$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153840.roa File: AS153840.roa (raw, json) Hash identifier: 6QP9R6xMQPjTLfLsXT/Sf/qA286kHTeHkfFC0FFXzU0= Subject key identifier: 77:B3:C5:B1:0E:4A:B3:88:F8:A7:9D:E9:E2:69:B5:3B:C0:F6:FC:BE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4FEC4EE752DE7B7FB64CC0145DBA2E8FE4814CB0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153840.roa Signing time: Tue 07 Apr 2026 04:00:00 +0000 ROA not before: Tue 07 Apr 2026 03:55:00 +0000 ROA not after: Tue 06 Apr 2027 04:00:00 +0000 asID: 153840 IP address blocks: 163.227.149.0/24 maxlen: 24 2001:df5:70c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:15:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:ec:4e:e7:52:de:7b:7f:b6:4c:c0:14:5d:ba:2e:8f:e4:81:4c:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 7 03:55:00 2026 GMT Not After : Apr 6 04:00:00 2027 GMT Subject: CN=77B3C5B10E4AB388F8A79DE9E269B53BC0F6FCBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:08:31:f4:00:55:cb:4b:f5:1b:af:8c:93:ff: ff:8d:8d:c3:ed:1a:0e:9b:70:f0:b7:ce:98:66:5d: 05:30:1f:e6:07:d3:f2:f1:17:15:fc:e1:d0:e2:76: bc:78:76:61:ac:98:ba:5d:5e:08:d6:44:f7:93:78: 64:e5:9f:fb:18:65:a9:c8:71:45:e1:a2:be:11:a7: b4:6d:6d:2f:dc:39:4c:06:d9:0e:e3:56:f2:da:01: e0:4d:2e:b6:b6:47:cd:9c:45:ad:b3:84:f9:03:9a: 66:c8:bc:c2:c4:92:1a:3c:56:8b:eb:81:d3:d9:c1: ee:f0:13:8f:60:bf:68:16:15:39:95:42:a4:e6:78: 2c:66:87:2b:aa:0f:51:79:22:f4:3a:53:bc:47:ff: f0:65:60:b9:2f:1e:b9:bd:54:fb:5c:33:b3:1b:2a: 19:aa:e0:1d:68:28:d2:93:a6:84:46:31:dc:fe:91: 07:88:1b:da:4b:46:91:b5:6b:7b:f0:75:d7:e4:36: 94:30:ac:41:d9:ab:47:2d:4b:77:f3:5e:e5:f4:b9: dc:b3:62:b4:ff:46:21:3a:51:d2:fd:56:1f:ff:8e: 89:b1:ab:bb:17:e2:ab:d6:65:cb:aa:95:c8:aa:b1: fa:14:cb:fb:5f:f8:f8:9b:8b:56:d8:5a:f6:3b:fd: ed:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:B3:C5:B1:0E:4A:B3:88:F8:A7:9D:E9:E2:69:B5:3B:C0:F6:FC:BE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153840.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.149.0/24 IPv6: 2001:df5:70c0::/48 Signature Algorithm: sha256WithRSAEncryption 81:cf:be:d8:33:0b:cb:a8:a8:b2:3a:bf:ba:67:95:7f:1c:2b: 5f:a4:57:8a:2a:5c:d4:3a:d7:4e:32:9d:37:8b:23:49:51:32: ff:90:23:71:fe:17:c9:3b:bc:69:c2:53:44:d3:0a:16:1f:58: 89:d7:6f:5d:af:de:8b:54:9c:12:09:2f:f4:86:d5:40:c3:fb: be:ae:88:08:c1:b7:bf:75:ab:0c:b2:3e:56:3b:20:ba:93:ff: 88:b0:1f:4e:81:cd:af:56:6f:fd:7d:ae:a0:50:4d:4a:1d:24: f7:05:53:ab:15:97:bd:20:35:1f:ae:12:8b:86:72:1c:11:01: c9:ce:a3:f0:83:bc:93:a4:34:a4:f4:d3:dd:ad:e3:78:74:cf: 8e:b0:b2:72:76:82:8d:88:85:40:8c:ad:71:e2:63:46:91:39: 9a:9e:af:51:a6:f5:bd:d6:eb:bb:ab:78:f6:35:8f:e6:1f:20: d3:c2:f6:41:08:28:69:1d:00:53:6f:58:29:e7:d1:3f:0e:72: 7b:ba:d8:60:18:d7:ae:7f:5f:f0:f3:1e:32:f4:c0:97:35:15: de:04:f0:cd:9e:58:14:ff:2a:67:9c:d6:3d:51:f2:3a:8e:1e: 4e:90:7a:15:6a:d9:14:a5:52:e2:27:a8:04:d3:4f:33:b6:1e: bf:d5:68:27 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUT+xO51Lee3+2TMAUXbouj+SBTLAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDQwNzAzNTUwMFoX DTI3MDQwNjA0MDAwMFowMzExMC8GA1UEAxMoNzdCM0M1QjEwRTRBQjM4OEY4QTc5 REU5RTI2OUI1M0JDMEY2RkNCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsIMfQAVctL9RuvjJP//42Nw+0aDptw8LfOmGZdBTAf5gfT8vEXFfzh0OJ2 vHh2YayYul1eCNZE95N4ZOWf+xhlqchxReGivhGntG1tL9w5TAbZDuNW8toB4E0u trZHzZxFrbOE+QOaZsi8wsSSGjxWi+uB09nB7vATj2C/aBYVOZVCpOZ4LGaHK6oP UXki9DpTvEf/8GVguS8eub1U+1wzsxsqGargHWgo0pOmhEYx3P6RB4gb2ktGkbVr e/B11+Q2lDCsQdmrRy1Ld/Ne5fS53LNitP9GITpR0v1WH/+OibGruxfiq9Zly6qV yKqx+hTL+1/4+JuLVtha9jv97SUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBR3s8Wx DkqziPinneniabU7wPb8vjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1Mzg0MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKPjlTAPBAIAAjAJAwcAIAEN9XDAMA0GCSqGSIb3DQEBCwUAA4IB AQCBz77YMwvLqKiyOr+6Z5V/HCtfpFeKKlzUOtdOMp03iyNJUTL/kCNx/hfJO7xp wlNE0woWH1iJ129dr96LVJwSCS/0htVAw/u+rogIwbe/dasMsj5WOyC6k/+IsB9O gc2vVm/9fa6gUE1KHST3BVOrFZe9IDUfrhKLhnIcEQHJzqPwg7yTpDSk9NPdreN4 dM+OsLJydoKNiIVAjK1x4mNGkTmanq9RpvW91uu7q3j2NY/mHyDTwvZBCChpHQBT b1gp59E/DnJ7uthgGNeuf1/w8x4y9MCXNRXeBPDNnlgU/ypnnNY9UfI6jh5OkHoV atkUpVLiJ6gE008zth6/1Wgn -----END CERTIFICATE-----Generated at Fri Apr 17 13:33:51 2026 by rpki-client