$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152406.roa File: AS152406.roa (raw, json) Hash identifier: 1BoVTkFc4MvaulEyf4i7DXzjm1Somll7amzv//oW6Xs= Subject key identifier: 7A:87:17:23:41:F1:E1:76:9F:DF:30:66:F2:6C:75:1C:7C:23:C6:F8 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 50052F0D33C32375C868CDF1EE261D0D48C4BB00 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152406.roa Signing time: Fri 19 Sep 2025 06:36:55 +0000 ROA not before: Fri 19 Sep 2025 06:31:55 +0000 ROA not after: Fri 18 Sep 2026 06:36:55 +0000 asID: 152406 IP address blocks: 2001:df5:dfc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:05:2f:0d:33:c3:23:75:c8:68:cd:f1:ee:26:1d:0d:48:c4:bb:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 19 06:31:55 2025 GMT Not After : Sep 18 06:36:55 2026 GMT Subject: CN=7A87172341F1E1769FDF3066F26C751C7C23C6F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d6:ec:72:03:9e:47:70:14:4c:eb:5c:c7:e4: de:eb:4b:06:9d:c5:8e:40:3b:18:ca:88:0b:7d:62: 1e:c8:73:c7:6c:f4:2c:15:8c:eb:cc:e0:c3:34:12: 55:fb:44:9a:43:8d:1f:f8:35:c2:49:2a:ca:09:a6: fe:37:d4:55:6f:57:ec:eb:fb:69:53:19:c9:c7:12: a1:aa:b8:0a:9a:ca:1e:be:94:6c:67:90:eb:b4:aa: 64:8b:3f:3b:12:61:c1:8e:05:28:bf:10:95:7f:a0: 25:33:67:40:bf:0a:50:4f:e0:36:ff:84:e8:8d:d6: ec:2c:14:4a:fa:b3:ef:bb:3d:9d:f3:8b:6d:f4:1f: 32:e4:4c:6d:71:77:4c:7d:ea:71:3f:54:7e:fc:28: 53:fa:f9:c2:da:71:c8:27:39:35:b6:17:47:f1:e8: fe:98:25:37:1b:74:5e:3c:db:cb:36:38:c6:c3:a0: 45:fb:f7:c4:ed:21:ea:cb:a8:67:51:90:7b:15:fd: 34:06:68:9d:af:c0:f9:dc:c0:66:d9:40:e3:86:ef: 1f:6a:50:db:ea:95:de:d5:7a:8c:30:ca:35:08:2a: be:25:a6:ed:6a:a4:84:1e:e4:78:94:bd:9b:5d:1e: f0:c1:04:bd:aa:1d:6e:5f:df:9d:83:f5:f4:3b:0d: 25:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:87:17:23:41:F1:E1:76:9F:DF:30:66:F2:6C:75:1C:7C:23:C6:F8 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152406.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:dfc0::/48 Signature Algorithm: sha256WithRSAEncryption 41:73:0d:95:c0:32:96:1a:e2:eb:68:ed:8b:73:0c:95:c9:c4: ae:30:c4:d1:98:ce:02:a2:fc:f6:92:81:6d:b3:c2:d2:8a:42: 0d:98:44:16:0b:1d:78:69:82:64:c8:26:1e:d8:ce:64:93:7c: db:05:62:e0:7c:22:91:3b:3b:71:01:22:80:99:6b:ae:b5:4c: c6:86:cd:f0:cb:73:20:31:a1:0b:b3:5b:ca:5b:3d:8f:ca:97: f3:5c:4d:92:10:ed:80:1a:d8:b2:ee:56:a4:09:40:01:6c:3c: 9b:75:0a:e7:2e:78:4a:51:97:30:81:ac:ab:8b:7c:80:62:2d: a5:9b:00:6b:4c:e1:fa:ee:7e:f9:bb:6e:b7:bc:a6:46:d9:eb: 63:b5:2b:92:38:6e:d4:74:90:d0:b2:43:91:b9:d8:8b:6c:3d: ca:eb:6a:aa:63:2d:ec:4b:30:b6:ae:3f:94:bc:32:bc:80:b6: db:7d:64:71:e3:29:14:6a:5d:88:eb:79:a0:32:d6:34:1d:de: f9:a8:8b:b6:4b:26:ac:09:a2:99:46:f7:00:13:e8:90:15:f6: 38:fb:6d:ef:4c:b7:63:f5:dd:8c:05:74:34:d2:b3:3a:8d:ee: db:5b:03:de:66:f7:3a:e5:90:8a:7a:2d:0a:75:00:ff:6d:5b: 62:15:95:c9 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUUAUvDTPDI3XIaM3x7iYdDUjEuwAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxOTA2MzE1NVoX DTI2MDkxODA2MzY1NVowMzExMC8GA1UEAxMoN0E4NzE3MjM0MUYxRTE3NjlGREYz MDY2RjI2Qzc1MUM3QzIzQzZGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/W7HIDnkdwFEzrXMfk3utLBp3FjkA7GMqIC31iHshzx2z0LBWM68zgwzQS VftEmkONH/g1wkkqygmm/jfUVW9X7Ov7aVMZyccSoaq4CprKHr6UbGeQ67SqZIs/ OxJhwY4FKL8QlX+gJTNnQL8KUE/gNv+E6I3W7CwUSvqz77s9nfOLbfQfMuRMbXF3 TH3qcT9UfvwoU/r5wtpxyCc5NbYXR/Ho/pglNxt0XjzbyzY4xsOgRfv3xO0h6suo Z1GQexX9NAZona/A+dzAZtlA44bvH2pQ2+qV3tV6jDDKNQgqviWm7WqkhB7keJS9 m10e8MEEvaodbl/fnYP19DsNJbsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBR6hxcj QfHhdp/fMGbybHUcfCPG+DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjQwNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfXfwDANBgkqhkiG9w0BAQsFAAOCAQEAQXMNlcAylhri62jt i3MMlcnErjDE0ZjOAqL89pKBbbPC0opCDZhEFgsdeGmCZMgmHtjOZJN82wVi4Hwi kTs7cQEigJlrrrVMxobN8MtzIDGhC7Nbyls9j8qX81xNkhDtgBrYsu5WpAlAAWw8 m3UK5y54SlGXMIGsq4t8gGItpZsAa0zh+u5++btut7ymRtnrY7Urkjhu1HSQ0LJD kbnYi2w9yutqqmMt7Eswtq4/lLwyvIC2231kceMpFGpdiOt5oDLWNB3e+aiLtksm rAmimUb3ABPokBX2OPtt70y3Y/XdjAV0NNKzOo3u21sD3mb3OuWQinotCnUA/21b YhWVyQ== -----END CERTIFICATE-----Generated at Sun Oct 19 12:51:25 2025 by rpki-client