$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152357.roa File: AS152357.roa (raw, json) Hash identifier: 4pDC9QNCx98xXc53ArGcqrDbCU0t1IGzNyyzt3CEj64= Subject key identifier: E9:91:C8:7E:37:72:41:7E:76:40:DD:89:C4:41:8C:B4:84:B2:B3:DC Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1E1069D5D439B801F3919E3A5388130C918DF659 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152357.roa Signing time: Mon 01 Sep 2025 02:36:56 +0000 ROA not before: Mon 01 Sep 2025 02:31:56 +0000 ROA not after: Mon 31 Aug 2026 02:36:56 +0000 asID: 152357 IP address blocks: 157.15.2.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 14:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:10:69:d5:d4:39:b8:01:f3:91:9e:3a:53:88:13:0c:91:8d:f6:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 1 02:31:56 2025 GMT Not After : Aug 31 02:36:56 2026 GMT Subject: CN=E991C87E3772417E7640DD89C4418CB484B2B3DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:33:25:4e:73:46:9d:33:d5:51:6e:b2:cd:bb: 2f:0b:54:2c:45:18:0b:9c:97:06:25:e0:6f:6e:ba: 62:f0:28:43:62:b9:34:2e:11:a7:b4:8d:e5:0d:28: 8f:4e:cc:52:a8:c6:52:ae:4f:73:23:82:a6:db:89: d1:a6:f8:1f:64:35:34:02:6b:ed:7c:f6:bc:fa:ed: 4e:d3:0a:94:5b:a1:8b:6d:7e:ba:69:83:8b:8b:79: a7:eb:6d:9e:a9:f6:31:eb:93:97:e4:5b:1b:c6:d0: 2b:65:ba:50:ff:e4:a0:63:29:18:c7:c8:5f:81:0e: 80:ba:06:fa:77:95:e9:4b:9b:9c:56:0c:b2:7d:ee: 4a:c5:ef:bb:a2:4e:85:63:e8:df:e8:58:93:64:e5: 1d:ae:af:fa:fc:9e:57:79:32:78:12:e1:ae:1e:32: a7:bd:3d:36:11:e2:2f:5e:87:ea:b2:7d:77:b2:df: 86:7a:56:69:4f:2a:c8:8f:35:9c:a6:c8:85:e2:e6: 37:6a:4f:e8:05:d9:c6:94:32:a7:a3:0f:07:28:d0: 47:06:9e:fd:35:70:97:27:5b:6e:a3:bc:4c:c4:20: 9f:42:44:88:a7:1c:39:e7:7f:79:b0:fd:6a:ea:f5: 8b:9c:47:d7:2a:4f:19:77:36:9a:a9:6d:e9:af:b3: 99:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:91:C8:7E:37:72:41:7E:76:40:DD:89:C4:41:8C:B4:84:B2:B3:DC X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152357.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.2.0/23 Signature Algorithm: sha256WithRSAEncryption 57:61:08:e1:7c:05:4f:52:24:43:ed:c0:6d:d3:09:11:fa:a4: 5f:54:6e:fb:fc:59:49:c7:97:cf:4d:46:d4:98:5f:8b:4a:13: d8:8a:83:9e:3c:6b:89:33:ac:ec:c5:bd:b8:20:9b:f7:ca:10: a3:c7:dc:f1:96:5a:cb:6c:1a:b1:a7:47:c2:4d:68:28:1f:f3: 06:72:82:4f:71:75:8d:0f:aa:94:83:bd:7d:4a:c8:4e:30:f3: ec:38:6a:85:62:30:5e:19:12:61:62:e0:0d:a0:f0:fb:e9:6c: c9:e4:c5:8f:25:9b:1a:af:70:a6:03:14:2d:31:f7:42:dc:d6: 7c:84:39:60:80:28:d0:d2:bd:8d:b5:0f:1e:68:9c:95:dd:88: 72:de:b2:ec:f8:9f:22:d5:0b:5e:bd:cd:ac:c9:38:30:76:9c: 18:d7:2d:9a:68:23:49:16:ad:ed:71:f7:2b:12:bd:8b:e5:d3: dc:37:fd:c9:c6:fa:21:8d:8f:ea:79:20:7c:54:78:a9:57:26: 5b:c0:7b:87:fe:26:7b:9c:83:2b:8b:5f:97:d0:53:0a:fe:dd: fb:b8:ab:f7:dd:74:3f:cd:02:51:00:16:8d:65:2c:ec:3d:4a: 1c:f7:37:06:9d:0f:03:73:df:5b:98:ba:f2:dc:a0:55:4f:48: 75:d1:e0:d8 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHhBp1dQ5uAHzkZ46U4gTDJGN9lkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkwMTAyMzE1NloX DTI2MDgzMTAyMzY1NlowMzExMC8GA1UEAxMoRTk5MUM4N0UzNzcyNDE3RTc2NDBE RDg5QzQ0MThDQjQ4NEIyQjNEQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKszJU5zRp0z1VFuss27LwtULEUYC5yXBiXgb266YvAoQ2K5NC4Rp7SN5Q0o j07MUqjGUq5PcyOCptuJ0ab4H2Q1NAJr7Xz2vPrtTtMKlFuhi21+ummDi4t5p+tt nqn2MeuTl+RbG8bQK2W6UP/koGMpGMfIX4EOgLoG+neV6UubnFYMsn3uSsXvu6JO hWPo3+hYk2TlHa6v+vyeV3kyeBLhrh4yp709NhHiL16H6rJ9d7LfhnpWaU8qyI81 nKbIheLmN2pP6AXZxpQyp6MPByjQRwae/TVwlydbbqO8TMQgn0JEiKccOed/ebD9 aur1i5xH1ypPGXc2mqlt6a+zmb8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTpkch+ N3JBfnZA3YnEQYy0hLKz3DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM1Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PAjANBgkqhkiG9w0BAQsFAAOCAQEAV2EI4XwFT1IkQ+3AbdMJ EfqkX1Ru+/xZSceXz01G1Jhfi0oT2IqDnjxriTOs7MW9uCCb98oQo8fc8ZZay2wa sadHwk1oKB/zBnKCT3F1jQ+qlIO9fUrITjDz7DhqhWIwXhkSYWLgDaDw++lsyeTF jyWbGq9wpgMULTH3QtzWfIQ5YIAo0NK9jbUPHmicld2Ict6y7PifItULXr3NrMk4 MHacGNctmmgjSRat7XH3KxK9i+XT3Df9ycb6IY2P6nkgfFR4qVcmW8B7h/4me5yD K4tfl9BTCv7d+7ir9910P80CUQAWjWUs7D1KHPc3Bp0PA3PfW5i68tygVU9IddHg 2A== -----END CERTIFICATE-----Generated at Sun Sep 7 10:11:27 2025 by rpki-client