$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152431.roa File: AS152431.roa (raw, json) Hash identifier: ZSk0ldG3knon+HdPr7Ao6IAmMoyYwTzKiJi0L6aKi9E= Subject key identifier: 11:07:D6:1D:E2:42:7A:09:BD:E5:7A:95:1A:1A:B5:28:A4:50:32:2E Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3F2BBB5D8C663360B48249EE9588D783AB933B2D Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152431.roa Signing time: Sat 02 May 2026 09:23:53 +0000 ROA not before: Sat 02 May 2026 09:18:53 +0000 ROA not after: Sat 01 May 2027 09:23:53 +0000 asID: 152431 IP address blocks: 157.20.230.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:2b:bb:5d:8c:66:33:60:b4:82:49:ee:95:88:d7:83:ab:93:3b:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:53 2026 GMT Not After : May 1 09:23:53 2027 GMT Subject: CN=1107D61DE2427A09BDE57A951A1AB528A450322E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:58:c2:cb:ff:b2:68:88:c6:8f:71:c4:6b:cb: 4d:22:5f:fe:74:d5:f5:67:85:f4:04:4b:3e:64:51: a2:54:21:02:ac:71:dc:6e:fe:eb:56:7c:23:8f:eb: f1:78:fd:43:15:37:d6:8e:e8:b3:fd:1b:f4:4f:6d: d4:53:cf:6f:26:94:71:b0:78:b9:98:43:c4:0f:72: 7f:af:40:cb:12:d1:6c:aa:71:4e:4c:e2:d7:e0:04: 25:65:33:34:78:e3:4d:fa:c4:fa:8d:ab:30:eb:1e: 60:a1:eb:e7:33:fe:0a:80:87:da:c0:97:88:11:92: 2c:b0:59:b4:7e:5e:40:b5:f8:c9:0d:df:e1:3c:16: 89:da:62:b5:98:ee:14:1e:3c:1c:b1:3b:f0:e6:48: f1:a0:8a:e7:8a:6e:92:07:d5:f3:9b:e6:9a:26:7f: 5f:48:bb:c5:6c:aa:c3:3e:60:be:67:a9:d3:0a:1d: ba:52:71:aa:a8:c3:49:44:3f:99:04:fd:0f:a0:13: d7:f6:04:62:f7:53:99:c1:c3:1a:d5:c5:cb:d5:64: cc:c9:da:73:ad:6c:b3:53:d2:90:21:5b:84:48:dd: fa:c2:a4:f6:fe:c3:94:f4:ff:58:64:c4:94:7a:e8: b5:74:90:fe:d4:16:bb:28:c1:a8:e6:78:73:22:bd: e5:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:07:D6:1D:E2:42:7A:09:BD:E5:7A:95:1A:1A:B5:28:A4:50:32:2E X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.230.0/23 Signature Algorithm: sha256WithRSAEncryption 59:ac:2f:e4:a2:77:3f:12:f8:40:e8:53:c4:e2:ad:83:0f:b7: 75:da:39:28:d9:e6:f5:8d:53:71:a8:97:37:8a:b7:da:30:ab: ec:22:cd:ca:47:de:30:78:05:bd:92:3d:7e:bd:b6:8a:8a:0f: aa:81:39:83:e5:7a:f6:d6:a0:8c:12:3c:8a:11:7c:13:b7:ce: f5:19:69:bf:0b:35:99:5c:88:37:cb:13:6f:3a:d9:67:e8:8e: 8d:d5:aa:3c:4f:90:6d:c7:0b:ef:c8:c0:eb:3b:d8:7d:05:c3: 2c:a6:a3:f1:c1:40:1f:2d:d2:4b:9b:22:ac:ca:34:b8:91:bc: e9:f9:0c:95:ec:89:5b:78:78:6b:2a:07:5b:da:f2:9b:cd:cd: 29:a1:c8:ba:8f:ef:27:cd:38:80:a3:70:50:f8:22:88:4f:66: b6:da:3c:37:92:a5:3a:fc:93:b3:93:7f:8a:d7:61:10:1b:e3: b0:b1:28:18:4d:4f:43:ef:e5:67:be:42:35:f4:8f:53:d3:95: d3:f5:3f:3a:c3:9d:1d:85:6d:e2:78:2c:05:da:fa:b6:5a:2a: 57:6c:e4:87:39:7f:0b:0d:73:b5:91:f1:9a:48:a6:a4:d5:e0: 79:a2:c6:e5:95:df:47:72:16:49:e6:73:21:cd:e9:65:41:47: 64:a8:db:3d -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUPyu7XYxmM2C0gknulYjXg6uTOy0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg1M1oX DTI3MDUwMTA5MjM1M1owMzExMC8GA1UEAxMoMTEwN0Q2MURFMjQyN0EwOUJERTU3 QTk1MUExQUI1MjhBNDUwMzIyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOtYwsv/smiIxo9xxGvLTSJf/nTV9WeF9ARLPmRRolQhAqxx3G7+61Z8I4/r 8Xj9QxU31o7os/0b9E9t1FPPbyaUcbB4uZhDxA9yf69AyxLRbKpxTkzi1+AEJWUz NHjjTfrE+o2rMOseYKHr5zP+CoCH2sCXiBGSLLBZtH5eQLX4yQ3f4TwWidpitZju FB48HLE78OZI8aCK54pukgfV85vmmiZ/X0i7xWyqwz5gvmep0wodulJxqqjDSUQ/ mQT9D6AT1/YEYvdTmcHDGtXFy9VkzMnac61ss1PSkCFbhEjd+sKk9v7DlPT/WGTE lHrotXSQ/tQWuyjBqOZ4cyK95acCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQRB9Yd 4kJ6Cb3lepUaGrUopFAyLjAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDMxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnRTmMA0GCSqGSIb3DQEBCwUAA4IBAQBZrC/konc/EvhA6FPE4q2DD7d1 2jko2eb1jVNxqJc3irfaMKvsIs3KR94weAW9kj1+vbaKig+qgTmD5Xr21qCMEjyK EXwTt871GWm/CzWZXIg3yxNvOtln6I6N1ao8T5BtxwvvyMDrO9h9BcMspqPxwUAf LdJLmyKsyjS4kbzp+QyV7IlbeHhrKgdb2vKbzc0poci6j+8nzTiAo3BQ+CKIT2a2 2jw3kqU6/JOzk3+K12EQG+OwsSgYTU9D7+VnvkI19I9T05XT9T86w50dhW3ieCwF 2vq2WipXbOSHOX8LDXO1kfGaSKak1eB5osblld9HchZJ5nMhzellQUdkqNs9 -----END CERTIFICATE-----Generated at Sat May 2 21:05:01 2026 by rpki-client