$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS153131.roa File: AS153131.roa (raw, json) Hash identifier: XzVuLHXJB7iFs9ypQpsSHnfO//2t9SCtjOn08bNQHE0= Subject key identifier: 60:6B:71:25:01:96:D6:CD:E9:7A:14:F4:6E:78:D5:BD:D5:05:09:A7 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6DAE27372FD67AED705DCE723F6984B020444E80 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153131.roa Signing time: Sun 03 May 2026 08:13:59 +0000 ROA not before: Sun 03 May 2026 08:08:59 +0000 ROA not after: Sun 02 May 2027 08:13:59 +0000 asID: 153131 IP address blocks: 2001:df4:6b40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:ae:27:37:2f:d6:7a:ed:70:5d:ce:72:3f:69:84:b0:20:44:4e:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 08:08:59 2026 GMT Not After : May 2 08:13:59 2027 GMT Subject: CN=606B71250196D6CDE97A14F46E78D5BDD50509A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:13:0e:6b:93:af:fc:ab:84:d1:d9:bc:3c:2e: 82:57:8f:95:93:34:95:d0:03:f1:d4:43:81:62:4b: dc:70:d0:8e:bd:e9:af:b9:42:05:ad:b2:b5:a4:1a: eb:2b:ff:29:62:bf:1a:ea:94:52:0e:ca:64:3b:5f: 9d:67:ea:73:16:09:8b:ec:b7:a3:14:d8:65:f9:58: 5a:14:00:20:e3:29:a8:13:ef:10:35:0f:32:61:79: da:9f:b7:cf:20:82:83:7e:7b:83:6e:49:99:dd:c6: f0:51:54:74:c4:00:05:85:1b:7c:74:6f:e6:ac:f5: 61:3b:95:1a:39:04:e9:41:a6:99:22:b7:8d:1d:af: fb:da:99:86:0c:1d:8a:e4:5b:21:cb:10:4c:1a:46: a4:20:60:b8:6e:54:09:e3:a5:5b:b3:e3:22:7e:c9: 35:73:d0:e7:df:b3:a8:d6:e7:f4:7f:50:6d:1f:f2: 6c:e1:7b:7b:45:bd:f3:e1:ab:e0:3a:41:8d:1c:aa: e1:5f:83:d7:3d:56:c4:78:6b:db:52:0e:37:e6:bb: a7:fa:46:44:17:cf:c5:5d:e1:b1:73:f8:a3:16:c1: ab:60:5c:5f:53:5c:99:eb:cb:8f:69:30:71:f6:8a: 96:d4:9b:5f:53:81:d7:37:88:1c:4f:e8:78:7f:9e: 1e:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:6B:71:25:01:96:D6:CD:E9:7A:14:F4:6E:78:D5:BD:D5:05:09:A7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS153131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:6b40::/48 Signature Algorithm: sha256WithRSAEncryption 04:f8:c9:b7:42:00:59:59:ca:04:f9:10:72:67:9c:80:bc:14: db:8d:b3:db:34:24:88:81:e2:6f:c3:fd:e0:a9:47:ad:4c:d9: 5a:cc:8f:4b:73:56:12:0c:eb:3b:e0:0f:6a:f0:26:43:b0:fb: 87:70:d7:69:95:f4:49:65:f9:a4:77:9b:75:42:a6:da:25:2a: 30:bf:ec:c9:7b:c5:85:e8:98:32:ad:1c:21:d1:de:9d:9f:b8: 37:83:21:a0:7b:f2:af:ed:00:fa:41:3b:9f:15:38:a5:81:43: db:5d:85:a8:fe:38:87:e8:87:bf:7e:fd:87:29:f4:04:30:6d: 97:60:61:e5:71:0b:08:c8:b2:f6:ab:87:28:42:36:a2:69:eb: 97:23:56:9f:c3:f6:05:15:58:cd:47:09:6e:a6:56:8c:a2:b9: f7:d4:24:14:91:ed:14:f5:f8:81:1d:cf:0d:a7:64:48:f8:cc: 93:45:73:13:92:35:bf:bf:f5:42:95:21:03:38:67:59:62:85: f7:c8:00:da:c6:b9:57:b9:cf:e6:3c:86:83:6d:b9:0d:0f:7b: 86:68:11:f3:66:cd:f8:88:97:01:9b:fd:75:53:47:b7:6a:71: ca:a0:b0:8e:85:e6:e0:a8:01:38:fe:6d:cb:37:80:3b:6b:9b: ea:22:e2:69 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUba4nNy/Weu1wXc5yP2mEsCBEToAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzA4MDg1OVoX DTI3MDUwMjA4MTM1OVowMzExMC8GA1UEAxMoNjA2QjcxMjUwMTk2RDZDREU5N0Ex NEY0NkU3OEQ1QkRENTA1MDlBNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKATDmuTr/yrhNHZvDwuglePlZM0ldAD8dRDgWJL3HDQjr3pr7lCBa2ytaQa 6yv/KWK/GuqUUg7KZDtfnWfqcxYJi+y3oxTYZflYWhQAIOMpqBPvEDUPMmF52p+3 zyCCg357g25Jmd3G8FFUdMQABYUbfHRv5qz1YTuVGjkE6UGmmSK3jR2v+9qZhgwd iuRbIcsQTBpGpCBguG5UCeOlW7PjIn7JNXPQ59+zqNbn9H9QbR/ybOF7e0W98+Gr 4DpBjRyq4V+D1z1WxHhr21ION+a7p/pGRBfPxV3hsXP4oxbBq2BcX1NcmevLj2kw cfaKltSbX1OB1zeIHE/oeH+eHrcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRga3El AZbWzel6FPRueNW91QUJpzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUzMTMxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9GtAMA0GCSqGSIb3DQEBCwUAA4IBAQAE+Mm3QgBZWcoE+RByZ5yA vBTbjbPbNCSIgeJvw/3gqUetTNlazI9Lc1YSDOs74A9q8CZDsPuHcNdplfRJZfmk d5t1QqbaJSowv+zJe8WF6JgyrRwh0d6dn7g3gyGge/Kv7QD6QTufFTilgUPbXYWo /jiH6Ie/fv2HKfQEMG2XYGHlcQsIyLL2q4coQjaiaeuXI1afw/YFFVjNRwluplaM orn31CQUke0U9fiBHc8Np2RI+MyTRXMTkjW/v/VClSEDOGdZYoX3yADaxrlXuc/m PIaDbbkND3uGaBHzZs34iJcBm/11U0e3anHKoLCOhebgqAE4/m3LN4A7a5vqIuJp -----END CERTIFICATE-----Generated at Tue May 12 22:43:36 2026 by rpki-client