$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154574.roa File: AS154574.roa (raw, json) Hash identifier: g1jRaqloivqYsN4IGS1teUlsL7zatnDOsYJi/+rlxec= Subject key identifier: 89:E3:B4:E1:BC:7D:1F:7F:32:A6:3A:8C:FC:14:AF:1F:B3:5C:CD:2F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7A48A76CE624C0A679F1DDD7750252C3F1E2AEA2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154574.roa Signing time: Sat 02 May 2026 09:26:55 +0000 ROA not before: Sat 02 May 2026 09:21:55 +0000 ROA not after: Sat 01 May 2027 09:26:55 +0000 asID: 154574 IP address blocks: 163.128.88.0/23 maxlen: 24 2001:df6:d740::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:48:a7:6c:e6:24:c0:a6:79:f1:dd:d7:75:02:52:c3:f1:e2:ae:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:55 2026 GMT Not After : May 1 09:26:55 2027 GMT Subject: CN=89E3B4E1BC7D1F7F32A63A8CFC14AF1FB35CCD2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:56:9d:35:43:77:ee:39:c1:01:da:78:ce:77: c1:cf:1d:d6:29:80:f0:0f:48:3d:0a:65:e9:cc:ad: 7b:bc:23:60:f1:ab:8e:a5:82:6f:9f:b8:89:aa:1a: 71:53:82:2c:70:be:4a:b7:04:a8:a7:32:1e:16:79: 43:34:6d:de:bf:f1:cf:aa:7f:6b:be:2e:a8:41:c2: 64:11:1c:e6:95:43:09:3e:dd:85:11:ef:d5:90:fb: af:11:49:a3:83:47:8d:43:a8:da:a2:78:44:d5:f0: 04:6f:b7:42:b0:a6:36:66:b4:3e:bd:0e:12:69:38: 0d:2a:1a:e9:91:53:2a:c0:ec:a2:eb:c0:fc:ef:40: 2b:75:13:3a:69:f3:29:3c:8d:03:d4:5b:b5:02:3a: c8:91:9f:ad:86:83:e9:07:df:50:ef:74:1a:e2:5b: 83:14:f2:f0:8c:17:2e:d9:79:4b:88:15:a0:ee:19: 20:ff:f4:78:4a:87:96:41:f2:43:65:ce:59:94:51: 9c:3b:76:17:4a:46:bf:24:be:56:53:8d:0d:9d:e4: 34:38:eb:5c:0a:b5:4d:ce:4e:b3:26:cc:ef:b8:d0: c2:59:47:94:1e:35:ad:b6:98:d7:2d:5b:fe:3b:b5: 26:69:43:c0:51:ef:23:23:f2:b9:85:e1:41:01:6f: 60:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E3:B4:E1:BC:7D:1F:7F:32:A6:3A:8C:FC:14:AF:1F:B3:5C:CD:2F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154574.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.128.88.0/23 IPv6: 2001:df6:d740::/48 Signature Algorithm: sha256WithRSAEncryption 17:b8:3f:e4:1a:34:68:8e:97:80:52:7b:93:6c:c0:16:95:f4: af:04:dc:09:35:35:06:a3:5a:2b:6d:56:62:22:6d:14:74:2d: 1e:7d:fe:37:ca:b8:e7:c6:c5:97:d8:cb:86:97:65:e9:c6:3e: ea:4a:7b:f5:95:c2:b1:38:8b:02:db:d2:98:7f:50:b8:7b:3c: fc:0d:56:c0:57:8a:be:40:e3:1c:51:8d:68:19:31:01:a1:ac: 59:71:11:60:fe:72:2b:c8:43:67:86:fb:2b:94:36:0b:89:aa: 3b:d2:e7:6d:66:a5:62:df:07:6f:6b:c9:2e:ee:55:79:47:78: f0:f2:3a:14:e9:eb:69:01:ce:9c:fc:f6:05:65:3c:c0:dd:3f: 45:77:71:b7:be:5a:c6:84:18:97:60:9c:25:d8:34:2e:06:d2: 97:56:a9:33:40:2d:74:1f:d7:b6:9d:03:f6:77:51:c0:91:6f: 25:9c:8a:04:58:e0:c8:f8:36:c2:ef:b3:7f:43:20:5c:63:0e: f6:26:49:f6:f8:0c:65:16:85:13:a7:bc:cf:a8:8b:d7:41:ec: 97:4f:ed:0f:c4:d3:f2:36:e9:0d:42:33:84:82:fa:2b:81:b3: d4:ba:20:64:cb:29:7d:9b:77:76:39:a0:31:df:9e:08:c0:73: c3:46:eb:f6 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUekinbOYkwKZ58d3XdQJSw/HirqIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjE1NVoX DTI3MDUwMTA5MjY1NVowMzExMC8GA1UEAxMoODlFM0I0RTFCQzdEMUY3RjMyQTYz QThDRkMxNEFGMUZCMzVDQ0QyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhWnTVDd+45wQHaeM53wc8d1imA8A9IPQpl6cyte7wjYPGrjqWCb5+4iaoa cVOCLHC+SrcEqKcyHhZ5QzRt3r/xz6p/a74uqEHCZBEc5pVDCT7dhRHv1ZD7rxFJ o4NHjUOo2qJ4RNXwBG+3QrCmNma0Pr0OEmk4DSoa6ZFTKsDsouvA/O9AK3UTOmnz KTyNA9RbtQI6yJGfrYaD6QffUO90GuJbgxTy8IwXLtl5S4gVoO4ZIP/0eEqHlkHy Q2XOWZRRnDt2F0pGvyS+VlONDZ3kNDjrXAq1Tc5OsybM77jQwllHlB41rbaY1y1b /ju1JmlDwFHvIyPyuYXhQQFvYHUCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBSJ47Th vH0ffzKmOoz8FK8fs1zNLzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NTc0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBo4BYMA8EAgACMAkDBwAgAQ3210AwDQYJKoZIhvcNAQELBQADggEBABe4 P+QaNGiOl4BSe5NswBaV9K8E3Ak1NQajWittVmIibRR0LR59/jfKuOfGxZfYy4aX ZenGPupKe/WVwrE4iwLb0ph/ULh7PPwNVsBXir5A4xxRjWgZMQGhrFlxEWD+civI Q2eG+yuUNguJqjvS521mpWLfB29ryS7uVXlHePDyOhTp62kBzpz89gVlPMDdP0V3 cbe+WsaEGJdgnCXYNC4G0pdWqTNALXQf17adA/Z3UcCRbyWcigRY4Mj4NsLvs39D IFxjDvYmSfb4DGUWhROnvM+oi9dB7JdP7Q/E0/I26Q1CM4SC+iuBs9S6IGTLKX2b d3Y5oDHfngjAc8NG6/Y= -----END CERTIFICATE-----Generated at Sun May 3 00:39:42 2026 by rpki-client