$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153664.roa File: AS153664.roa (raw, json) Hash identifier: Qdi3CYR+uUr70sfKM44oxlUHfGC/9RvTxNlJfNEC04U= Subject key identifier: B3:0F:03:05:A4:CA:43:F5:B3:3F:9B:C8:EF:23:E6:C7:A6:49:C4:85 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 12BB318E5C51D5B014977A79565D42270479D988 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153664.roa Signing time: Fri 03 Apr 2026 02:00:00 +0000 ROA not before: Fri 03 Apr 2026 01:55:00 +0000 ROA not after: Fri 02 Apr 2027 02:00:00 +0000 asID: 153664 IP address blocks: 163.61.244.0/23 maxlen: 24 2001:df5:24c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:15:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:bb:31:8e:5c:51:d5:b0:14:97:7a:79:56:5d:42:27:04:79:d9:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 3 01:55:00 2026 GMT Not After : Apr 2 02:00:00 2027 GMT Subject: CN=B30F0305A4CA43F5B33F9BC8EF23E6C7A649C485 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:50:40:1e:5a:d1:b1:83:f1:74:67:eb:c0:bc: c1:09:55:a5:6e:ca:c2:c0:ee:97:85:37:04:3b:e2: 2d:ea:fa:d3:0b:c5:c8:63:4f:b2:70:dc:77:d0:a5: 27:f8:d4:7f:58:03:22:79:c8:5e:06:45:19:b5:cd: b5:87:44:9a:b1:51:b8:8c:91:a6:c4:8a:42:4f:ab: 7f:34:84:db:10:24:f3:7c:77:03:55:83:5b:36:e5: a9:b5:4f:51:6d:a5:6f:70:d9:0c:1f:55:94:6c:0f: 3b:ad:e9:8d:73:61:ad:ff:be:a3:f5:cf:b8:43:93: 5d:af:58:e5:0d:32:b3:bb:e1:a4:21:7a:5b:29:23: ab:77:b0:32:66:dc:7d:51:50:b7:5e:b9:9e:af:4e: 87:e0:be:c8:fc:7b:3b:a2:92:cc:9c:15:65:70:84: 7b:63:cf:68:dc:03:33:5e:68:7b:31:12:5c:3c:ba: 7c:ac:8f:f2:68:d3:fe:f2:77:fa:8b:a6:29:b7:ba: c8:4f:37:d0:94:ed:37:a0:67:10:aa:92:a7:a9:99: e9:3b:ab:39:b3:4c:e3:d1:e0:74:c3:ff:73:ad:e2: 66:bf:53:59:bb:91:a5:63:bd:ab:cb:9c:38:22:d8: f3:19:3d:c3:c1:2d:1f:29:6b:e5:b5:d3:ee:9e:ba: 1d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:0F:03:05:A4:CA:43:F5:B3:3F:9B:C8:EF:23:E6:C7:A6:49:C4:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153664.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.244.0/23 IPv6: 2001:df5:24c0::/48 Signature Algorithm: sha256WithRSAEncryption 03:bc:ca:31:fd:fc:e3:9e:48:fc:a1:5d:c7:19:f0:bb:c5:de: 68:2d:01:73:74:b4:7b:40:ee:4c:58:23:0f:a8:0a:a9:fe:f8: 08:f4:0b:e3:35:41:6d:cc:7e:b3:99:44:3c:fa:e6:95:0e:d2: 12:80:0c:25:a1:3a:67:e7:fb:52:f2:14:5f:f6:cd:e7:69:88: 2a:fa:a6:ea:05:45:47:6d:80:8b:f9:22:70:bb:c8:a5:96:0f: bb:40:67:f4:e6:bd:9c:97:95:a9:2a:65:15:d1:b2:2b:2a:bc: bf:c2:22:f7:cb:7c:f2:f7:df:4e:6c:d1:67:94:d6:c6:86:94: 18:15:3a:d1:7e:28:e0:f1:3d:86:a5:37:c1:de:5b:83:87:cd: 46:4e:9d:65:1d:f8:b1:18:01:4f:d5:0c:e9:f0:89:78:e7:98: 1a:ff:21:9f:10:18:81:98:e9:14:ad:15:6d:c5:fc:36:33:a5: 35:78:ba:59:fb:1f:a2:e0:11:51:c2:e0:61:ca:03:91:7c:e7: 5f:06:66:63:36:2e:48:9c:e4:c5:18:8b:f9:43:1a:69:ff:11: 4c:90:cf:ba:e8:b4:62:04:52:bd:1d:c4:fb:70:df:58:c5:18: 6d:91:0a:50:5e:93:84:1f:c1:59:49:a3:c4:e9:ec:95:4c:67: 6b:5e:16:95 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUErsxjlxR1bAUl3p5Vl1CJwR52YgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDQwMzAxNTUwMFoX DTI3MDQwMjAyMDAwMFowMzExMC8GA1UEAxMoQjMwRjAzMDVBNENBNDNGNUIzM0Y5 QkM4RUYyM0U2QzdBNjQ5QzQ4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1QQB5a0bGD8XRn68C8wQlVpW7KwsDul4U3BDviLer60wvFyGNPsnDcd9Cl J/jUf1gDInnIXgZFGbXNtYdEmrFRuIyRpsSKQk+rfzSE2xAk83x3A1WDWzblqbVP UW2lb3DZDB9VlGwPO63pjXNhrf++o/XPuEOTXa9Y5Q0ys7vhpCF6Wykjq3ewMmbc fVFQt165nq9Oh+C+yPx7O6KSzJwVZXCEe2PPaNwDM15oezESXDy6fKyP8mjT/vJ3 +oumKbe6yE830JTtN6BnEKqSp6mZ6TurObNM49HgdMP/c63iZr9TWbuRpWO9q8uc OCLY8xk9w8EtHylr5bXT7p66HRsCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSzDwMF pMpD9bM/m8jvI+bHpknEhTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzY2NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAaM99DAPBAIAAjAJAwcAIAEN9STAMA0GCSqGSIb3DQEBCwUAA4IB AQADvMox/fzjnkj8oV3HGfC7xd5oLQFzdLR7QO5MWCMPqAqp/vgI9AvjNUFtzH6z mUQ8+uaVDtISgAwloTpn5/tS8hRf9s3naYgq+qbqBUVHbYCL+SJwu8illg+7QGf0 5r2cl5WpKmUV0bIrKry/wiL3y3zy999ObNFnlNbGhpQYFTrRfijg8T2GpTfB3luD h81GTp1lHfixGAFP1Qzp8Il455ga/yGfEBiBmOkUrRVtxfw2M6U1eLpZ+x+i4BFR wuBhygORfOdfBmZjNi5InOTFGIv5Qxpp/xFMkM+66LRiBFK9HcT7cN9YxRhtkQpQ XpOEH8FZSaPE6eyVTGdrXhaV -----END CERTIFICATE-----Generated at Fri Apr 17 13:33:46 2026 by rpki-client