$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152425.roa File: AS152425.roa (raw, json) Hash identifier: v+baGPpRB5Sx+05m+Qhm6ond9qPjFfGgEx/OSDXRljM= Subject key identifier: 27:FC:2A:04:EE:12:C1:DF:D4:3F:36:84:1F:59:9A:70:CC:90:64:2D Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3C6093FEC1D10ABCD2CF46345082A76036C2BBF7 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152425.roa Signing time: Sat 02 May 2026 09:24:20 +0000 ROA not before: Sat 02 May 2026 09:19:20 +0000 ROA not after: Sat 01 May 2027 09:24:20 +0000 asID: 152425 IP address blocks: 161.248.173.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:60:93:fe:c1:d1:0a:bc:d2:cf:46:34:50:82:a7:60:36:c2:bb:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:19:20 2026 GMT Not After : May 1 09:24:20 2027 GMT Subject: CN=27FC2A04EE12C1DFD43F36841F599A70CC90642D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:95:f9:4f:1b:11:b1:ea:28:80:aa:60:17:42: b2:0b:e3:50:f0:20:b7:74:34:2e:f7:e4:01:61:0c: 88:61:a0:6c:10:23:b7:0f:8c:c1:e8:9d:da:2b:81: 99:68:d1:ea:0b:f8:12:d2:b1:f9:12:90:dd:9f:a7: 7c:0e:4c:0a:f1:a7:21:23:91:52:71:df:54:88:55: d4:05:f8:bd:1d:9a:a9:d2:78:6a:c8:b4:c6:3c:b1: ea:91:b3:ad:bf:21:76:6f:e4:91:0d:97:31:83:11: 96:53:24:db:c9:8f:47:28:66:c3:62:87:6e:29:75: de:be:fe:20:c8:13:20:85:d6:2b:c9:e5:0b:07:e5: a3:95:49:6d:85:2a:cb:53:70:1c:a4:17:eb:19:5d: 64:73:6c:71:88:54:a3:88:5c:10:76:0e:43:42:69: 32:8b:98:6e:b6:36:6e:cb:b3:8d:a1:9a:6f:8e:81: 53:2d:d6:85:72:7a:21:b5:d1:68:35:35:44:82:96: 88:e0:9a:ad:ec:f0:52:c1:26:f3:4d:9a:39:81:9e: 31:7c:08:09:1c:cc:95:e4:1d:dd:61:4b:2a:44:39: c7:1a:01:a2:4e:28:35:84:8b:1f:8e:49:50:bf:4f: 61:36:6d:dc:3d:20:ae:33:e6:38:f8:c8:22:22:96: 81:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:FC:2A:04:EE:12:C1:DF:D4:3F:36:84:1F:59:9A:70:CC:90:64:2D X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152425.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.173.0/24 Signature Algorithm: sha256WithRSAEncryption a1:3e:09:bd:74:e7:30:1c:d2:eb:d7:24:b2:8c:0d:1a:b3:9e: cf:e0:8c:68:ce:79:80:b3:6e:26:6e:f3:3f:a5:ae:10:b1:42: e2:83:c2:ac:8a:a1:46:36:fb:5f:49:6e:65:cc:b4:50:7e:7f: 68:64:4f:61:12:f8:32:87:06:40:bc:d0:a8:17:eb:c4:18:a7: de:98:79:d9:0d:dc:25:fb:06:2a:cb:dd:db:7a:66:a2:d8:e8: b5:cb:5a:b4:5a:cf:37:ee:2e:2c:2f:5a:8e:e3:ba:dc:88:61: b5:bb:ef:60:02:9e:c9:39:37:ae:d6:ed:bf:a0:fe:c2:d8:b0: d4:ea:bf:48:5a:00:3a:3d:73:61:d1:f1:b3:c4:5a:5b:9d:5e: 90:65:9f:f1:50:8a:58:80:10:b2:80:4c:ec:bb:d6:40:fa:1e: b8:ed:94:96:00:da:bd:b2:87:67:ae:99:0b:00:60:d7:10:fa: f3:27:e2:8a:a5:12:e7:99:ba:ea:c9:3e:a6:cc:93:c6:0e:2c: 91:01:69:b6:b0:45:42:3f:1d:09:86:7f:97:2b:f4:21:74:0b: 8c:f9:3d:68:d0:d3:65:04:62:ce:9b:07:4a:40:91:c4:d8:aa: a8:f9:07:d5:48:70:7d:b1:08:1a:bb:88:5f:ec:88:bd:35:81: 12:82:49:c8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUPGCT/sHRCrzSz0Y0UIKnYDbCu/cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTkyMFoX DTI3MDUwMTA5MjQyMFowMzExMC8GA1UEAxMoMjdGQzJBMDRFRTEyQzFERkQ0M0Yz Njg0MUY1OTlBNzBDQzkwNjQyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM2V+U8bEbHqKICqYBdCsgvjUPAgt3Q0LvfkAWEMiGGgbBAjtw+Mweid2iuB mWjR6gv4EtKx+RKQ3Z+nfA5MCvGnISORUnHfVIhV1AX4vR2aqdJ4asi0xjyx6pGz rb8hdm/kkQ2XMYMRllMk28mPRyhmw2KHbil13r7+IMgTIIXWK8nlCwflo5VJbYUq y1NwHKQX6xldZHNscYhUo4hcEHYOQ0JpMouYbrY2bsuzjaGab46BUy3WhXJ6IbXR aDU1RIKWiOCarezwUsEm802aOYGeMXwICRzMleQd3WFLKkQ5xxoBok4oNYSLH45J UL9PYTZt3D0grjPmOPjIIiKWgSMCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQn/CoE 7hLB39Q/NoQfWZpwzJBkLTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAofitMA0GCSqGSIb3DQEBCwUAA4IBAQChPgm9dOcwHNLr1ySyjA0as57P 4IxoznmAs24mbvM/pa4QsULig8KsiqFGNvtfSW5lzLRQfn9oZE9hEvgyhwZAvNCo F+vEGKfemHnZDdwl+wYqy93bemai2Oi1y1q0Ws837i4sL1qO47rciGG1u+9gAp7J OTeu1u2/oP7C2LDU6r9IWgA6PXNh0fGzxFpbnV6QZZ/xUIpYgBCygEzsu9ZA+h64 7ZSWANq9sodnrpkLAGDXEPrzJ+KKpRLnmbrqyT6mzJPGDiyRAWm2sEVCPx0Jhn+X K/QhdAuM+T1o0NNlBGLOmwdKQJHE2Kqo+QfVSHB9sQgau4hf7Ii9NYESgknI -----END CERTIFICATE-----Generated at Sat May 2 21:03:37 2026 by rpki-client