$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS151991.roa File: AS151991.roa (raw, json) Hash identifier: 5tH3GXJDcSnimEwnXUrLF2MJmnDsLR3PVaMVlZkI5fE= Subject key identifier: AD:7B:8E:65:DC:75:41:00:5A:E4:CA:1E:2B:D2:00:86:B4:BD:AB:A9 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 54956D0C656A9191E371E9CDFE5A4E606AED506F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151991.roa Signing time: Sun 03 May 2026 04:30:12 +0000 ROA not before: Sun 03 May 2026 04:25:12 +0000 ROA not after: Sun 02 May 2027 04:30:12 +0000 asID: 151991 IP address blocks: 2001:df5:2540::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:95:6d:0c:65:6a:91:91:e3:71:e9:cd:fe:5a:4e:60:6a:ed:50:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 04:25:12 2026 GMT Not After : May 2 04:30:12 2027 GMT Subject: CN=AD7B8E65DC7541005AE4CA1E2BD20086B4BDABA9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:1c:28:57:6e:f1:1d:e7:8a:34:2b:58:8c:96: 7a:50:5e:9e:be:aa:1a:5e:90:3d:2a:43:cb:75:90: 2b:6f:ce:93:2b:9b:04:32:05:27:d7:d7:ef:a8:07: a3:7e:5b:0e:05:d4:99:b1:14:39:76:6a:c9:aa:50: f7:5c:36:dd:03:66:d2:4e:00:c5:9e:56:d3:b1:e9: 9c:9e:fd:9e:f2:b7:e0:79:67:f6:f5:8f:d5:1a:3c: c5:0b:2e:8f:a6:1a:30:2e:d3:ee:a0:b3:1b:3e:cc: 13:58:07:cd:f0:77:8c:0f:83:ba:a3:f4:0b:b6:ef: d6:63:bb:4e:be:b9:fa:69:1a:7f:02:b0:61:a1:af: b7:39:c2:92:9d:d3:bd:1a:3d:5e:66:e3:35:7c:0b: 1b:c8:cd:71:b4:77:ee:03:4c:d3:19:41:f1:b3:5a: 53:0c:59:03:23:94:57:3b:af:1c:00:c5:a4:ad:c2: 18:3c:81:93:ac:1d:90:bf:1f:3d:c6:c6:fe:1d:45: 84:6a:9e:71:25:4a:69:48:fd:d7:d6:93:4e:4e:99: 9b:b0:45:95:5f:9a:b0:3c:a2:9b:d1:cd:a1:76:01: 9b:35:e7:fe:96:5a:1e:4a:71:07:ee:03:46:38:2b: 8e:5c:47:5e:72:cd:b6:c2:84:3e:70:02:46:6d:25: e8:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:7B:8E:65:DC:75:41:00:5A:E4:CA:1E:2B:D2:00:86:B4:BD:AB:A9 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS151991.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:2540::/48 Signature Algorithm: sha256WithRSAEncryption 73:6c:3d:68:52:3e:d0:c1:37:f5:77:22:ae:fb:34:d1:18:78: 96:f1:c9:1c:be:83:75:a4:a0:5c:5a:30:fc:d9:c3:41:2d:d5: 27:ad:0a:7c:fb:f4:a0:85:c1:47:21:88:94:18:2c:89:3a:26: 88:09:ad:8f:fa:4d:e5:f6:4a:14:29:2d:b1:c0:4f:34:09:98: 0f:0a:09:8e:d1:12:1c:f0:c9:8e:86:f3:47:c4:33:4f:c4:43: 0d:8e:9a:7f:1b:d3:b2:e6:2d:35:63:f9:7a:48:4f:b8:2f:2e: fc:e2:9b:44:b7:a2:31:18:08:00:69:04:b2:75:49:32:4b:3f: bb:4c:d2:24:93:48:8e:1c:ec:51:5c:78:2a:bd:b9:bf:2b:68: 2e:9f:24:84:60:1a:11:89:9a:f9:f5:30:72:21:8b:8b:88:d4: 02:d0:bb:5e:f9:63:53:52:83:ec:7d:98:9c:52:88:31:41:a2: 70:57:b2:da:9c:1c:63:5a:e6:e7:41:0e:bc:f8:c6:01:6e:d5: 96:b2:e9:75:fb:c3:bb:53:35:08:b5:db:d8:04:d1:4d:69:21: 82:b7:26:e6:dc:c9:62:eb:18:4c:ca:af:99:c9:11:90:48:fb: 29:08:0a:62:26:22:e7:30:49:5d:a4:2a:74:32:cf:0b:40:31: 81:22:42:25 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUVJVtDGVqkZHjcenN/lpOYGrtUG8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA0MjUxMloX DTI3MDUwMjA0MzAxMlowMzExMC8GA1UEAxMoQUQ3QjhFNjVEQzc1NDEwMDVBRTRD QTFFMkJEMjAwODZCNEJEQUJBOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKAcKFdu8R3nijQrWIyWelBenr6qGl6QPSpDy3WQK2/OkyubBDIFJ9fX76gH o35bDgXUmbEUOXZqyapQ91w23QNm0k4AxZ5W07HpnJ79nvK34Hln9vWP1Ro8xQsu j6YaMC7T7qCzGz7ME1gHzfB3jA+DuqP0C7bv1mO7Tr65+mkafwKwYaGvtznCkp3T vRo9XmbjNXwLG8jNcbR37gNM0xlB8bNaUwxZAyOUVzuvHADFpK3CGDyBk6wdkL8f PcbG/h1FhGqecSVKaUj919aTTk6Zm7BFlV+asDyim9HNoXYBmzXn/pZaHkpxB+4D RjgrjlxHXnLNtsKEPnACRm0l6K0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSte45l 3HVBAFrkyh4r0gCGtL2rqTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUxOTkxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9SVAMA0GCSqGSIb3DQEBCwUAA4IBAQBzbD1oUj7QwTf1dyKu+zTR GHiW8ckcvoN1pKBcWjD82cNBLdUnrQp8+/SghcFHIYiUGCyJOiaICa2P+k3l9koU KS2xwE80CZgPCgmO0RIc8MmOhvNHxDNPxEMNjpp/G9Oy5i01Y/l6SE+4Ly784ptE t6IxGAgAaQSydUkySz+7TNIkk0iOHOxRXHgqvbm/K2gunySEYBoRiZr59TByIYuL iNQC0Lte+WNTUoPsfZicUogxQaJwV7LanBxjWubnQQ68+MYBbtWWsul1+8O7UzUI tdvYBNFNaSGCtybm3Mli6xhMyq+ZyRGQSPspCApiJiLnMEldpCp0Ms8LQDGBIkIl -----END CERTIFICATE-----Generated at Tue May 12 22:56:08 2026 by rpki-client