$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152079.roa File: AS152079.roa (raw, json) Hash identifier: VFIWlr7ae8tPTd/Rpg3FuEfAMRgG58xvzWRoy+dJlhY= Subject key identifier: B8:44:05:DE:F4:34:E2:7E:69:3F:82:1D:9B:0A:64:DD:97:B7:8C:08 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 1A1039BCB403BF75934E0AB6D2B914B1072028E2 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152079.roa Signing time: Sat 02 May 2026 09:22:45 +0000 ROA not before: Sat 02 May 2026 09:17:45 +0000 ROA not after: Sat 01 May 2027 09:22:45 +0000 asID: 152079 IP address blocks: 157.10.0.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:10:39:bc:b4:03:bf:75:93:4e:0a:b6:d2:b9:14:b1:07:20:28:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:17:45 2026 GMT Not After : May 1 09:22:45 2027 GMT Subject: CN=B84405DEF434E27E693F821D9B0A64DD97B78C08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c4:f4:56:d2:bc:2d:61:4b:93:c2:3a:26:b2: fd:6e:5c:73:38:45:15:66:f4:f5:11:e9:1d:16:75: 9a:88:c4:b5:04:02:4b:21:4b:86:7c:24:5d:98:9d: 19:60:c1:bc:94:27:d0:61:0f:a7:db:34:3b:cf:30: 22:f6:04:70:b9:c1:66:69:b7:c5:d9:f8:b3:f1:a8: fc:b8:12:ea:07:a1:3d:83:f7:6a:1e:03:0d:e7:4f: ad:5b:b5:c0:94:18:c8:c1:91:69:c2:15:29:d2:5e: 57:7b:53:2a:57:f7:66:73:91:31:28:08:3c:2f:2f: b9:f2:7c:a0:21:78:24:a7:84:3f:2c:e4:56:d6:ba: d2:c2:4c:a0:ff:56:9a:f4:d3:4f:23:d7:fb:19:72: 58:fe:fd:68:ed:ba:9c:28:20:ee:d3:37:bf:81:be: b9:73:0f:55:48:30:6b:47:01:d4:42:f0:3b:2a:e6: b1:58:59:0d:75:53:0a:78:b9:92:05:fc:33:b4:2e: f1:27:9b:89:d6:15:5a:9b:0e:de:9c:d2:e1:8f:0f: ee:29:da:fa:76:bc:8c:bf:f5:71:98:9e:d1:26:a1: 9f:f5:f5:bd:2f:75:e7:96:0e:8b:35:37:dd:ad:ee: ea:24:7c:3d:0b:a8:d0:f0:df:2c:76:70:40:28:24: 39:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:44:05:DE:F4:34:E2:7E:69:3F:82:1D:9B:0A:64:DD:97:B7:8C:08 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152079.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.0.0/23 Signature Algorithm: sha256WithRSAEncryption 65:df:46:71:13:55:b8:58:b1:03:0c:42:2e:38:c5:b1:a8:c5: b7:4e:32:83:83:b4:51:b6:c2:4e:79:37:c1:9a:99:e9:cf:de: 9a:4d:0f:1b:30:e9:70:8f:36:7a:28:c3:30:24:37:17:33:e4: f7:e4:bf:b6:eb:5f:be:ca:cd:47:1e:a8:a4:98:0d:21:13:49: 03:3f:a9:1f:8a:2c:bd:56:ab:f6:a3:76:e5:08:de:08:70:cf: 8c:0d:4c:59:6a:07:6c:06:75:ac:f0:00:f1:af:47:d0:0b:aa: 36:e1:f5:96:45:97:37:35:e1:59:a4:ad:8f:42:a2:12:db:b5: be:b1:b1:a3:6d:54:a8:87:12:f2:ab:c8:39:02:c2:6d:b1:bd: fd:61:26:de:e5:31:f2:04:e9:5e:58:92:9e:c2:28:b7:eb:9d: 1b:78:0e:6d:3d:69:8e:86:d0:03:b4:b0:fc:d5:bd:c5:77:d4: a2:0a:78:6d:d4:e9:d7:ad:19:43:50:7c:ba:7d:d3:8a:b2:81: 97:56:dd:b4:16:e4:40:c3:38:60:c5:c6:fe:b6:ba:77:70:51: 4d:3b:ec:84:ce:8c:a1:ec:39:b7:06:a5:60:83:2f:d7:51:cd: 31:a8:2c:4f:fe:cd:96:62:64:08:b7:68:6a:ce:eb:eb:3b:52: 85:c0:0b:2b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUGhA5vLQDv3WTTgq20rkUsQcgKOIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTc0NVoX DTI3MDUwMTA5MjI0NVowMzExMC8GA1UEAxMoQjg0NDA1REVGNDM0RTI3RTY5M0Y4 MjFEOUIwQTY0REQ5N0I3OEMwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/E9FbSvC1hS5PCOiay/W5cczhFFWb09RHpHRZ1mojEtQQCSyFLhnwkXZid GWDBvJQn0GEPp9s0O88wIvYEcLnBZmm3xdn4s/Go/LgS6gehPYP3ah4DDedPrVu1 wJQYyMGRacIVKdJeV3tTKlf3ZnORMSgIPC8vufJ8oCF4JKeEPyzkVta60sJMoP9W mvTTTyPX+xlyWP79aO26nCgg7tM3v4G+uXMPVUgwa0cB1ELwOyrmsVhZDXVTCni5 kgX8M7Qu8SebidYVWpsO3pzS4Y8P7ina+na8jL/1cZie0Sahn/X1vS9155YOizU3 3a3u6iR8PQuo0PDfLHZwQCgkOQcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBS4RAXe 9DTifmk/gh2bCmTdl7eMCDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyMDc5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnQoAMA0GCSqGSIb3DQEBCwUAA4IBAQBl30ZxE1W4WLEDDEIuOMWxqMW3 TjKDg7RRtsJOeTfBmpnpz96aTQ8bMOlwjzZ6KMMwJDcXM+T35L+261++ys1HHqik mA0hE0kDP6kfiiy9Vqv2o3blCN4IcM+MDUxZagdsBnWs8ADxr0fQC6o24fWWRZc3 NeFZpK2PQqIS27W+sbGjbVSohxLyq8g5AsJtsb39YSbe5THyBOleWJKewii3650b eA5tPWmOhtADtLD81b3Fd9SiCnht1OnXrRlDUHy6fdOKsoGXVt20FuRAwzhgxcb+ trp3cFFNO+yEzoyh7Dm3BqVggy/XUc0xqCxP/s2WYmQIt2hqzuvrO1KFwAsr -----END CERTIFICATE-----Generated at Sat May 2 21:03:47 2026 by rpki-client