$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152436.roa File: AS152436.roa (raw, json) Hash identifier: SZ6XQo5tzHAUv2YyJavI30fm7SxhAF2dawfwX45OnKk= Subject key identifier: 83:B2:6B:43:3E:F9:FC:F9:62:C3:A3:FC:FC:F9:50:3D:CE:12:2E:28 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 6CD3DE497F4C12F04119DAC446E57679F8F636BD Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152436.roa Signing time: Sat 02 May 2026 09:23:27 +0000 ROA not before: Sat 02 May 2026 09:18:27 +0000 ROA not after: Sat 01 May 2027 09:23:27 +0000 asID: 152436 IP address blocks: 157.20.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:d3:de:49:7f:4c:12:f0:41:19:da:c4:46:e5:76:79:f8:f6:36:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:27 2026 GMT Not After : May 1 09:23:27 2027 GMT Subject: CN=83B26B433EF9FCF962C3A3FCFCF9503DCE122E28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:b3:0c:93:ab:95:9f:17:f6:04:0c:6c:80:2f: 87:a2:f1:a9:07:9d:1c:fb:cc:ca:12:20:7a:d4:f7: e2:2e:c0:0f:91:7a:4e:fa:76:99:86:83:04:a5:82: 13:67:8e:27:2e:57:52:8f:10:74:4e:27:41:99:81: cb:d2:bc:5c:46:5e:5f:db:55:c3:95:cf:ea:2b:47: 30:20:86:a7:cd:25:dc:04:38:37:bb:17:c3:f3:2d: ff:40:2e:20:d5:c8:fc:b9:02:d9:f1:04:14:d5:4d: 0c:2f:c9:65:61:e0:05:4a:fb:2f:01:1a:21:22:7c: 3e:aa:07:f0:f4:a0:bc:66:5f:dc:7a:1b:64:78:b8: e2:5b:0c:fb:c7:d8:6b:f4:57:b8:a6:68:4d:d1:54: 70:e9:7a:5f:a2:61:2f:b8:55:ee:8a:50:41:72:30: d0:c1:62:71:66:82:33:b3:ec:d1:a0:bf:b9:64:1d: 4a:f4:7d:3c:05:d6:29:17:61:00:56:71:0a:94:e2: 74:0f:73:a0:68:72:ae:cc:f4:78:24:85:d5:83:ff: 5a:c1:8f:17:dc:85:0f:c5:96:b3:88:0e:24:ab:fa: f4:88:d1:a8:35:f5:6e:d9:64:a5:af:07:ae:b5:90: c5:84:54:f4:de:60:f1:e0:57:a8:67:18:2a:cf:b5: 51:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:B2:6B:43:3E:F9:FC:F9:62:C3:A3:FC:FC:F9:50:3D:CE:12:2E:28 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.206.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:5d:93:4f:61:19:f0:c2:3f:e0:bd:88:b0:27:85:cc:bb:d8: 3d:92:a4:cf:44:c7:82:07:78:bf:40:fe:be:10:f7:32:07:44: bc:64:c8:5b:cb:b6:3e:1e:3a:8a:b0:fc:f6:c5:6a:ac:c4:f1: 47:1b:34:ed:1f:24:66:7e:b4:da:f5:93:7b:31:35:c5:a1:3b: ca:90:10:13:7b:af:c1:56:10:c0:a3:cb:a7:31:61:96:98:5e: d3:8e:ac:40:a7:b7:b9:38:22:a0:30:c5:a5:3b:90:d0:8c:b7: 5c:08:8d:33:1a:4a:e3:82:ac:a2:d0:f9:58:e3:2d:93:30:06: 08:6e:fa:2b:ae:10:f6:38:39:a9:35:b6:21:e5:69:11:ea:8a: ed:2c:65:74:00:b4:8d:6f:87:ce:4b:2e:18:4c:05:99:4a:80: e9:13:9d:76:e8:76:9d:21:86:9b:3b:db:c9:fb:b7:39:62:c8: 68:13:2f:50:03:94:3e:02:28:2f:ee:70:8a:04:35:60:00:d8: ef:43:65:90:ff:f7:32:13:e8:01:09:e1:46:67:e6:2e:91:2b: 88:89:47:3e:55:01:22:6f:4d:d1:75:3c:0a:44:b5:d4:3d:03: d6:6f:1e:34:20:e5:40:ea:3b:5c:90:3a:95:83:1e:79:63:21: 3e:05:7b:68 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUbNPeSX9MEvBBGdrERuV2efj2Nr0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTgyN1oX DTI3MDUwMTA5MjMyN1owMzExMC8GA1UEAxMoODNCMjZCNDMzRUY5RkNGOTYyQzNB M0ZDRkNGOTUwM0RDRTEyMkUyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALizDJOrlZ8X9gQMbIAvh6LxqQedHPvMyhIgetT34i7AD5F6Tvp2mYaDBKWC E2eOJy5XUo8QdE4nQZmBy9K8XEZeX9tVw5XP6itHMCCGp80l3AQ4N7sXw/Mt/0Au INXI/LkC2fEEFNVNDC/JZWHgBUr7LwEaISJ8PqoH8PSgvGZf3HobZHi44lsM+8fY a/RXuKZoTdFUcOl6X6JhL7hV7opQQXIw0MFicWaCM7Ps0aC/uWQdSvR9PAXWKRdh AFZxCpTidA9zoGhyrsz0eCSF1YP/WsGPF9yFD8WWs4gOJKv69IjRqDX1btlkpa8H rrWQxYRU9N5g8eBXqGcYKs+1UU8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSDsmtD Pvn8+WLDo/z8+VA9zhIuKDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDM2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnRTOMA0GCSqGSIb3DQEBCwUAA4IBAQBvXZNPYRnwwj/gvYiwJ4XMu9g9 kqTPRMeCB3i/QP6+EPcyB0S8ZMhby7Y+HjqKsPz2xWqsxPFHGzTtHyRmfrTa9ZN7 MTXFoTvKkBATe6/BVhDAo8unMWGWmF7TjqxAp7e5OCKgMMWlO5DQjLdcCI0zGkrj gqyi0PlY4y2TMAYIbvorrhD2ODmpNbYh5WkR6ortLGV0ALSNb4fOSy4YTAWZSoDp E5126HadIYabO9vJ+7c5YshoEy9QA5Q+Aigv7nCKBDVgANjvQ2WQ//cyE+gBCeFG Z+YukSuIiUc+VQEib03RdTwKRLXUPQPWbx40IOVA6jtckDqVgx55YyE+BXto -----END CERTIFICATE-----Generated at Sat May 2 21:04:47 2026 by rpki-client