$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153753.roa File: AS153753.roa (raw, json) Hash identifier: I8rjH3648W2ha2MCpHbw9DZTFPaE4XkRJOpjYcxii6A= Subject key identifier: A5:21:E4:0C:C2:03:30:04:2B:DE:29:53:54:15:98:D4:12:BC:BE:FF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1D53BC66B1FD6840A487FD257C6206086D5BF536 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153753.roa Signing time: Mon 06 Apr 2026 04:33:11 +0000 ROA not before: Mon 06 Apr 2026 04:28:11 +0000 ROA not after: Mon 05 Apr 2027 04:33:11 +0000 asID: 153753 IP address blocks: 163.128.149.0/24 maxlen: 24 2001:df6:df40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 00:44:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:53:bc:66:b1:fd:68:40:a4:87:fd:25:7c:62:06:08:6d:5b:f5:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 6 04:28:11 2026 GMT Not After : Apr 5 04:33:11 2027 GMT Subject: CN=A521E40CC20330042BDE2953541598D412BCBEFF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b4:e2:10:e3:61:07:ab:0b:73:17:72:ee:8d: 03:9b:33:82:8d:7c:8d:22:20:f3:b7:19:14:fa:de: 0e:fc:a3:07:14:e4:2b:f7:d1:82:a9:4f:48:f5:89: 8e:fc:5c:f5:52:68:79:65:f6:8e:79:fb:9c:96:37: fd:60:8b:95:e1:a2:ed:19:34:4c:62:da:42:66:19: 44:2b:50:74:77:31:09:12:11:26:a2:c4:0a:72:4c: e8:13:05:e8:8c:04:3d:8d:7a:34:89:95:9b:4e:02: ee:05:7e:c2:ae:eb:ad:0f:e4:82:30:ce:d6:41:1a: c0:ee:2f:4e:a6:6e:5c:66:4e:2b:1d:f6:ac:4d:aa: a0:fe:29:d9:3d:0f:2f:23:59:58:53:66:98:6c:fd: 9d:f5:cd:4c:f1:87:93:df:d2:ab:e4:b6:b9:4a:00: fc:b3:73:ee:8f:18:7c:62:3e:19:12:66:21:f0:56: e7:30:3c:74:4c:85:c9:ce:2e:a1:75:ae:29:20:90: 39:25:12:48:92:87:fe:14:14:08:4f:a7:b9:54:cb: fc:6c:da:f3:84:07:54:17:32:ec:db:97:41:17:61: e8:6d:bb:f7:d8:2c:ac:f3:40:fe:de:e7:1b:1c:47: ef:2c:c2:8f:fb:d2:13:59:47:ef:3e:a3:2f:c2:bf: a9:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:21:E4:0C:C2:03:30:04:2B:DE:29:53:54:15:98:D4:12:BC:BE:FF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153753.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.128.149.0/24 IPv6: 2001:df6:df40::/48 Signature Algorithm: sha256WithRSAEncryption 3e:d8:aa:78:25:86:d5:c7:e4:03:6b:2f:f4:fd:da:ed:eb:0f: 5f:7b:f7:3e:75:d5:5d:3a:e2:cf:cb:e9:6b:5f:4e:02:29:0f: 43:cd:83:3f:7f:61:31:57:e3:3e:3b:9d:d9:62:a3:31:3f:6a: 12:8f:97:34:09:f6:24:65:72:1a:14:0c:88:5b:a5:a3:a2:43: 72:b7:45:74:9a:46:ff:32:aa:a6:f9:0c:da:3a:f4:f9:d5:03: 33:c5:e1:91:5a:ef:ab:1c:bb:21:f5:de:99:05:fd:27:27:22: f8:ad:c5:b8:aa:08:c1:22:be:e5:0e:0a:0e:a8:29:b0:ad:b8: 5f:c4:09:6f:5b:46:34:02:18:b8:3a:d0:54:7d:b4:af:99:c4: 2c:af:4d:f1:24:98:71:a8:49:38:25:30:58:51:d1:65:6f:b6: 18:b7:cd:c0:5e:85:28:69:ec:9f:ba:ec:07:f7:19:5a:db:b6: 1c:00:6e:49:64:3b:08:03:b1:26:30:89:cb:6b:a3:d5:80:4f: a7:08:78:ae:64:80:d4:62:53:2f:e4:3f:d1:e9:7c:af:73:75: e2:94:c9:ab:9e:c9:35:80:f7:16:60:2e:4f:f0:28:be:0c:82: 82:77:40:4e:68:17:83:3b:9b:5c:1e:db:8c:88:04:1b:7f:d8: 86:f5:2b:cb -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUHVO8ZrH9aECkh/0lfGIGCG1b9TYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDQwNjA0MjgxMVoX DTI3MDQwNTA0MzMxMVowMzExMC8GA1UEAxMoQTUyMUU0MENDMjAzMzAwNDJCREUy OTUzNTQxNTk4RDQxMkJDQkVGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO04hDjYQerC3MXcu6NA5szgo18jSIg87cZFPreDvyjBxTkK/fRgqlPSPWJ jvxc9VJoeWX2jnn7nJY3/WCLleGi7Rk0TGLaQmYZRCtQdHcxCRIRJqLECnJM6BMF 6IwEPY16NImVm04C7gV+wq7rrQ/kgjDO1kEawO4vTqZuXGZOKx32rE2qoP4p2T0P LyNZWFNmmGz9nfXNTPGHk9/Sq+S2uUoA/LNz7o8YfGI+GRJmIfBW5zA8dEyFyc4u oXWuKSCQOSUSSJKH/hQUCE+nuVTL/Gza84QHVBcy7NuXQRdh6G2799gsrPNA/t7n GxxH7yzCj/vSE1lH7z6jL8K/qUUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSlIeQM wgMwBCveKVNUFZjUEry+/zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1Mzc1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKOAlTAPBAIAAjAJAwcAIAEN9t9AMA0GCSqGSIb3DQEBCwUAA4IB AQA+2Kp4JYbVx+QDay/0/drt6w9fe/c+ddVdOuLPy+lrX04CKQ9DzYM/f2ExV+M+ O53ZYqMxP2oSj5c0CfYkZXIaFAyIW6WjokNyt0V0mkb/Mqqm+QzaOvT51QMzxeGR Wu+rHLsh9d6ZBf0nJyL4rcW4qgjBIr7lDgoOqCmwrbhfxAlvW0Y0Ahi4OtBUfbSv mcQsr03xJJhxqEk4JTBYUdFlb7YYt83AXoUoaeyfuuwH9xla27YcAG5JZDsIA7Em MInLa6PVgE+nCHiuZIDUYlMv5D/R6Xyvc3XilMmrnsk1gPcWYC5P8Ci+DIKCd0BO aBeDO5tcHtuMiAQbf9iG9SvL -----END CERTIFICATE-----Generated at Fri Apr 17 16:02:46 2026 by rpki-client