$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152424.roa File: AS152424.roa (raw, json) Hash identifier: QDxp7dflDhJ0KQNw+3QkAIvHEre9fDoySc3PaRGsl54= Subject key identifier: F1:00:76:DB:6B:82:C7:DB:F2:4A:D9:B6:4E:53:80:7D:DA:C5:18:AC Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 090E1075955A8A2C994797DBEDA7312DC323CB65 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152424.roa Signing time: Sat 02 May 2026 09:23:08 +0000 ROA not before: Sat 02 May 2026 09:18:08 +0000 ROA not after: Sat 01 May 2027 09:23:08 +0000 asID: 152424 IP address blocks: 157.20.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:0e:10:75:95:5a:8a:2c:99:47:97:db:ed:a7:31:2d:c3:23:cb:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:08 2026 GMT Not After : May 1 09:23:08 2027 GMT Subject: CN=F10076DB6B82C7DBF24AD9B64E53807DDAC518AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:be:40:9c:11:cb:5a:2d:c1:81:3e:ef:9f:50: 96:59:44:29:0d:22:33:ea:80:8a:4c:85:c6:e8:1d: ca:e8:6f:a9:88:6c:c8:6f:5b:08:f7:01:73:e9:b0: 29:dc:2a:cb:d1:a1:be:bc:6f:f4:d0:31:6e:88:2d: 8a:7d:b3:d4:2b:78:e4:b8:6c:bb:49:ba:4d:65:57: 57:de:26:83:ca:84:7e:3c:51:76:d7:f6:39:37:5d: 8b:73:6b:81:88:bf:d5:54:bf:83:78:80:71:20:00: 11:22:e8:2f:d3:a6:20:71:b3:30:85:d6:0f:11:62: cf:64:ce:29:0b:ae:e5:e9:61:21:cb:c5:97:d8:33: 4e:97:d0:34:fd:00:f2:36:69:71:ef:4c:6d:b9:65: 23:a7:b6:ff:ae:11:32:e5:82:e2:4f:f5:e6:c4:3f: 41:6c:bf:a9:76:4f:15:2a:70:75:8a:60:9f:b3:44: d5:3a:74:96:b2:8a:25:3d:13:79:ac:b0:21:b2:a9: a9:62:9c:03:82:52:a7:40:98:f1:b4:4f:1f:07:6b: c9:3d:a6:61:82:73:04:88:c0:79:5d:72:a4:16:15: 75:ad:21:09:8b:50:e1:6b:d0:0c:8b:dd:8c:ae:d3: 73:be:a5:19:f5:b2:71:92:55:37:8a:66:95:ae:cb: e9:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:00:76:DB:6B:82:C7:DB:F2:4A:D9:B6:4E:53:80:7D:DA:C5:18:AC X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152424.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.34.0/23 Signature Algorithm: sha256WithRSAEncryption 80:b0:ce:b3:a5:9c:79:ef:91:14:55:71:61:5d:51:93:69:7a: 8a:31:52:03:a0:a8:cb:fa:2a:d1:46:3d:04:2a:ea:7e:25:a8: 1e:cb:34:53:47:d0:e1:51:a9:d3:de:36:6c:7f:c7:0c:b2:0c: 88:72:0f:d1:5f:14:39:0b:8b:18:9d:e0:79:f9:7a:2d:db:d7: 00:ab:b5:ca:4e:64:57:06:76:fa:34:2e:f4:33:f2:45:28:07: 35:8b:d6:71:c2:0a:e8:97:d4:34:ac:0d:9d:8d:b0:18:5a:c8: f5:9c:12:76:d5:ac:4a:f8:3f:a5:51:38:5a:97:b4:e2:d9:58: 06:6b:c2:48:01:9a:27:df:a7:0c:5b:50:9a:88:2b:f8:71:b1: 30:cd:14:56:51:7a:1e:d4:94:8e:ab:8e:76:31:8c:33:ce:e6: 26:d4:fb:27:ed:62:17:ad:aa:4a:f7:f8:e2:e1:52:4c:d9:db: 3c:a2:e3:90:b7:55:cc:52:0a:f4:3b:b1:53:8b:44:41:10:0f: 60:b4:fd:fd:3d:81:9b:ff:62:0b:6e:ea:38:4d:e7:9f:ee:af: 06:fe:74:cc:6e:7f:ba:f7:82:cb:f9:50:e0:a9:59:df:24:eb: df:3f:43:cb:50:d0:41:9a:61:e2:67:0d:a0:93:e7:2f:84:a4: 74:94:53:a1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUCQ4QdZVaiiyZR5fb7acxLcMjy2UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgwOFoX DTI3MDUwMTA5MjMwOFowMzExMC8GA1UEAxMoRjEwMDc2REI2QjgyQzdEQkYyNEFE OUI2NEU1MzgwN0REQUM1MThBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK++QJwRy1otwYE+759QlllEKQ0iM+qAikyFxugdyuhvqYhsyG9bCPcBc+mw Kdwqy9Ghvrxv9NAxbogtin2z1Ct45Lhsu0m6TWVXV94mg8qEfjxRdtf2OTddi3Nr gYi/1VS/g3iAcSAAESLoL9OmIHGzMIXWDxFiz2TOKQuu5elhIcvFl9gzTpfQNP0A 8jZpce9MbbllI6e2/64RMuWC4k/15sQ/QWy/qXZPFSpwdYpgn7NE1Tp0lrKKJT0T eaywIbKpqWKcA4JSp0CY8bRPHwdryT2mYYJzBIjAeV1ypBYVda0hCYtQ4WvQDIvd jK7Tc76lGfWycZJVN4pmla7L6QsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBTxAHbb a4LH2/JK2bZOU4B92sUYrDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnRQiMA0GCSqGSIb3DQEBCwUAA4IBAQCAsM6zpZx575EUVXFhXVGTaXqK MVIDoKjL+irRRj0EKup+JageyzRTR9DhUanT3jZsf8cMsgyIcg/RXxQ5C4sYneB5 +Xot29cAq7XKTmRXBnb6NC70M/JFKAc1i9Zxwgrol9Q0rA2djbAYWsj1nBJ21axK +D+lUThal7Ti2VgGa8JIAZon36cMW1CaiCv4cbEwzRRWUXoe1JSOq452MYwzzuYm 1Psn7WIXrapK9/ji4VJM2ds8ouOQt1XMUgr0O7FTi0RBEA9gtP39PYGb/2ILbuo4 Teef7q8G/nTMbn+694LL+VDgqVnfJOvfP0PLUNBBmmHiZw2gk+cvhKR0lFOh -----END CERTIFICATE-----Generated at Sat May 2 21:05:01 2026 by rpki-client