$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa File: AS152429.roa (raw, json) Hash identifier: HQ+HTnkOMIkYh/omHZIkZbyuKcuIYmJztR2xXNFTNuw= Subject key identifier: 19:B3:06:AF:87:66:5C:78:0B:EB:99:0A:0E:D6:0E:32:22:F2:50:BF Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 4660E2A653509BA54BD37C0AFCAD4C0FA353FB62 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa Signing time: Sat 02 May 2026 18:08:44 +0000 ROA not before: Sat 02 May 2026 18:03:44 +0000 ROA not after: Sat 01 May 2027 18:08:44 +0000 asID: 152429 IP address blocks: 157.20.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:60:e2:a6:53:50:9b:a5:4b:d3:7c:0a:fc:ad:4c:0f:a3:53:fb:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 18:03:44 2026 GMT Not After : May 1 18:08:44 2027 GMT Subject: CN=19B306AF87665C780BEB990A0ED60E3222F250BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:96:5e:1e:4a:50:96:7c:17:ed:14:f9:f8:54: a8:8b:d0:13:c3:39:3b:66:92:46:ba:52:3e:d3:c9: 77:32:40:4e:bf:88:ce:e9:09:d1:98:f7:f2:b8:5a: 0c:f4:80:e5:6b:20:b3:94:6a:0f:00:56:58:5b:1b: a6:b2:e3:46:8d:fb:d0:40:5b:2d:dc:5d:78:f5:14: 02:3f:15:57:07:88:50:39:23:54:c9:ef:a5:d9:8b: 7c:bb:1c:d5:aa:46:6e:28:e0:1e:0b:39:7c:51:51: ac:73:70:d3:62:4d:ce:b5:0b:18:53:c1:74:83:2f: f0:5a:a8:f2:0a:bd:99:75:7b:c9:ea:f1:0c:f1:07: c2:83:b2:64:e3:c7:77:8c:0a:61:38:42:64:d3:93: 8e:dc:83:09:5c:49:0e:9b:bd:f4:6f:a4:21:19:35: 75:5a:e6:b8:40:68:94:9a:2f:3c:73:b6:d6:a4:55: 2a:01:43:1e:52:bb:a0:ce:85:62:2f:aa:cf:25:4c: fe:e1:21:bd:07:06:80:e4:6f:c2:6e:0f:41:8c:f9: 0b:04:3e:4a:bf:f6:95:b7:50:86:d4:24:73:8d:59: 05:82:b1:3e:19:0e:64:1b:3c:3b:19:87:21:f1:1a: 07:e9:4e:06:13:0e:11:d2:c5:31:a3:d7:41:1f:a9: a8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:B3:06:AF:87:66:5C:78:0B:EB:99:0A:0E:D6:0E:32:22:F2:50:BF X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.238.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:89:0f:48:82:9a:c9:07:77:06:89:7f:aa:21:56:10:dd:5b: 9e:3e:b4:93:bf:57:ca:51:a6:8a:28:2b:73:b2:20:69:1e:ad: af:8a:2e:d2:d0:85:0a:fe:1b:10:53:96:42:09:5d:db:ce:64: 2c:07:0e:db:77:92:30:df:f2:64:c3:ae:9f:7f:87:60:c2:42: de:d8:6a:5e:ff:28:7e:85:bd:89:7a:7d:50:f1:59:57:68:a2: e5:74:57:46:51:df:e1:10:23:91:05:03:83:df:93:36:49:e6: 05:8f:9e:22:06:a1:c4:1b:76:8a:3a:89:51:2a:9f:a7:4b:3c: 81:6c:7e:66:1e:f0:cc:36:c1:4a:07:6b:70:b2:1b:d4:51:3c: 77:85:2f:a1:61:b2:b1:c1:57:c8:e0:dd:0e:5a:52:81:ac:ae: e4:92:2b:73:11:5c:44:5f:aa:79:ed:0f:bd:1a:94:da:aa:02: d5:1c:8b:7b:1b:25:10:c8:4f:6b:51:07:60:00:39:dd:ae:04: 7f:92:70:56:5c:7a:35:c8:f9:e8:31:e7:bb:e8:6a:04:45:b4: 33:99:dd:f4:15:b4:4a:1a:83:0c:86:62:f9:1d:c8:cd:9c:69: bc:e9:1b:79:4c:05:37:29:45:4f:98:78:b7:be:cb:ee:5a:11: a8:2a:14:24 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIURmDiplNQm6VL03wK/K1MD6NT+2IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjE4MDM0NFoX DTI3MDUwMTE4MDg0NFowMzExMC8GA1UEAxMoMTlCMzA2QUY4NzY2NUM3ODBCRUI5 OTBBMEVENjBFMzIyMkYyNTBCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANSWXh5KUJZ8F+0U+fhUqIvQE8M5O2aSRrpSPtPJdzJATr+IzukJ0Zj38rha DPSA5Wsgs5RqDwBWWFsbprLjRo370EBbLdxdePUUAj8VVweIUDkjVMnvpdmLfLsc 1apGbijgHgs5fFFRrHNw02JNzrULGFPBdIMv8Fqo8gq9mXV7yerxDPEHwoOyZOPH d4wKYThCZNOTjtyDCVxJDpu99G+kIRk1dVrmuEBolJovPHO21qRVKgFDHlK7oM6F Yi+qzyVM/uEhvQcGgORvwm4PQYz5CwQ+Sr/2lbdQhtQkc41ZBYKxPhkOZBs8OxmH IfEaB+lOBhMOEdLFMaPXQR+pqN0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQZswav h2ZceAvrmQoO1g4yIvJQvzAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDI5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAnRTuMA0GCSqGSIb3DQEBCwUAA4IBAQCLiQ9IgprJB3cGiX+qIVYQ3Vue PrSTv1fKUaaKKCtzsiBpHq2vii7S0IUK/hsQU5ZCCV3bzmQsBw7bd5Iw3/Jkw66f f4dgwkLe2Gpe/yh+hb2Jen1Q8VlXaKLldFdGUd/hECORBQOD35M2SeYFj54iBqHE G3aKOolRKp+nSzyBbH5mHvDMNsFKB2twshvUUTx3hS+hYbKxwVfI4N0OWlKBrK7k kitzEVxEX6p57Q+9GpTaqgLVHIt7GyUQyE9rUQdgADndrgR/knBWXHo1yPnoMee7 6GoERbQzmd30FbRKGoMMhmL5HcjNnGm86Rt5TAU3KUVPmHi3vsvuWhGoKhQk -----END CERTIFICATE-----Generated at Sat May 2 21:04:47 2026 by rpki-client