$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154520.roa File: AS154520.roa (raw, json) Hash identifier: 4hRZfZ6mLCDRANFYlB8ZWPaDrMdVLhP3PCkVLm+/ols= Subject key identifier: 39:96:4A:D3:4C:24:27:9A:8B:4A:94:D5:A5:95:B3:34:51:28:12:86 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 024222A4EF6C84CE10E36C18E0F3F26C50CEF8E7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154520.roa Signing time: Sat 02 May 2026 09:27:05 +0000 ROA not before: Sat 02 May 2026 09:22:05 +0000 ROA not after: Sat 01 May 2027 09:27:05 +0000 asID: 154520 IP address blocks: 2001:df6:c2c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:42:22:a4:ef:6c:84:ce:10:e3:6c:18:e0:f3:f2:6c:50:ce:f8:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:05 2026 GMT Not After : May 1 09:27:05 2027 GMT Subject: CN=39964AD34C24279A8B4A94D5A595B33451281286 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7b:40:ab:1d:a1:c4:59:59:b0:e5:57:b2:6e: 48:d2:a3:4a:86:12:f7:bc:3b:4c:e6:4a:d7:07:d8: 21:12:19:85:c3:1c:b5:1f:44:1b:a1:c0:b5:7d:b2: d6:3d:4f:dc:64:dd:53:5a:40:2c:f7:c0:02:2e:ef: 82:18:bf:28:3b:1f:73:67:d1:8c:cf:0c:b8:69:ee: 8a:15:ea:67:09:fb:58:09:f7:74:35:bc:d2:3f:e8: 3b:e0:b0:41:4f:a1:3a:f4:e3:f6:59:7b:6a:42:ee: 8d:36:6b:72:23:15:87:88:40:3e:f7:46:8e:e2:46: 8a:b1:64:95:b8:cc:b9:73:33:00:ce:d0:c9:01:ac: 27:06:c4:1a:ab:73:2a:7c:fc:f0:ba:0e:e1:10:bd: 12:2a:27:44:47:01:a8:ae:b2:64:5d:f6:7b:98:79: db:ed:68:c5:6a:bc:9d:08:10:ef:7c:35:74:03:66: ae:c8:b7:ba:68:ca:aa:fd:cf:59:0b:4f:52:75:86: ef:ea:2f:d2:54:70:de:b1:3c:cf:1c:e8:4f:07:f5: 97:17:d7:cc:5c:34:c7:3c:0d:67:83:cb:2c:87:20: 85:dd:d6:08:62:79:ff:bd:56:ac:a0:48:5f:c7:2f: b6:d5:34:4c:a3:bb:61:91:0b:4a:4a:e2:06:5b:83: c2:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:96:4A:D3:4C:24:27:9A:8B:4A:94:D5:A5:95:B3:34:51:28:12:86 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154520.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:c2c0::/48 Signature Algorithm: sha256WithRSAEncryption 05:a0:82:41:be:29:bf:65:91:d1:3a:6b:95:dd:a9:6b:62:24: e6:79:3a:49:99:2a:f2:8c:76:6c:1a:e7:c8:82:98:8a:bc:a3: fc:cd:08:8a:24:76:1f:38:da:4f:e0:a6:82:83:5d:c3:f3:8b: ac:d4:8b:c5:6b:40:e5:cc:ba:8c:6f:55:85:46:22:94:dd:57: ca:02:0f:64:88:56:65:89:a5:06:39:48:3e:92:5c:63:30:17: fa:11:c9:1e:c4:ca:f9:83:3e:7c:b7:59:a8:b7:9a:b4:00:c0: 9d:c2:8b:fb:49:57:47:66:fc:e0:7b:70:2f:5c:28:b9:3e:15: 94:0c:fa:6f:47:7d:be:f2:7c:90:f2:f4:28:e1:0c:01:8b:7a: be:4d:bc:2c:a6:68:71:59:52:00:be:82:cc:b1:11:9b:9c:7f: 75:26:a6:dd:42:22:7a:15:dc:0d:02:c5:aa:a3:db:3b:a4:eb: 1b:9d:1a:b3:66:56:96:52:98:a3:d2:af:fd:71:04:fe:e2:f0: b1:64:40:f7:a3:d3:76:b5:12:a5:5c:a1:e8:1d:77:18:6a:e8: ad:7e:10:ba:4b:2d:fc:ab:b9:4c:ca:b3:ba:d3:43:a8:b4:e1: 28:87:ec:12:84:7f:10:23:fb:53:ca:07:4f:ff:44:66:58:22: f5:d8:57:b4 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUAkIipO9shM4Q42wY4PPybFDO+OcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwNVoX DTI3MDUwMTA5MjcwNVowMzExMC8GA1UEAxMoMzk5NjRBRDM0QzI0Mjc5QThCNEE5 NEQ1QTU5NUIzMzQ1MTI4MTI4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKZ7QKsdocRZWbDlV7JuSNKjSoYS97w7TOZK1wfYIRIZhcMctR9EG6HAtX2y 1j1P3GTdU1pALPfAAi7vghi/KDsfc2fRjM8MuGnuihXqZwn7WAn3dDW80j/oO+Cw QU+hOvTj9ll7akLujTZrciMVh4hAPvdGjuJGirFklbjMuXMzAM7QyQGsJwbEGqtz Knz88LoO4RC9EionREcBqK6yZF32e5h52+1oxWq8nQgQ73w1dANmrsi3umjKqv3P WQtPUnWG7+ov0lRw3rE8zxzoTwf1lxfXzFw0xzwNZ4PLLIcghd3WCGJ5/71WrKBI X8cvttU0TKO7YZELSkriBluDwrkCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQ5lkrT TCQnmotKlNWllbM0USgShjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NTIwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9sLAMA0GCSqGSIb3DQEBCwUAA4IBAQAFoIJBvim/ZZHROmuV3alr YiTmeTpJmSryjHZsGufIgpiKvKP8zQiKJHYfONpP4KaCg13D84us1IvFa0DlzLqM b1WFRiKU3VfKAg9kiFZliaUGOUg+klxjMBf6EckexMr5gz58t1mot5q0AMCdwov7 SVdHZvzge3AvXCi5PhWUDPpvR32+8nyQ8vQo4QwBi3q+TbwspmhxWVIAvoLMsRGb nH91JqbdQiJ6FdwNAsWqo9s7pOsbnRqzZlaWUpij0q/9cQT+4vCxZED3o9N2tRKl XKHoHXcYauitfhC6Sy38q7lMyrO600OotOEoh+wShH8QI/tTygdP/0RmWCL12Fe0 -----END CERTIFICATE-----Generated at Sun May 3 01:40:41 2026 by rpki-client