$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152432.roa File: AS152432.roa (raw, json) Hash identifier: i1SP1d11O7iE32KOi8roLgjTRLTJ8Q6KvGt7pgLXmqI= Subject key identifier: 36:EF:7C:D7:49:44:84:32:B3:6D:ED:13:F7:EF:19:23:33:AE:49:8C Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 42DAF19755449C1C1AC9552F280959177975A229 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152432.roa Signing time: Sat 02 May 2026 09:23:44 +0000 ROA not before: Sat 02 May 2026 09:18:44 +0000 ROA not after: Sat 01 May 2027 09:23:44 +0000 asID: 152432 IP address blocks: 157.20.237.0/24 maxlen: 24 160.20.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:da:f1:97:55:44:9c:1c:1a:c9:55:2f:28:09:59:17:79:75:a2:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:44 2026 GMT Not After : May 1 09:23:44 2027 GMT Subject: CN=36EF7CD749448432B36DED13F7EF192333AE498C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f3:be:3f:18:2d:50:9b:72:30:34:a0:74:f6: be:88:85:65:63:36:85:c2:36:7d:84:58:35:7d:19: 82:20:b8:41:34:d1:c3:83:fc:5a:47:c7:1c:33:21: c0:05:e9:a6:36:0e:e7:6b:bd:0d:24:d3:f9:10:41: e9:9e:85:d7:31:a3:3e:e3:4a:68:23:b5:14:72:05: 74:6f:b9:d3:dd:76:54:5f:19:50:89:2b:a8:66:2f: 1a:fc:a0:94:ab:49:79:8c:2c:3b:b7:70:5c:00:5b: d4:00:ad:d9:97:b4:32:2e:6a:5d:ed:af:d4:e7:09: 23:0c:8a:17:67:8c:1a:00:ef:ea:24:fe:0c:65:4f: cc:1c:94:47:72:fd:51:05:0d:ce:c8:00:96:67:03: a6:33:07:76:9e:62:68:eb:77:2e:9e:29:d8:ce:f5: c5:bb:37:ce:78:02:5a:3b:3d:88:4d:de:a7:60:cc: 2a:b0:bf:67:26:21:09:7c:ca:c6:f3:ce:0d:73:a9: e6:af:bf:04:2a:85:18:20:8d:50:c9:b3:78:35:c8: 8b:e5:93:2d:bf:f8:05:43:bd:00:44:09:b1:99:a8: d9:f7:56:49:b2:32:ee:d4:5f:f3:db:9b:0a:c6:0f: da:8d:73:7c:39:24:c1:a2:b3:e4:8a:18:11:28:12: 1d:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:EF:7C:D7:49:44:84:32:B3:6D:ED:13:F7:EF:19:23:33:AE:49:8C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.237.0/24 160.20.212.0/24 Signature Algorithm: sha256WithRSAEncryption 30:ac:53:c1:9a:fa:73:64:9e:9b:49:80:82:b8:f9:d2:7d:3b: b3:9a:fb:db:4c:0a:31:ae:21:86:21:01:29:7c:b2:2f:9c:89: 7c:51:ed:a4:7f:99:f0:6f:dc:95:03:ec:7a:48:ae:ba:f8:49: 38:61:dd:07:30:1d:11:b2:e8:5f:38:5f:0f:4e:0f:b5:77:86: 0b:64:4f:c6:56:dc:9d:00:9f:50:64:51:80:36:64:31:05:cf: 9a:c3:03:c9:5e:ac:62:36:ef:98:e4:b8:1d:83:ea:3d:32:35: af:70:90:52:7b:6e:d5:da:26:0b:46:9c:7b:2e:ef:81:ca:74: 82:0a:0b:e1:4b:67:50:23:ae:86:3f:8b:4f:ab:70:d1:14:b5: f7:47:1d:77:88:9f:e6:ca:d0:56:16:99:5e:06:ab:99:cc:89: 45:3c:85:50:a2:58:64:99:4c:93:a8:61:00:b2:68:d0:09:c4: 45:ee:8c:7c:bc:d4:d4:a7:71:b9:69:4d:ba:ee:83:55:71:2a: 1f:17:58:56:20:36:9e:47:80:b5:4b:07:7c:91:81:7b:3f:49: 49:22:ab:d4:00:9c:a3:c1:73:fa:a9:66:a4:5f:f4:8e:50:51: 48:27:8b:ef:bb:20:f2:e2:8b:ff:d2:3b:31:59:d3:ee:87:73: 91:f9:54:89 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUQtrxl1VEnBwayVUvKAlZF3l1oikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0NFoX DTI3MDUwMTA5MjM0NFowMzExMC8GA1UEAxMoMzZFRjdDRDc0OTQ0ODQzMkIzNkRF RDEzRjdFRjE5MjMzM0FFNDk4QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7zvj8YLVCbcjA0oHT2voiFZWM2hcI2fYRYNX0ZgiC4QTTRw4P8WkfHHDMh wAXppjYO52u9DSTT+RBB6Z6F1zGjPuNKaCO1FHIFdG+50912VF8ZUIkrqGYvGvyg lKtJeYwsO7dwXABb1ACt2Ze0Mi5qXe2v1OcJIwyKF2eMGgDv6iT+DGVPzByUR3L9 UQUNzsgAlmcDpjMHdp5iaOt3Lp4p2M71xbs3zngCWjs9iE3ep2DMKrC/ZyYhCXzK xvPODXOp5q+/BCqFGCCNUMmzeDXIi+WTLb/4BUO9AEQJsZmo2fdWSbIy7tRf89ub CsYP2o1zfDkkwaKz5IoYESgSHYcCAwEAAaOCAdIwggHOMB0GA1UdDgQWBBQ273zX SUSEMrNt7RP37xkjM65JjDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDMyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQAnRTtAwQAoBTUMA0GCSqGSIb3DQEBCwUAA4IBAQAwrFPBmvpzZJ6bSYCC uPnSfTuzmvvbTAoxriGGIQEpfLIvnIl8Ue2kf5nwb9yVA+x6SK66+Ek4Yd0HMB0R suhfOF8PTg+1d4YLZE/GVtydAJ9QZFGANmQxBc+awwPJXqxiNu+Y5Lgdg+o9MjWv cJBSe27V2iYLRpx7Lu+BynSCCgvhS2dQI66GP4tPq3DRFLX3Rx13iJ/mytBWFple BquZzIlFPIVQolhkmUyTqGEAsmjQCcRF7ox8vNTUp3G5aU267oNVcSofF1hWIDae R4C1Swd8kYF7P0lJIqvUAJyjwXP6qWakX/SOUFFIJ4vvuyDy4ov/0jsxWdPuh3OR +VSJ -----END CERTIFICATE-----Generated at Sat May 2 21:04:40 2026 by rpki-client