$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152442.roa File: AS152442.roa (raw, json) Hash identifier: tvXS+Cca9KQgaasC51w92e7nACLWFv+8Cx/rP8MwVxQ= Subject key identifier: 8E:A0:32:F7:38:6E:09:65:07:30:51:EA:17:B2:E9:89:16:BC:7E:99 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 01C46B850A72E9FD3085A6A214DACAC06FC6B17A Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152442.roa Signing time: Sat 02 May 2026 15:24:05 +0000 ROA not before: Sat 02 May 2026 15:19:05 +0000 ROA not after: Sat 01 May 2027 15:24:05 +0000 asID: 152442 IP address blocks: 157.66.86.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:c4:6b:85:0a:72:e9:fd:30:85:a6:a2:14:da:ca:c0:6f:c6:b1:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 15:19:05 2026 GMT Not After : May 1 15:24:05 2027 GMT Subject: CN=8EA032F7386E0965073051EA17B2E98916BC7E99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:26:f2:54:b2:ad:c0:dc:3e:b3:37:60:99:aa: 61:5f:e8:5f:f4:b3:bf:dd:32:1f:06:e0:a9:08:d4: 7f:4d:7e:cb:e8:9c:a6:bc:00:f0:9f:1b:69:ec:50: 60:bc:3b:2f:0e:eb:9f:ee:af:fb:12:ab:7c:ce:77: ff:64:cd:d4:02:f2:32:4d:82:fa:59:66:48:42:cd: 0b:40:ed:32:f9:50:7a:99:23:26:7a:3d:3c:a3:15: 57:81:39:d4:7a:88:c8:e2:4f:90:1d:e6:d1:7a:34: da:2d:1f:8b:83:fd:8f:5e:ef:51:07:21:9d:96:bb: 85:61:89:ac:d7:ea:f2:48:31:ba:3a:32:4b:c9:1b: 9f:12:32:0d:5b:06:99:b0:36:5a:52:5d:1c:22:23: 4e:3c:e6:9e:5e:31:8b:69:6a:8a:e6:12:2e:00:40: e7:c4:2e:0d:21:63:d3:98:20:03:87:8f:7d:83:56: 94:69:8f:3b:fa:86:88:3d:57:76:9a:cb:44:1d:98: 9a:86:37:96:6e:aa:dd:47:b8:73:4e:ca:14:ba:cc: 9f:c2:5c:13:c7:e0:29:e7:3f:41:59:0d:b0:a0:97: 50:99:82:53:7a:46:1a:73:9d:40:db:d5:71:82:07: f6:a1:eb:88:89:99:cb:7c:ba:14:ba:63:06:66:9c: 9b:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A0:32:F7:38:6E:09:65:07:30:51:EA:17:B2:E9:89:16:BC:7E:99 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152442.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.86.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:ba:6f:97:9f:ac:37:48:d5:ff:15:3d:3b:98:ff:14:27:b5: 2f:1b:df:b2:be:43:2e:1c:5f:33:94:b5:3c:b2:7b:f5:04:8c: 6f:b2:ed:ee:c2:a2:07:0a:ad:01:a8:10:4c:0c:dc:2c:84:57: 1f:f4:c3:d2:49:f0:3c:a4:e5:20:25:14:96:87:38:77:a8:3d: e0:96:4e:72:ac:05:9d:e5:09:00:9f:a4:41:f5:86:99:38:f0: d6:b2:ab:a4:bd:8e:81:2e:ac:6a:21:8d:49:07:02:f0:4f:a7: 8d:88:de:da:1d:0e:01:c6:97:4d:36:8f:04:9e:46:7b:55:56: 2f:2d:fe:f4:4d:19:21:41:e3:56:b2:64:62:71:7b:ac:43:de: a3:b4:12:15:41:ef:3f:4d:14:9e:e0:44:4c:a3:4c:1c:61:49: f3:6c:52:9b:eb:f8:4c:62:da:a6:a7:9b:94:54:72:bc:60:55: 4b:a2:47:8d:17:88:7e:1d:ae:6f:9a:a6:4b:d4:5a:ae:7d:19: 7e:e4:b8:45:48:40:aa:f0:bc:c7:1e:b5:2d:78:e2:6c:41:8c: f3:4b:32:2b:5f:8b:8b:a9:20:ff:7f:2c:aa:62:a6:44:a4:73: fe:51:a1:3c:57:f4:f0:de:70:f2:f1:d3:9a:00:84:be:e9:10: dc:82:9e:2a -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUAcRrhQpy6f0whaaiFNrKwG/GsXowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjE1MTkwNVoX DTI3MDUwMTE1MjQwNVowMzExMC8GA1UEAxMoOEVBMDMyRjczODZFMDk2NTA3MzA1 MUVBMTdCMkU5ODkxNkJDN0U5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK4m8lSyrcDcPrM3YJmqYV/oX/Szv90yHwbgqQjUf01+y+icprwA8J8baexQ YLw7Lw7rn+6v+xKrfM53/2TN1ALyMk2C+llmSELNC0DtMvlQepkjJno9PKMVV4E5 1HqIyOJPkB3m0Xo02i0fi4P9j17vUQchnZa7hWGJrNfq8kgxujoyS8kbnxIyDVsG mbA2WlJdHCIjTjzmnl4xi2lqiuYSLgBA58QuDSFj05ggA4ePfYNWlGmPO/qGiD1X dprLRB2YmoY3lm6q3Ue4c07KFLrMn8JcE8fgKec/QVkNsKCXUJmCU3pGGnOdQNvV cYIH9qHriImZy3y6FLpjBmacm5ECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSOoDL3 OG4JZQcwUeoXsumJFrx+mTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDQyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnUJWMA0GCSqGSIb3DQEBCwUAA4IBAQA/um+Xn6w3SNX/FT07mP8UJ7Uv G9+yvkMuHF8zlLU8snv1BIxvsu3uwqIHCq0BqBBMDNwshFcf9MPSSfA8pOUgJRSW hzh3qD3glk5yrAWd5QkAn6RB9YaZOPDWsqukvY6BLqxqIY1JBwLwT6eNiN7aHQ4B xpdNNo8EnkZ7VVYvLf70TRkhQeNWsmRicXusQ96jtBIVQe8/TRSe4ERMo0wcYUnz bFKb6/hMYtqmp5uUVHK8YFVLokeNF4h+Ha5vmqZL1FqufRl+5LhFSECq8LzHHrUt eOJsQYzzSzIrX4uLqSD/fyyqYqZEpHP+UaE8V/Tw3nDy8dOaAIS+6RDcgp4q -----END CERTIFICATE-----Generated at Sat May 2 21:05:30 2026 by rpki-client