$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154628.roa File: AS154628.roa (raw, json) Hash identifier: tdDtVI26B/wkGFka6XItWGZVqtHnNiSU5kGx5hBYDoQ= Subject key identifier: 75:9D:DE:46:0D:72:EC:A8:EA:7E:51:C8:FF:06:EC:00:0B:63:F5:28 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3042A9B5337F70776077B612458323C7695A6B7F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154628.roa Signing time: Mon 04 May 2026 08:26:34 +0000 ROA not before: Mon 04 May 2026 08:21:34 +0000 ROA not after: Mon 03 May 2027 08:26:34 +0000 asID: 154628 IP address blocks: 103.173.163.0/24 maxlen: 24 163.128.183.0/24 maxlen: 24 2001:df6:e440::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:42:a9:b5:33:7f:70:77:60:77:b6:12:45:83:23:c7:69:5a:6b:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 4 08:21:34 2026 GMT Not After : May 3 08:26:34 2027 GMT Subject: CN=759DDE460D72ECA8EA7E51C8FF06EC000B63F528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:4d:ee:f5:8b:c7:12:60:c0:99:fa:0d:da:ae: cd:64:28:6e:46:77:bd:e4:1e:b6:37:1c:81:a7:82: 1e:70:60:a6:ae:ef:9d:9d:0e:68:57:1a:17:c5:bf: 45:1c:9c:f1:99:13:37:15:58:24:82:d3:aa:af:63: a8:c3:c7:4c:54:85:42:85:b8:a8:bd:4c:8d:27:ce: 55:29:fd:b9:e4:81:42:9f:33:95:48:9e:a7:21:ff: f8:70:32:b5:17:9c:44:f5:bd:2a:59:18:b1:4c:02: 6d:89:50:80:b8:d4:d9:00:e4:67:20:f9:1e:7c:74: 66:33:b1:4e:14:fe:be:1a:45:28:dc:a0:40:ec:52: 7c:e9:52:a3:0c:96:6f:29:38:8b:18:b6:be:6b:89: e9:de:0c:2d:3d:5e:24:f9:13:b0:5e:01:39:7a:55: c7:e6:0e:7e:02:e7:64:de:2a:59:1e:96:79:ff:8c: b2:43:55:c8:1c:d8:7d:fb:92:76:d9:cf:3d:5b:21: 76:55:3d:be:51:89:48:31:e5:ba:86:89:68:b7:a5: 1d:ef:b5:b3:fa:7d:5a:2f:f9:26:6b:a1:00:fa:51: 11:8c:80:53:43:97:c8:e3:b4:87:f8:16:59:db:27: 9a:e7:86:4f:35:0b:6f:ba:8b:f4:88:e3:78:58:b8: cc:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:9D:DE:46:0D:72:EC:A8:EA:7E:51:C8:FF:06:EC:00:0B:63:F5:28 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154628.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.173.163.0/24 163.128.183.0/24 IPv6: 2001:df6:e440::/48 Signature Algorithm: sha256WithRSAEncryption 35:a7:3a:73:f2:3c:4d:3a:30:da:4a:08:4c:ff:dc:b3:b7:27: d0:0b:ed:74:c5:45:e5:30:4b:98:c3:c2:fd:4b:91:0b:8e:bf: 9e:ad:a2:e6:50:30:6e:b2:12:d1:ff:3f:f4:a2:f4:f3:30:dd: ad:cc:92:7d:8b:9c:75:00:e4:37:b0:dd:19:ab:52:91:9d:65: d8:77:01:ce:79:ab:15:fb:9e:40:bf:d8:7d:fb:3a:c1:e8:fe: 3d:73:ea:e4:90:80:a9:1e:de:52:c3:99:58:2f:09:85:71:af: 38:a4:c0:8c:fe:cd:1b:28:14:e5:3a:e8:d4:b7:60:76:b4:c8: 5b:65:6b:b5:22:cc:e2:62:08:1a:11:41:40:19:5e:2d:0e:70: ac:c9:40:84:67:51:fd:cf:76:3e:bb:04:bc:62:33:0b:34:16: 2c:b1:5e:ca:e4:26:86:e4:6f:39:05:bb:79:e7:8f:d8:47:ec: 0f:cd:5c:a7:da:84:ea:1a:1b:d6:2a:99:31:70:a2:86:c0:2b: a6:d3:20:5f:5e:a5:bd:02:0f:e0:47:aa:06:60:2c:42:b8:38: 8c:d6:b0:66:c8:9e:92:00:3c:f8:65:50:c5:65:8e:c2:a1:3a: 93:2f:b8:13:75:79:64:22:16:98:38:70:8f:d2:f7:13:f7:8e: 1d:c3:a3:ac -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgIUMEKptTN/cHdgd7YSRYMjx2laa38wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwNDA4MjEzNFoX DTI3MDUwMzA4MjYzNFowMzExMC8GA1UEAxMoNzU5RERFNDYwRDcyRUNBOEVBN0U1 MUM4RkYwNkVDMDAwQjYzRjUyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKxN7vWLxxJgwJn6DdquzWQobkZ3veQetjccgaeCHnBgpq7vnZ0OaFcaF8W/ RRyc8ZkTNxVYJILTqq9jqMPHTFSFQoW4qL1MjSfOVSn9ueSBQp8zlUiepyH/+HAy tRecRPW9KlkYsUwCbYlQgLjU2QDkZyD5Hnx0ZjOxThT+vhpFKNygQOxSfOlSowyW byk4ixi2vmuJ6d4MLT1eJPkTsF4BOXpVx+YOfgLnZN4qWR6Wef+MskNVyBzYffuS dtnPPVshdlU9vlGJSDHluoaJaLelHe+1s/p9Wi/5JmuhAPpREYyAU0OXyOO0h/gW WdsnmueGTzULb7qL9IjjeFi4zOMCAwEAAaOCAeMwggHfMB0GA1UdDgQWBBR1nd5G DXLsqOp+Ucj/BuwAC2P1KDAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0NjI4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIA ATAMAwQAZ62jAwQAo4C3MA8EAgACMAkDBwAgAQ325EAwDQYJKoZIhvcNAQELBQAD ggEBADWnOnPyPE06MNpKCEz/3LO3J9AL7XTFReUwS5jDwv1LkQuOv56touZQMG6y EtH/P/Si9PMw3a3Mkn2LnHUA5Dew3RmrUpGdZdh3Ac55qxX7nkC/2H37OsHo/j1z 6uSQgKke3lLDmVgvCYVxrzikwIz+zRsoFOU66NS3YHa0yFtla7UizOJiCBoRQUAZ Xi0OcKzJQIRnUf3Pdj67BLxiMws0FiyxXsrkJobkbzkFu3nnj9hH7A/NXKfahOoa G9YqmTFwoobAK6bTIF9epb0CD+BHqgZgLEK4OIzWsGbInpIAPPhlUMVljsKhOpMv uBN1eWQiFpg4cI/S9xP3jh3Do6w= -----END CERTIFICATE-----Generated at Tue May 12 22:43:30 2026 by rpki-client