$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152829.roa File: AS152829.roa (raw, json) Hash identifier: 044sa28FXcYfmR74hhIjr5LawUvV5t/Vlp0vvwN2WcY= Subject key identifier: 2E:92:5E:0B:CA:A0:F8:B3:0A:92:8D:27:3E:4E:7F:1F:D1:54:0D:51 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 52B848BC0549FA9853A3359DEB75B0716FF84822 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152829.roa Signing time: Sat 02 May 2026 09:23:49 +0000 ROA not before: Sat 02 May 2026 09:18:49 +0000 ROA not after: Sat 01 May 2027 09:23:49 +0000 asID: 152829 IP address blocks: 160.22.208.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 May 2026 20:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:b8:48:bc:05:49:fa:98:53:a3:35:9d:eb:75:b0:71:6f:f8:48:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 09:18:49 2026 GMT Not After : May 1 09:23:49 2027 GMT Subject: CN=2E925E0BCAA0F8B30A928D273E4E7F1FD1540D51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:66:01:de:af:98:06:97:6b:b1:2c:26:da:7c: d7:8f:98:ec:14:5f:c6:6d:ef:49:f4:a3:78:0a:9e: 5b:e2:1f:e4:07:aa:1f:bc:c7:85:a9:1b:e4:4f:48: c5:7a:a1:fd:7e:a1:3a:6e:61:3c:f0:92:0f:de:d3: fe:5d:58:4a:b9:29:15:40:35:dd:95:4a:e9:ab:33: aa:36:c8:54:a8:38:47:e8:7e:c9:3b:e8:12:81:f6: ec:dd:b6:e5:41:b3:a0:12:fd:cf:e9:0f:08:db:10: 88:eb:a9:7b:37:0a:d9:4d:df:38:f8:3b:bd:3a:5f: 09:33:ba:b2:84:a9:d5:b3:ed:5b:f7:f3:fb:e9:a7: 05:fc:78:63:e1:78:c3:39:60:0c:09:76:49:1e:54: 0c:98:b1:74:31:8e:2e:d7:36:83:f2:ab:09:4d:7f: 13:21:26:f3:38:db:b2:a2:54:8b:e2:7c:f3:5e:e7: c0:c6:d6:f4:36:e6:14:55:82:46:fb:35:f6:77:17: f1:f3:d6:68:8f:c2:05:c0:46:15:57:e5:98:4a:c7: 9a:6a:06:af:be:f5:b1:fe:4e:3e:d0:7a:57:98:ca: ef:d2:65:ba:c5:35:03:f3:2d:56:dd:f6:f8:c9:35: 00:74:c0:84:0c:b9:7e:d0:4b:e2:dd:9f:a0:70:c0: c9:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:92:5E:0B:CA:A0:F8:B3:0A:92:8D:27:3E:4E:7F:1F:D1:54:0D:51 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152829.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.208.0/23 Signature Algorithm: sha256WithRSAEncryption 68:4c:e7:89:fa:c3:19:c6:ab:ef:b4:9b:42:96:92:07:02:d9: 6b:e3:ac:ae:7e:ce:cf:c3:8a:5f:77:d5:22:0d:66:9e:b5:f7: 2a:01:ef:49:87:32:4e:a0:33:93:30:36:1d:f7:16:1b:0f:81: d9:8a:93:12:90:be:6a:5f:83:32:f9:96:3c:62:39:9f:2e:da: 19:f7:c7:65:6b:33:ee:a1:ea:f5:94:8b:dd:b3:59:93:74:7a: 51:b3:36:30:97:7e:6d:fd:93:b3:6a:44:58:85:1b:58:75:1a: c0:95:18:95:bb:fc:53:07:16:3e:06:de:6d:6d:52:58:55:9d: 8c:d1:a6:41:5a:6d:d3:1f:b9:79:55:e4:5e:69:b4:78:a6:71: bf:50:77:ef:20:78:ca:35:c3:19:a1:a4:32:61:16:c5:01:b8: 04:28:70:ab:ab:ef:eb:f2:ee:c5:65:12:a6:f4:52:cc:95:eb: e0:db:58:de:d8:b7:d4:28:dd:e0:f3:eb:75:2d:ec:80:e8:93: ab:b9:8d:28:bb:81:b1:a7:f9:f6:f4:0d:0b:75:8f:bc:59:9d: 9e:95:3a:17:b4:b8:1c:8b:09:30:09:0c:69:41:12:f8:bc:b7: 84:c8:41:1b:63:df:23:f9:07:0b:6f:87:ba:6d:d1:a1:b7:98: b0:2a:af:e8 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUUrhIvAVJ+phTozWd63WwcW/4SCIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjA5MTg0OVoX DTI3MDUwMTA5MjM0OVowMzExMC8GA1UEAxMoMkU5MjVFMEJDQUEwRjhCMzBBOTI4 RDI3M0U0RTdGMUZEMTU0MEQ1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlmAd6vmAaXa7EsJtp814+Y7BRfxm3vSfSjeAqeW+If5AeqH7zHhakb5E9I xXqh/X6hOm5hPPCSD97T/l1YSrkpFUA13ZVK6aszqjbIVKg4R+h+yTvoEoH27N22 5UGzoBL9z+kPCNsQiOupezcK2U3fOPg7vTpfCTO6soSp1bPtW/fz++mnBfx4Y+F4 wzlgDAl2SR5UDJixdDGOLtc2g/KrCU1/EyEm8zjbsqJUi+J8817nwMbW9DbmFFWC Rvs19ncX8fPWaI/CBcBGFVflmErHmmoGr771sf5OPtB6V5jK79JlusU1A/MtVt32 +Mk1AHTAhAy5ftBL4t2foHDAyQkCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQukl4L yqD4swqSjSc+Tn8f0VQNUTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyODI5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBoBbQMA0GCSqGSIb3DQEBCwUAA4IBAQBoTOeJ+sMZxqvvtJtClpIHAtlr 46yufs7Pw4pfd9UiDWaetfcqAe9JhzJOoDOTMDYd9xYbD4HZipMSkL5qX4My+ZY8 YjmfLtoZ98dlazPuoer1lIvds1mTdHpRszYwl35t/ZOzakRYhRtYdRrAlRiVu/xT BxY+Bt5tbVJYVZ2M0aZBWm3TH7l5VeReabR4pnG/UHfvIHjKNcMZoaQyYRbFAbgE KHCrq+/r8u7FZRKm9FLMlevg21je2LfUKN3g8+t1LeyA6JOruY0ou4Gxp/n29A0L dY+8WZ2elToXtLgciwkwCQxpQRL4vLeEyEEbY98j+QcLb4e6bdGht5iwKq/o -----END CERTIFICATE-----Generated at Sat May 2 21:03:37 2026 by rpki-client