$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS153101.roa File: AS153101.roa (raw, json) Hash identifier: /+NeZTrZnz76XGhuKSW10b9eX7yMvf/3Mkf6IeWNwdA= Subject key identifier: 88:F5:86:A9:36:6F:74:02:D2:89:A8:3F:FB:22:7A:D5:E6:2A:25:EB Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 68DE84D29967CE85A55439201CA573A4FBB55CEC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153101.roa Signing time: Sun 03 May 2026 05:55:14 +0000 ROA not before: Sun 03 May 2026 05:50:14 +0000 ROA not after: Sun 02 May 2027 05:55:14 +0000 asID: 153101 IP address blocks: 160.25.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:de:84:d2:99:67:ce:85:a5:54:39:20:1c:a5:73:a4:fb:b5:5c:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 05:50:14 2026 GMT Not After : May 2 05:55:14 2027 GMT Subject: CN=88F586A9366F7402D289A83FFB227AD5E62A25EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f6:36:61:c0:c4:2d:41:e7:0f:a1:a8:86:ab: 7b:9b:cd:57:73:99:e3:4e:67:65:71:97:81:c1:8c: 87:78:1f:30:22:7a:c2:a9:57:03:d5:9b:c5:6b:ca: e6:ba:80:51:76:76:91:e2:4f:8a:54:6a:5c:bb:c1: af:da:56:3b:15:6d:28:7a:51:30:ee:ff:d7:a6:bd: 2e:88:6d:7c:d0:e6:2a:dc:c5:3d:8a:ae:3f:2a:d5: ac:d2:42:c1:33:42:1b:43:53:7f:2a:cb:2e:bc:5c: 66:c1:50:9b:0e:44:52:8c:11:bf:6f:4f:71:0b:26: 4a:03:71:a1:d2:d2:d8:ba:bf:6e:cf:26:30:62:43: d6:ae:d7:af:10:fb:3b:40:37:42:fd:00:e7:d2:5d: 5a:c4:db:28:62:73:7f:e6:68:7c:ef:a1:30:5c:64: 8a:34:57:6b:b3:6c:53:81:9e:1f:cd:6f:04:7b:7b: 18:4b:a9:8a:c2:d2:b7:99:6d:7d:8e:5a:15:27:7b: 37:dc:a2:c6:8b:dd:33:00:3b:db:fa:aa:7e:aa:4b: 45:e3:e4:3a:ab:07:18:73:d7:7f:b1:21:70:95:52: e7:9c:d9:2c:44:f5:d0:2e:82:ed:c8:9d:08:3f:f6: 69:50:63:28:43:04:87:b3:dc:e7:52:38:b9:fc:52: 83:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:F5:86:A9:36:6F:74:02:D2:89:A8:3F:FB:22:7A:D5:E6:2A:25:EB X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS153101.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.152.0/24 Signature Algorithm: sha256WithRSAEncryption 90:37:9c:7d:5d:88:ac:34:64:4f:8d:39:85:3c:1d:d2:ea:a4: ce:07:58:69:c5:ef:f6:24:b2:83:7d:97:51:06:45:07:68:66: 4d:26:f1:a7:9c:98:c1:d2:68:77:6a:9d:04:16:d4:39:1f:83: dd:60:bd:76:2e:d2:09:3f:09:4f:46:0c:47:bf:00:aa:94:23: 4e:25:8f:4a:17:e6:76:d1:5d:d7:be:f3:4f:f5:2b:8b:94:1d: e3:de:9b:56:7f:e5:9a:5b:d1:ab:10:45:cb:4b:dc:0d:b5:af: 49:3a:8a:ab:df:75:de:63:42:e3:da:25:89:1d:ee:e7:91:c8: 08:ef:5a:a5:43:49:4b:5e:c6:14:71:8a:a4:f4:12:4d:4a:22: e1:fc:3b:c3:98:2c:9b:31:1e:69:0d:c6:2b:45:61:3d:b9:9d: f9:0e:1f:3d:d9:ad:73:c1:33:a9:66:2f:56:29:67:b0:00:1d: aa:f7:f3:37:19:eb:cc:aa:51:d2:67:d7:a2:5a:c9:b6:62:3b: e3:c3:4e:42:87:c5:b3:50:ee:e0:f6:7c:80:7c:f4:cc:3a:78: c2:8f:88:12:59:7b:ef:82:53:0e:30:c6:58:63:b8:d7:c9:be: 41:33:f3:72:2c:47:6c:40:36:56:21:eb:b0:2b:bb:b1:41:ec: 60:80:67:3a -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUaN6E0plnzoWlVDkgHKVzpPu1XOwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzA1NTAxNFoX DTI3MDUwMjA1NTUxNFowMzExMC8GA1UEAxMoODhGNTg2QTkzNjZGNzQwMkQyODlB ODNGRkIyMjdBRDVFNjJBMjVFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL72NmHAxC1B5w+hqIare5vNV3OZ405nZXGXgcGMh3gfMCJ6wqlXA9WbxWvK 5rqAUXZ2keJPilRqXLvBr9pWOxVtKHpRMO7/16a9LohtfNDmKtzFPYquPyrVrNJC wTNCG0NTfyrLLrxcZsFQmw5EUowRv29PcQsmSgNxodLS2Lq/bs8mMGJD1q7XrxD7 O0A3Qv0A59JdWsTbKGJzf+ZofO+hMFxkijRXa7NsU4GeH81vBHt7GEupisLSt5lt fY5aFSd7N9yixovdMwA72/qqfqpLRePkOqsHGHPXf7EhcJVS55zZLET10C6C7cid CD/2aVBjKEMEh7Pc51I4ufxSg7cCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSI9Yap Nm90AtKJqD/7InrV5iol6zAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUzMTAxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAoBmYMA0GCSqGSIb3DQEBCwUAA4IBAQCQN5x9XYisNGRPjTmFPB3S6qTO B1hpxe/2JLKDfZdRBkUHaGZNJvGnnJjB0mh3ap0EFtQ5H4PdYL12LtIJPwlPRgxH vwCqlCNOJY9KF+Z20V3XvvNP9SuLlB3j3ptWf+WaW9GrEEXLS9wNta9JOoqr33Xe Y0Lj2iWJHe7nkcgI71qlQ0lLXsYUcYqk9BJNSiLh/DvDmCybMR5pDcYrRWE9uZ35 Dh892a1zwTOpZi9WKWewAB2q9/M3GevMqlHSZ9eiWsm2Yjvjw05Ch8WzUO7g9nyA fPTMOnjCj4gSWXvvglMOMMZYY7jXyb5BM/NyLEdsQDZWIeuwK7uxQexggGc6 -----END CERTIFICATE-----Generated at Tue May 12 22:43:36 2026 by rpki-client