07:a7:64:df:94:47: 53:41:f0:10:8c:0f:5b:a1:4b:14:5f:2a:78:7c:dd: 28:e8:6a:be:92:ca:b9:95:85:39:94:9b:86:83:1f: c9:ff:71:30:ee:86:43:84:6d:82:2a:c2:a5:49:31: 2a:18:54:3e:0d:4c:e3:fa:d8:5e:46:76:83:da:6c: c6:62:e9:98:dd:59:69:71:6c:39:24:db:c9:88:e5: dd:85:a6:ab:55:b9:59:45:f5:a0:ba:d0:e0:a9:9d: 7a:6f:5e:3e:c8:2b:8e:65:2d:b2:3f:a4:2d:d6:73: 85:8d:16:c3:a3:2b:51:ec:2e:c6:50:24:6d:16:cb: 7f:c9:a6:9d:49:17:20:36:73:e4:f5:a3:37:64:86: 43:8d:7b:6b:5b:43:c1:18:09:14:84:cd:e8:66:8b: 0a:3d:60:be:b8:00:a3:79:10:9e:85:21:a1:eb:95: 27:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:09:D4:E8:70:87:A5:94:F8:E6:75:47:0B:6A:3D:3B:0D:3A:15:C6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:b640::/48 Signature Algorithm: sha256WithRSAEncryption 42:cb:68:58:5a:a2:e6:10:3f:8d:73:b7:b4:fc:77:9f:8a:13: 06:9b:e1:3a:d8:66:19:fa:3e:f8:6f:65:3e:46:4d:1e:fb:11: 61:eb:91:f3:43:5f:b7:7e:c4:d8:af:3f:8f:41:f9:d0:3b:d3: b1:a8:72:fa:78:80:13:e3:fd:6d:3e:7b:91:f1:a8:c0:f9:64: 3a:92:89:1a:4c:11:5a:1c:01:11:ce:b8:74:ea:ba:4b:d4:48: 88:e8:a6:d3:e8:03:3a:93:8b:32:5f:ff:fd:be:c7:2a:cd:52: 9e:4d:f5:a7:7f:7c:d6:cb:02:7b:85:0d:ca:c6:49:71:ea:77: ab:ad:5e:2a:82:7f:96:77:3c:9e:31:f7:b8:09:cd:e6:aa:b4: e9:0c:05:8a:0c:4d:f9:71:10:45:27:fe:0a:7f:16:bd:a6:65: 38:70:eb:75:dc:df:c9:bd:b6:36:3b:68:77:17:c5:de:de:33: dd:93:a0:51:32:0c:9c:6a:b8:be:f3:42:7e:cf:3e:a1:d9:bc: 84:ef:51:87:e4:59:63:96:67:2e:62:7d:6c:72:cc:9f:b4:81: cf:b6:76:bf:b3:90:af:f0:e6:9b:2e:36:4b:78:4b:90:e2:04: 47:cd:48:9e:e6:f9:bc:0a:fc:4e:97:7d:a9:a8:0d:9b:01:c3: a7:23:e7:56 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUDM4dvyP7HYG3GIkThXwvKv/f2lwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA4MzExMFoX DTI3MDUwMTA4MzYxMFowMzExMC8GA1UEAxMoQzgwOUQ0RTg3MDg3QTU5NEY4RTY3 NTQ3MEI2QTNEM0IwRDNBMTVDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMeTc8KcHmYO/axK9iPwKXFHccQdgO2PC8q7do8/9oa6ZEBH4z+UvNC54DQM t3S6LXk70hzaj/3t5HmUofEwLTEOCpDg9DJCFfniv6vMNheJy26nB6dk35RHU0Hw EIwPW6FLFF8qeHzdKOhqvpLKuZWFOZSbhoMfyf9xMO6GQ4RtgirCpUkxKhhUPg1M 4/rYXkZ2g9psxmLpmN1ZaXFsOSTbyYjl3YWmq1W5WUX1oLrQ4Kmdem9ePsgrjmUt sj+kLdZzhY0Ww6MrUewuxlAkbRbLf8mmnUkXIDZz5PWjN2SGQ417a1tDwRgJFITN 6GaLCj1gvrgAo3kQnoUhoeuVJ98CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBTICdTo cIellPjmdUcLaj07DToVxjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NTA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9rZAMA0GCSqGSIb3DQEBCwUAA4IBAQBCy2hYWqLmED+Nc7e0/Hef ihMGm+E62GYZ+j74b2U+Rk0e+xFh65HzQ1+3fsTYrz+PQfnQO9OxqHL6eIAT4/1t PnuR8ajA+WQ6kokaTBFaHAERzrh06rpL1EiI6KbT6AM6k4syX//9vscqzVKeTfWn f3zWywJ7hQ3Kxklx6nerrV4qgn+WdzyeMfe4Cc3mqrTpDAWKDE35cRBFJ/4Kfxa9 pmU4cOt13N/JvbY2O2h3F8Xe3jPdk6BRMgycari+80J+zz6h2byE71GH5Fljlmcu Yn1scsyftIHPtna/s5Cv8OabLjZLeEuQ4gRHzUie5vm8CvxOl32pqA2bAcOnI+dW -----END CERTIFICATE-----Generated at Sun May 3 01:44:05 2026 by rpki-client