$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS154687.roa File: AS154687.roa (raw, json) Hash identifier: zMKOk9XGdy9oWV3uwDpIvXUH0JhkkT6zGty7eygOoxs= Subject key identifier: 59:0B:51:BD:01:D1:E6:9B:BA:B0:31:4A:3A:46:16:CC:BE:F6:26:D8 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3DA6E2711C0C60638665E7A8D3E5FDE1A6BB9AA2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154687.roa Signing time: Fri 22 May 2026 03:31:47 +0000 ROA not before: Fri 22 May 2026 03:26:47 +0000 ROA not after: Fri 21 May 2027 03:31:47 +0000 asID: 154687 IP address blocks: 2001:df7:cc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 03:08:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:a6:e2:71:1c:0c:60:63:86:65:e7:a8:d3:e5:fd:e1:a6:bb:9a:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 22 03:26:47 2026 GMT Not After : May 21 03:31:47 2027 GMT Subject: CN=590B51BD01D1E69BBAB0314A3A4616CCBEF626D8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:b1:4a:32:aa:48:85:7e:1b:d1:90:e7:a9:31: 1e:c2:be:af:dc:df:44:b0:16:4a:b9:d4:24:dc:95: 3a:87:bd:d8:35:ad:df:70:ff:f2:93:19:f2:f0:78: e4:70:a8:e1:89:ba:d0:be:20:c9:cf:9d:b5:5c:13: 63:b0:47:e4:88:80:9b:e0:0a:dc:fd:9e:3b:42:dc: 5a:83:ad:9c:c0:2d:95:ce:2a:5d:89:3d:6e:30:2e: 9e:95:61:5b:cc:db:87:e5:a5:6a:ff:2b:c6:ee:bd: 10:cf:4e:dc:d8:82:f8:8c:f4:75:5a:d6:71:59:c2: c3:9a:28:0a:c8:22:75:85:1f:7d:89:01:bb:c3:d5: dc:e3:2a:42:b0:75:09:0c:92:4e:11:06:b2:7e:ae: c8:66:d5:f9:e0:dd:33:42:54:5c:e4:7d:8a:e9:f3: 38:da:de:8d:c7:cb:1b:06:82:04:84:57:a5:09:4a: e6:ee:fa:a1:e0:e7:e3:03:23:9f:a4:c0:e7:a7:85: 89:1b:4f:7b:5c:5e:0e:9f:2c:f5:a9:85:40:b2:8f: 8b:c0:dc:5f:26:7a:08:c3:b9:fa:78:4f:2b:0a:e7: 64:45:71:c1:ce:3b:f3:41:f2:db:df:00:67:86:ed: f8:d2:0a:40:e7:5a:9a:82:dd:17:72:4b:3e:a8:a0: 5f:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:0B:51:BD:01:D1:E6:9B:BA:B0:31:4A:3A:46:16:CC:BE:F6:26:D8 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS154687.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df7:cc0::/48 Signature Algorithm: sha256WithRSAEncryption 10:7c:6d:f6:f3:84:f3:9b:5d:a6:71:38:53:bf:d3:06:28:15: 6b:b5:c2:80:ec:e7:5d:09:08:94:6b:78:91:e7:52:51:b5:5d: 7d:55:a8:49:47:f5:91:be:78:d9:4b:95:fb:9c:88:0d:5b:6c: 95:43:5b:63:c0:f2:0c:b0:af:c9:b7:f0:71:be:97:ff:a5:63: 05:76:76:53:d8:b3:a2:45:01:32:c8:50:92:b6:e4:a4:c1:31: ca:47:44:11:a2:ab:6e:a3:ed:07:c4:1f:f2:07:8a:e6:91:78: 9a:a3:49:c0:d8:4c:de:96:cf:b8:93:f1:f1:44:43:92:5f:54: 50:b9:b6:76:29:43:15:23:15:2c:d4:bb:b0:f7:cf:32:73:3e: 75:75:9b:5d:55:d7:29:35:66:bf:96:c4:e9:3d:ea:70:b2:f1: fd:94:8e:33:c1:eb:80:8b:d4:98:98:56:5e:a1:cd:5d:15:bb: 88:fa:b5:35:81:dc:d4:63:ed:23:ce:a2:76:9a:cd:bc:bd:02: 5b:6d:8c:c7:8c:7b:aa:3e:13:9a:f8:4d:e3:e8:af:92:29:6d: 3b:82:a1:a0:2d:3b:55:56:06:70:81:06:39:4a:33:58:d8:ac: ca:93:12:8d:d0:ba:ed:35:db:c4:de:e7:a5:9e:eb:e4:36:e3: 7d:a5:e0:0e -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUPabicRwMYGOGZeeo0+X94aa7mqIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUyMjAzMjY0N1oX DTI3MDUyMTAzMzE0N1owMzExMC8GA1UEAxMoNTkwQjUxQkQwMUQxRTY5QkJBQjAz MTRBM0E0NjE2Q0NCRUY2MjZEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI6xSjKqSIV+G9GQ56kxHsK+r9zfRLAWSrnUJNyVOoe92DWt33D/8pMZ8vB4 5HCo4Ym60L4gyc+dtVwTY7BH5IiAm+AK3P2eO0LcWoOtnMAtlc4qXYk9bjAunpVh W8zbh+Wlav8rxu69EM9O3NiC+Iz0dVrWcVnCw5ooCsgidYUffYkBu8PV3OMqQrB1 CQySThEGsn6uyGbV+eDdM0JUXOR9iunzONrejcfLGwaCBIRXpQlK5u76oeDn4wMj n6TA56eFiRtPe1xeDp8s9amFQLKPi8DcXyZ6CMO5+nhPKwrnZEVxwc4780Hy298A Z4bt+NIKQOdamoLdF3JLPqigX1sCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRZC1G9 AdHmm7qwMUo6RhbMvvYm2DAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTU0Njg3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9wzAMA0GCSqGSIb3DQEBCwUAA4IBAQAQfG3284Tzm12mcThTv9MG KBVrtcKA7OddCQiUa3iR51JRtV19VahJR/WRvnjZS5X7nIgNW2yVQ1tjwPIMsK/J t/Bxvpf/pWMFdnZT2LOiRQEyyFCStuSkwTHKR0QRoqtuo+0HxB/yB4rmkXiao0nA 2Ezels+4k/HxREOSX1RQubZ2KUMVIxUs1Luw988ycz51dZtdVdcpNWa/lsTpPepw svH9lI4zweuAi9SYmFZeoc1dFbuI+rU1gdzUY+0jzqJ2ms28vQJbbYzHjHuqPhOa +E3j6K+SKW07gqGgLTtVVgZwgQY5SjNY2KzKkxKN0LrtNdvE3uelnuvkNuN9peAO -----END CERTIFICATE-----Generated at Wed Jun 17 08:49:01 2026 by rpki-client