$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152025.roa File: AS152025.roa (raw, json) Hash identifier: ak7/3Y1JBeaLOVH+sokzNX0h3xgUCl/VlUi1BEkP10E= Subject key identifier: 4A:71:C7:40:93:43:F3:83:1D:5E:CE:EC:C0:EE:DE:6F:83:1E:F5:C5 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 734AEAEDBFE1324E17BE4975E613F159B9C6F097 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152025.roa Signing time: Sat 02 May 2026 09:22:34 +0000 ROA not before: Sat 02 May 2026 09:17:34 +0000 ROA not after: Sat 01 May 2027 09:22:34 +0000 asID: 152025 IP address blocks: 144.79.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:4a:ea:ed:bf:e1:32:4e:17:be:49:75:e6:13:f1:59:b9:c6:f0:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:17:34 2026 GMT Not After : May 1 09:22:34 2027 GMT Subject: CN=4A71C7409343F3831D5ECEECC0EEDE6F831EF5C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:18:f3:de:82:4c:23:54:ce:0c:37:c8:cf:50: 19:ef:ad:0b:b2:6c:01:9f:19:e3:a1:c4:6c:aa:32: 75:db:2a:4f:e1:31:8f:62:0d:92:65:1f:ae:72:71: 11:fc:fa:f1:ff:62:63:78:39:8b:fb:46:7c:29:31: 91:bc:0f:d1:f2:e5:72:86:42:e7:25:77:51:98:0a: 15:9f:5d:84:83:1b:7c:b8:91:ea:7e:aa:b8:fa:8d: b2:9c:f2:b5:16:d4:2b:76:24:da:78:ee:c9:f3:2c: 95:34:e6:18:b1:fd:56:9e:a9:97:a7:6a:9a:f7:47: 8d:08:e7:d8:7a:c8:1d:0c:11:28:0c:5e:2e:01:a4: 96:41:3b:6f:a6:66:b1:6d:d4:a7:6e:1b:03:a1:5d: 00:68:42:06:34:65:2d:2a:5d:e0:62:21:24:ae:d0: 09:2e:60:7f:84:14:f6:7d:06:4b:12:be:db:0e:63: f5:c9:39:73:e7:4a:f7:16:25:37:b0:f5:e9:0b:78: 1e:e2:6b:c9:ee:cf:71:a4:2d:76:c7:8e:66:8c:ba: 24:3b:8e:ea:10:e9:8f:52:fd:4e:c2:b2:92:f0:30: 89:6a:f4:8a:48:08:fe:d5:5d:2f:08:41:a1:6a:73: 10:7d:0c:54:a8:16:71:e9:05:ff:9e:c1:27:1c:22: ca:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:71:C7:40:93:43:F3:83:1D:5E:CE:EC:C0:EE:DE:6F:83:1E:F5:C5 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.79.195.0/24 Signature Algorithm: sha256WithRSAEncryption 02:7f:f5:db:20:a0:2b:06:4a:f1:e3:b4:c3:4c:4f:e7:f5:71: 9e:ce:ef:7c:64:3e:5c:bf:4f:d8:a4:fa:35:09:2e:c1:06:56: c7:d6:88:0d:ce:b6:a7:4c:6e:a1:a2:d7:88:b3:f5:37:06:91: b0:99:09:b7:bf:f8:02:f3:ca:0f:8a:3d:b8:36:38:b3:de:3e: 57:5a:23:ef:6e:b3:51:2c:8a:5e:c0:0d:03:dc:a8:be:a7:05: e1:f0:e4:ef:86:00:e8:2c:4e:50:9e:2b:c3:26:73:a6:79:68: 19:b0:a4:12:76:ae:ff:3d:f8:f0:06:2f:fb:84:cc:3e:dd:a0: 26:f9:6a:aa:5e:e6:fe:fe:2e:83:b1:00:7e:c0:65:01:7d:35: 58:3f:fa:e0:65:5a:6a:81:e4:48:48:2d:84:6f:fb:31:bf:00: 58:6d:7c:4e:7e:ea:26:82:f7:11:6c:70:fd:be:ed:0b:93:70: 97:46:9e:61:6e:6f:e1:b3:c7:54:18:cf:a6:ea:fe:70:7e:60: 73:e3:b7:21:f8:34:85:72:da:75:18:bd:72:bb:aa:36:c7:34: 6d:0c:de:2b:b6:07:2a:0d:c0:5b:81:c9:41:4c:f0:59:84:41: 94:f2:67:f4:d8:59:dd:2e:61:a7:f2:80:0f:29:fa:d8:06:65: ae:e3:10:b9 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUc0rq7b/hMk4Xvkl15hPxWbnG8JcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTczNFoX DTI3MDUwMTA5MjIzNFowMzExMC8GA1UEAxMoNEE3MUM3NDA5MzQzRjM4MzFENUVD RUVDQzBFRURFNkY4MzFFRjVDNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALsY896CTCNUzgw3yM9QGe+tC7JsAZ8Z46HEbKoyddsqT+Exj2INkmUfrnJx Efz68f9iY3g5i/tGfCkxkbwP0fLlcoZC5yV3UZgKFZ9dhIMbfLiR6n6quPqNspzy tRbUK3Yk2njuyfMslTTmGLH9Vp6pl6dqmvdHjQjn2HrIHQwRKAxeLgGklkE7b6Zm sW3Up24bA6FdAGhCBjRlLSpd4GIhJK7QCS5gf4QU9n0GSxK+2w5j9ck5c+dK9xYl N7D16Qt4HuJrye7PcaQtdseOZoy6JDuO6hDpj1L9TsKykvAwiWr0ikgI/tVdLwhB oWpzEH0MVKgWcekF/57BJxwiyncCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRKccdA k0Pzgx1ezuzA7t5vgx71xTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyMDI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAkE/DMA0GCSqGSIb3DQEBCwUAA4IBAQACf/XbIKArBkrx47TDTE/n9XGe zu98ZD5cv0/YpPo1CS7BBlbH1ogNzranTG6hoteIs/U3BpGwmQm3v/gC88oPij24 Njiz3j5XWiPvbrNRLIpewA0D3Ki+pwXh8OTvhgDoLE5QnivDJnOmeWgZsKQSdq7/ PfjwBi/7hMw+3aAm+WqqXub+/i6DsQB+wGUBfTVYP/rgZVpqgeRISC2Eb/sxvwBY bXxOfuomgvcRbHD9vu0Lk3CXRp5hbm/hs8dUGM+m6v5wfmBz47ch+DSFctp1GL1y u6o2xzRtDN4rtgcqDcBbgclBTPBZhEGU8mf02FndLmGn8oAPKfrYBmWu4xC5 -----END CERTIFICATE-----Generated at Sat May 2 21:04:39 2026 by rpki-client