$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152009.roa File: AS152009.roa (raw, json) Hash identifier: bX/td+oMKOEEqEp2F2K4gdczrQblRSgzGLphekQ5OjQ= Subject key identifier: 94:4D:6E:85:7C:78:C5:31:F0:2E:73:55:0C:70:12:45:60:1E:24:EA Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 33BF7860C4F4BA0F24B8F02C29AB561C17F9924D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152009.roa Signing time: Sat 02 May 2026 09:21:51 +0000 ROA not before: Sat 02 May 2026 09:16:51 +0000 ROA not after: Sat 01 May 2027 09:21:51 +0000 asID: 152009 IP address blocks: 103.38.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:bf:78:60:c4:f4:ba:0f:24:b8:f0:2c:29:ab:56:1c:17:f9:92:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:16:51 2026 GMT Not After : May 1 09:21:51 2027 GMT Subject: CN=944D6E857C78C531F02E73550C701245601E24EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:a6:b7:37:26:97:8b:f3:dd:46:ec:0e:72:bc: f6:ba:1e:fc:c3:8b:78:55:2e:55:e9:13:6f:8e:a3: 84:b7:80:fc:20:30:6c:4d:72:8f:e1:51:ae:b6:5a: fe:67:8e:e3:8b:fd:1a:24:e3:65:e0:6c:05:60:4e: 0a:5e:21:1c:f9:54:09:6c:07:af:a3:d1:11:f7:3b: 77:1d:bc:74:23:b7:e6:de:51:33:ff:1d:64:02:18: a0:95:23:13:8a:f5:10:34:e0:15:e8:2d:2c:7e:bf: a1:d1:43:53:2f:54:e7:3c:51:c9:9b:2e:95:b6:a4: f7:8a:5c:c6:2c:37:b9:4a:57:cf:40:e6:37:06:3f: 6f:e0:eb:3d:00:15:99:6a:6a:24:97:91:bf:34:0e: d0:89:aa:b9:6b:40:68:0d:63:58:0a:ca:3b:73:2a: 74:47:3e:9f:26:c9:f1:bc:66:73:b9:77:d9:56:9d: af:a3:cb:26:8e:d0:d1:f4:d9:82:ec:fc:87:ed:11: 0a:10:fe:66:0f:3a:46:da:44:b0:21:64:0d:c6:d4: d9:94:59:0f:5c:2e:9a:ba:f6:7f:a0:51:8a:f8:a1: d4:f4:b0:0b:8d:0a:89:fe:7f:bf:94:7b:bf:19:72: 9c:bf:ef:3c:15:81:14:a5:6e:05:d1:d4:71:f8:08: f4:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:4D:6E:85:7C:78:C5:31:F0:2E:73:55:0C:70:12:45:60:1E:24:EA X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.38.106.0/23 Signature Algorithm: sha256WithRSAEncryption 75:33:77:d5:c9:39:20:98:52:a1:0b:87:50:42:23:7a:56:3f: e3:aa:2d:24:1d:ca:28:f2:de:62:6c:d5:40:6a:2e:d1:8f:9e: a0:0f:04:9b:92:a4:b5:0a:6f:2e:74:34:72:ed:c9:74:b5:03: e2:f3:dc:b9:01:bf:d2:f2:2a:dd:a0:6e:79:64:4f:71:1f:58: 72:03:70:5a:6d:b8:f5:31:5e:b9:5b:0d:c7:dd:59:bd:78:b9: 4f:98:37:08:7d:53:22:e0:43:74:bb:b3:6f:7b:60:6d:f8:d8: b9:6e:b5:1e:5e:76:9d:24:a5:47:41:43:c5:04:ec:c5:a9:0d: 41:8a:b2:5f:c8:6d:0a:05:48:38:24:03:ad:78:b7:6d:ee:73: f8:ed:e7:41:47:d1:d3:c7:8a:a7:52:3f:ea:1c:26:3f:c2:ee: 5b:98:a4:d8:8c:28:d0:24:78:38:7b:40:b7:b3:6d:79:a3:e4: dc:5f:3a:d0:d8:58:bf:99:3e:79:6f:91:51:dd:ef:25:c1:fb: 0f:a4:d8:cb:28:84:aa:bf:16:4d:8e:08:de:a4:80:2a:a2:32: 1e:ac:06:4f:1c:99:95:87:87:88:e6:04:f1:09:02:e4:c3:38: 8f:a8:43:b9:50:5c:d3:8f:ed:bf:0e:e6:9f:38:ab:cd:f7:4a: d2:19:c3:78 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUM794YMT0ug8kuPAsKatWHBf5kk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTY1MVoX DTI3MDUwMTA5MjE1MVowMzExMC8GA1UEAxMoOTQ0RDZFODU3Qzc4QzUzMUYwMkU3 MzU1MEM3MDEyNDU2MDFFMjRFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKWmtzcml4vz3UbsDnK89roe/MOLeFUuVekTb46jhLeA/CAwbE1yj+FRrrZa /meO44v9GiTjZeBsBWBOCl4hHPlUCWwHr6PREfc7dx28dCO35t5RM/8dZAIYoJUj E4r1EDTgFegtLH6/odFDUy9U5zxRyZsulbak94pcxiw3uUpXz0DmNwY/b+DrPQAV mWpqJJeRvzQO0ImquWtAaA1jWArKO3MqdEc+nybJ8bxmc7l32Vadr6PLJo7Q0fTZ guz8h+0RChD+Zg86RtpEsCFkDcbU2ZRZD1wumrr2f6BRivih1PSwC40Kif5/v5R7 vxlynL/vPBWBFKVuBdHUcfgI9I8CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSUTW6F fHjFMfAuc1UMcBJFYB4k6jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDA5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZyZqMA0GCSqGSIb3DQEBCwUAA4IBAQB1M3fVyTkgmFKhC4dQQiN6Vj/j qi0kHcoo8t5ibNVAai7Rj56gDwSbkqS1Cm8udDRy7cl0tQPi89y5Ab/S8irdoG55 ZE9xH1hyA3Babbj1MV65Ww3H3Vm9eLlPmDcIfVMi4EN0u7Nve2Bt+Ni5brUeXnad JKVHQUPFBOzFqQ1BirJfyG0KBUg4JAOteLdt7nP47edBR9HTx4qnUj/qHCY/wu5b mKTYjCjQJHg4e0C3s215o+TcXzrQ2Fi/mT55b5FR3e8lwfsPpNjLKISqvxZNjgje pIAqojIerAZPHJmVh4eI5gTxCQLkwziPqEO5UFzTj+2/DuafOKvN90rSGcN4 -----END CERTIFICATE-----Generated at Sun May 3 00:39:33 2026 by rpki-client