$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS151586.roa File: AS151586.roa (raw, json) Hash identifier: /k+u2XFOXRg4wGrck2IIEV2Bz7PtQwhQxYVlnE/VYpU= Subject key identifier: 9D:A7:0D:38:43:6D:AA:69:C5:C2:D6:01:7A:F8:22:5E:C1:21:C3:25 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0267C4201380DFC675377648BBA99DA831564498 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151586.roa Signing time: Sun 03 May 2026 04:01:28 +0000 ROA not before: Sun 03 May 2026 03:56:28 +0000 ROA not after: Sun 02 May 2027 04:01:28 +0000 asID: 151586 IP address blocks: 103.119.236.0/23 maxlen: 24 2001:df2:fe40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:67:c4:20:13:80:df:c6:75:37:76:48:bb:a9:9d:a8:31:56:44:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 03:56:28 2026 GMT Not After : May 2 04:01:28 2027 GMT Subject: CN=9DA70D38436DAA69C5C2D6017AF8225EC121C325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:91:eb:e0:a1:b3:a4:12:a7:ef:00:cc:b9:c7: c5:25:ab:4c:42:9e:02:89:8b:45:f7:85:b5:d8:c4: 7d:ea:d6:7a:05:00:3f:9e:31:c2:21:9a:9e:fa:3e: 11:ee:f7:c2:49:29:b8:28:15:27:d4:fa:03:52:2e: b8:89:6b:16:18:85:03:48:44:99:20:76:d6:fe:c4: f3:f1:9b:19:01:4e:11:ad:b4:c9:c1:69:b9:d7:cc: 65:a9:99:dd:6b:fd:8f:87:e8:8c:d5:b2:79:75:ce: 9b:37:59:bc:62:57:11:74:49:b5:6e:15:e6:5e:7e: db:a4:ae:b0:54:78:43:bc:b0:ec:24:3b:c9:e5:8a: 9d:60:a8:6d:ba:de:6a:bd:36:b3:c3:95:b1:b8:45: 5b:5f:88:6c:2f:63:26:ae:38:fa:63:81:ab:e8:b4: 5f:62:3b:ca:db:c1:ee:48:38:09:9b:0f:03:5b:26: 55:a8:cf:18:5f:f6:cc:07:9a:3a:67:d1:76:b9:5a: 12:15:5d:01:94:e3:f3:78:60:81:1a:cc:2f:cc:63: c0:78:d5:2c:72:58:8b:33:97:e8:8a:ba:b0:44:d2: cb:49:29:7b:92:19:07:bc:68:d6:b8:51:bb:94:cf: d4:30:00:d9:1e:37:07:4a:0d:03:02:56:0b:1e:a8: c8:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:A7:0D:38:43:6D:AA:69:C5:C2:D6:01:7A:F8:22:5E:C1:21:C3:25 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151586.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.119.236.0/23 IPv6: 2001:df2:fe40::/48 Signature Algorithm: sha256WithRSAEncryption 17:50:55:c6:c3:2f:93:eb:ef:78:7a:eb:b2:5f:6d:09:14:1d: 2a:35:d1:b3:d4:7f:7c:17:75:62:b9:34:a9:52:ff:a0:8f:3c: fe:c6:19:d6:f8:68:c3:4c:0f:5c:75:48:ac:4a:0e:45:3c:d5: 3f:a5:7f:a0:44:eb:5a:3f:b6:b8:c6:b7:6b:b8:c2:49:96:d8: 75:73:7c:d1:6b:a4:64:72:a2:01:b3:9a:6b:9e:a7:8c:f6:89: 27:36:b8:74:65:02:6b:46:16:ea:fe:56:4d:67:1c:2c:50:a8: f4:b3:6e:8a:8f:17:cc:46:68:38:fa:27:37:f0:e8:0b:50:fb: dd:eb:ca:c5:1c:01:9c:49:8a:98:6e:88:05:79:e5:78:fa:97: dd:56:2e:be:21:4b:fe:c6:41:df:21:1e:3c:60:8b:2c:1e:e5: 61:c2:ca:ff:f9:a3:73:ea:e6:15:22:a2:b8:7e:08:8d:6f:81: f8:44:af:10:53:85:4e:ed:eb:82:de:44:a7:0c:d5:12:b3:c8: 02:07:6c:69:63:71:fa:a3:49:2e:e0:09:0c:64:8f:5e:3c:ff: 5f:6c:09:dd:13:08:00:71:e7:35:a3:60:db:a4:ba:00:4d:c2: 98:72:5b:7c:c5:8b:c5:8a:af:93:0e:3e:98:d4:98:65:b3:40: 72:16:f3:76 -----BEGIN CERTIFICATE----- MIIE6jCCA9KgAwIBAgIUAmfEIBOA38Z1N3ZIu6mdqDFWRJgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAzNTYyOFoX DTI3MDUwMjA0MDEyOFowMzExMC8GA1UEAxMoOURBNzBEMzg0MzZEQUE2OUM1QzJE NjAxN0FGODIyNUVDMTIxQzMyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWR6+Chs6QSp+8AzLnHxSWrTEKeAomLRfeFtdjEferWegUAP54xwiGanvo+ Ee73wkkpuCgVJ9T6A1IuuIlrFhiFA0hEmSB21v7E8/GbGQFOEa20ycFpudfMZamZ 3Wv9j4fojNWyeXXOmzdZvGJXEXRJtW4V5l5+26SusFR4Q7yw7CQ7yeWKnWCobbre ar02s8OVsbhFW1+IbC9jJq44+mOBq+i0X2I7ytvB7kg4CZsPA1smVajPGF/2zAea OmfRdrlaEhVdAZTj83hggRrML8xjwHjVLHJYizOX6Iq6sETSy0kpe5IZB7xo1rhR u5TP1DAA2R43B0oNAwJWCx6oyJsCAwEAAaOCAd0wggHZMB0GA1UdDgQWBBSdpw04 Q22qacXC1gF6+CJewSHDJTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUxNTg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIA ATAGAwQBZ3fsMA8EAgACMAkDBwAgAQ3y/kAwDQYJKoZIhvcNAQELBQADggEBABdQ VcbDL5Pr73h667JfbQkUHSo10bPUf3wXdWK5NKlS/6CPPP7GGdb4aMNMD1x1SKxK DkU81T+lf6BE61o/trjGt2u4wkmW2HVzfNFrpGRyogGzmmuep4z2iSc2uHRlAmtG Fur+Vk1nHCxQqPSzboqPF8xGaDj6Jzfw6AtQ+93rysUcAZxJiphuiAV55Xj6l91W Lr4hS/7GQd8hHjxgiywe5WHCyv/5o3Pq5hUiorh+CI1vgfhErxBThU7t64LeRKcM 1RKzyAIHbGljcfqjSS7gCQxkj148/19sCd0TCABx5zWjYNukugBNwphyW3zFi8WK r5MOPpjUmGWzQHIW83Y= -----END CERTIFICATE-----Generated at Tue May 12 22:43:11 2026 by rpki-client