$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152782.roa File: AS152782.roa (raw, json) Hash identifier: TAy4D9XFVFN+Z8JKRyr8lW+dLOXJkcUx9aWkWo8veZ4= Subject key identifier: 96:7A:78:6A:E8:2A:37:40:6C:5E:D3:29:BB:9B:F2:68:F6:91:D3:6C Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 440AE277D26A280238564FB44664E92A2A4208BC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152782.roa Signing time: Sat 02 May 2026 09:23:43 +0000 ROA not before: Sat 02 May 2026 09:18:43 +0000 ROA not after: Sat 01 May 2027 09:23:43 +0000 asID: 152782 IP address blocks: 160.20.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:0a:e2:77:d2:6a:28:02:38:56:4f:b4:46:64:e9:2a:2a:42:08:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:43 2026 GMT Not After : May 1 09:23:43 2027 GMT Subject: CN=967A786AE82A37406C5ED329BB9BF268F691D36C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8d:79:1d:e7:92:e3:ca:21:62:67:dc:ab:c3: f6:35:63:0e:92:b7:4d:a7:4f:d9:41:33:b7:89:53: fd:11:e1:52:93:45:9a:15:7b:dc:80:24:33:0b:a3: 42:da:67:dc:85:96:1b:27:8e:a1:65:8c:1f:e5:67: 03:67:e0:af:48:00:6d:b3:35:48:97:36:30:c7:8e: eb:c5:b5:ad:5d:f4:4a:ea:ae:cc:4d:2b:a5:cb:c5: b1:a7:ab:41:14:20:2d:ff:0a:30:ac:e9:50:23:b5: 2a:e4:b8:8f:6c:c7:8a:12:c5:db:7c:b4:16:d6:c6: 4a:79:f7:87:a8:8c:3a:f1:f6:2b:e4:f8:a2:a2:38: 3a:a6:53:9f:f4:45:c5:2b:bb:f2:aa:c9:3f:06:f4: 57:10:21:9f:5f:a5:d2:cb:d4:c7:d9:6f:16:ba:10: 9b:17:7a:98:44:7f:92:48:c1:3d:01:4d:7f:80:df: 17:aa:98:9c:46:6b:c0:94:ca:a1:8f:a2:b0:9e:04: ca:19:9e:b1:1e:08:8b:a6:c2:8f:34:e7:ab:92:38: 44:e7:ad:7d:e2:69:40:37:b6:f6:d2:fd:bc:0e:63: 20:20:e4:c5:ff:8b:aa:79:9a:38:64:4a:14:38:2a: d7:c2:02:c0:0b:ce:16:72:17:97:6c:8b:ef:4c:ad: e8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:7A:78:6A:E8:2A:37:40:6C:5E:D3:29:BB:9B:F2:68:F6:91:D3:6C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152782.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.138.0/23 Signature Algorithm: sha256WithRSAEncryption 74:de:f8:18:74:85:d0:53:7c:05:6c:48:6c:07:f5:92:fc:59: 2c:0e:b2:0d:da:02:30:2f:55:d1:49:47:f8:56:b7:b5:ae:89: ec:7a:a2:72:c8:83:94:07:e9:e1:1e:38:03:b5:9f:ad:4f:bd: aa:1d:ca:38:e1:4a:36:cc:e0:94:36:1c:74:fe:ea:f4:ae:17: 6e:4d:a9:09:0f:00:b3:1e:86:a9:8c:2e:6a:9a:cc:d6:e0:63: 7f:ec:95:d1:70:3c:17:fc:66:9b:67:1f:7e:07:d3:1b:3a:2f: 5a:c3:d7:17:95:0f:93:80:a3:3e:69:4a:e6:52:97:4e:9d:7e: 87:b0:61:ac:8c:e1:51:b2:8e:3e:51:1e:45:26:98:dc:13:62: a1:b9:93:5c:1f:07:d9:ba:70:3c:0e:d3:51:59:4a:5c:a8:eb: de:85:33:f5:d0:23:c8:38:ee:9f:f6:59:34:b9:bb:a3:17:52: 17:7b:84:a1:ed:b6:5d:4e:93:fb:5c:1b:30:76:c2:14:64:c7: 9b:8b:45:3b:13:dc:f3:ff:a1:28:a7:2d:2f:0c:a3:e3:93:8b: e0:c8:9d:3e:50:61:1d:a2:8d:fc:88:9b:26:d5:25:8f:ac:67: 78:60:54:14:81:8d:79:32:eb:ae:b3:61:d9:41:31:3a:35:7f: 33:9a:9a:9e -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIURArid9JqKAI4Vk+0RmTpKipCCLwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0M1oX DTI3MDUwMTA5MjM0M1owMzExMC8GA1UEAxMoOTY3QTc4NkFFODJBMzc0MDZDNUVE MzI5QkI5QkYyNjhGNjkxRDM2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMaNeR3nkuPKIWJn3KvD9jVjDpK3TadP2UEzt4lT/RHhUpNFmhV73IAkMwuj Qtpn3IWWGyeOoWWMH+VnA2fgr0gAbbM1SJc2MMeO68W1rV30SuquzE0rpcvFsaer QRQgLf8KMKzpUCO1KuS4j2zHihLF23y0FtbGSnn3h6iMOvH2K+T4oqI4OqZTn/RF xSu78qrJPwb0VxAhn1+l0svUx9lvFroQmxd6mER/kkjBPQFNf4DfF6qYnEZrwJTK oY+isJ4EyhmesR4Ii6bCjzTnq5I4ROetfeJpQDe29tL9vA5jICDkxf+LqnmaOGRK FDgq18ICwAvOFnIXl2yL70yt6IkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSWenhq 6Co3QGxe0ym7m/Jo9pHTbDAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNzgyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBoBSKMA0GCSqGSIb3DQEBCwUAA4IBAQB03vgYdIXQU3wFbEhsB/WS/Fks DrIN2gIwL1XRSUf4Vre1ronseqJyyIOUB+nhHjgDtZ+tT72qHco44Uo2zOCUNhx0 /ur0rhduTakJDwCzHoapjC5qmszW4GN/7JXRcDwX/GabZx9+B9MbOi9aw9cXlQ+T gKM+aUrmUpdOnX6HsGGsjOFRso4+UR5FJpjcE2KhuZNcHwfZunA8DtNRWUpcqOve hTP10CPIOO6f9lk0ubujF1IXe4Sh7bZdTpP7XBswdsIUZMebi0U7E9zz/6Eopy0v DKPjk4vgyJ0+UGEdoo38iJsm1SWPrGd4YFQUgY15Muuus2HZQTE6NX8zmpqe -----END CERTIFICATE-----Generated at Sat May 2 21:04:35 2026 by rpki-client