$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152017.roa File: AS152017.roa (raw, json) Hash identifier: AvQJiGDCsB3R/yxF28yM1b3GfyjpOHrtdDq3eJFr0TA= Subject key identifier: 8A:62:EF:F2:50:09:96:1F:52:1E:C3:B4:2A:45:24:E2:A2:33:3C:C9 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 26474212F78265BBC037983E385388C8E0EE7F15 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152017.roa Signing time: Sat 02 May 2026 17:48:11 +0000 ROA not before: Sat 02 May 2026 17:43:11 +0000 ROA not after: Sat 01 May 2027 17:48:11 +0000 asID: 152017 IP address blocks: 103.255.162.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:47:42:12:f7:82:65:bb:c0:37:98:3e:38:53:88:c8:e0:ee:7f:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 17:43:11 2026 GMT Not After : May 1 17:48:11 2027 GMT Subject: CN=8A62EFF25009961F521EC3B42A4524E2A2333CC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:7c:2e:3f:71:5d:e3:a5:3e:d4:ec:33:77:d6: 38:1b:0b:90:90:5c:90:ed:2d:31:b9:c1:d0:bb:1f: 24:7e:c8:e3:5b:c9:4e:f9:cc:72:37:ae:4a:e7:3c: 71:e1:db:2b:4f:12:1d:99:fc:01:6c:9e:7e:8c:77: 3e:3e:a9:68:3e:88:72:cc:20:2a:a7:b5:6e:f5:7f: 73:12:c6:41:9c:fe:a5:45:0a:c5:00:7c:44:9a:7f: 23:26:53:11:cd:5b:92:2b:e3:86:92:2e:df:40:02: fe:06:37:02:6b:1e:d5:11:e1:d3:83:35:8d:ed:32: ae:b7:e6:44:24:73:a9:59:e7:37:8c:61:b1:2a:cd: 77:f8:c0:ed:39:77:d3:9f:88:70:ee:4d:cf:af:e5: 42:16:ac:f5:d0:b6:cc:c0:f3:af:95:ed:d1:b5:97: 45:c5:b0:4d:79:93:09:84:11:2e:c7:60:18:a7:fe: d1:9a:32:34:30:bc:33:de:65:82:8e:11:56:ed:d7: 32:6b:07:08:51:2a:c8:92:9c:e0:19:1d:2e:99:77: c4:7f:e0:79:de:d2:e4:30:0b:64:cd:59:c4:3a:6e: 36:fe:8b:df:58:bd:a5:86:c0:da:8d:e1:a8:91:46: 0e:12:1e:d4:b1:c5:1e:7f:2b:cc:5d:c1:e2:a7:ba: c4:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:62:EF:F2:50:09:96:1F:52:1E:C3:B4:2A:45:24:E2:A2:33:3C:C9 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152017.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.255.162.0/23 Signature Algorithm: sha256WithRSAEncryption 29:dd:c8:ae:91:95:0a:01:88:d0:cd:91:d6:0d:67:07:a2:f0: f6:4b:3b:1b:c3:ec:06:8f:64:81:1e:43:1f:af:84:83:dc:9e: 3f:67:a3:b5:1d:62:55:5a:5b:fd:7b:ac:e7:b9:a1:c2:0e:1a: a3:c5:3a:0d:6a:e9:6c:3f:af:14:a6:d4:bd:ca:5f:ca:1c:b7: 2b:42:89:4c:f5:97:8b:38:63:ce:f0:fc:5d:c4:01:ab:55:49: 48:0c:12:dc:41:f2:07:75:c3:3e:e4:60:7d:af:48:de:5e:50: bb:ad:68:33:cf:2b:a1:1a:05:95:eb:46:87:15:7a:96:ec:d4: 98:99:72:fe:13:84:2d:0f:7b:b3:04:4c:69:e7:18:4c:ea:e0: 75:12:8d:7f:cc:ed:62:69:5a:fc:1e:58:49:b5:a0:4c:1b:fd: 00:49:96:e7:ba:6d:78:ad:ea:27:60:f7:98:08:1f:fd:b3:37: 76:ed:74:9c:18:2a:d5:b4:4e:82:51:dd:d0:da:41:06:d8:96: 7a:17:54:7b:bc:1d:1f:5e:92:96:dc:78:03:8b:da:37:fe:df: b1:c6:9c:21:ae:63:02:e0:d6:e7:b0:73:0f:fd:c7:63:42:df: 76:f5:74:b7:5f:80:dc:f8:02:cc:82:de:98:2d:2e:ed:1a:2f: 03:34:d5:10 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUJkdCEveCZbvAN5g+OFOIyODufxUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjE3NDMxMVoX DTI3MDUwMTE3NDgxMVowMzExMC8GA1UEAxMoOEE2MkVGRjI1MDA5OTYxRjUyMUVD M0I0MkE0NTI0RTJBMjMzM0NDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALl8Lj9xXeOlPtTsM3fWOBsLkJBckO0tMbnB0LsfJH7I41vJTvnMcjeuSuc8 ceHbK08SHZn8AWyefox3Pj6paD6IcswgKqe1bvV/cxLGQZz+pUUKxQB8RJp/IyZT Ec1bkivjhpIu30AC/gY3Amse1RHh04M1je0yrrfmRCRzqVnnN4xhsSrNd/jA7Tl3 05+IcO5Nz6/lQhas9dC2zMDzr5Xt0bWXRcWwTXmTCYQRLsdgGKf+0ZoyNDC8M95l go4RVu3XMmsHCFEqyJKc4BkdLpl3xH/ged7S5DALZM1ZxDpuNv6L31i9pYbA2o3h qJFGDhIe1LHFHn8rzF3B4qe6xCcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBSKYu/y UAmWH1Iew7QqRSTiojM8yTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDE3LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBZ/+iMA0GCSqGSIb3DQEBCwUAA4IBAQAp3ciukZUKAYjQzZHWDWcHovD2 Szsbw+wGj2SBHkMfr4SD3J4/Z6O1HWJVWlv9e6znuaHCDhqjxToNaulsP68UptS9 yl/KHLcrQolM9ZeLOGPO8PxdxAGrVUlIDBLcQfIHdcM+5GB9r0jeXlC7rWgzzyuh GgWV60aHFXqW7NSYmXL+E4QtD3uzBExp5xhM6uB1Eo1/zO1iaVr8HlhJtaBMG/0A SZbnum14reonYPeYCB/9szd27XScGCrVtE6CUd3Q2kEG2JZ6F1R7vB0fXpKW3HgD i9o3/t+xxpwhrmMC4NbnsHMP/cdjQt929XS3X4Dc+ALMgt6YLS7tGi8DNNUQ -----END CERTIFICATE-----Generated at Sun May 3 00:39:45 2026 by rpki-client