$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152023.roa File: AS152023.roa (raw, json) Hash identifier: ix14qRDJFd/3Y0IK/2DaMAiCP0kDcrluEK2BrGevrOk= Subject key identifier: BB:9D:47:70:42:EB:C1:42:04:1F:24:92:EE:D3:EF:A0:89:5C:0E:9A Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 71060C67F57C963776F4D17AE93C12F40170A3ED Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152023.roa Signing time: Sat 02 May 2026 09:27:31 +0000 ROA not before: Sat 02 May 2026 09:22:31 +0000 ROA not after: Sat 01 May 2027 09:27:31 +0000 asID: 152023 IP address blocks: 45.123.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:06:0c:67:f5:7c:96:37:76:f4:d1:7a:e9:3c:12:f4:01:70:a3:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:31 2026 GMT Not After : May 1 09:27:31 2027 GMT Subject: CN=BB9D477042EBC142041F2492EED3EFA0895C0E9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:eb:5a:5a:01:22:d6:6a:65:07:c0:4e:26:50: c8:c0:ce:63:c9:3a:b8:a0:62:69:52:90:14:58:fe: f9:26:9e:a6:b4:fa:18:89:e5:68:ba:ec:37:23:e9: 5a:7c:76:23:1d:f6:51:68:df:f5:38:90:f1:9b:e6: 52:48:80:bf:dc:53:51:b1:42:de:68:81:cf:5e:4b: c9:d6:93:f2:b5:a1:f2:2d:46:55:94:04:11:b0:af: 24:34:3b:b7:5a:d7:2f:8b:70:2f:c7:4c:4b:8b:61: 1c:f6:d2:14:28:c6:a7:e0:ab:62:f6:73:e5:66:cf: d8:20:ef:d6:c5:fb:f0:20:bd:ab:31:e6:c7:59:79: e1:76:f6:43:f9:c3:84:95:5c:31:03:57:77:e8:5a: 43:65:a2:75:77:e9:40:5c:30:b1:db:93:88:8a:db: e0:50:85:8f:ac:5d:2a:15:48:49:ed:40:91:da:57: 44:20:14:42:1c:14:6d:ca:e3:e5:a3:5d:b9:5c:e3: 0d:a1:37:19:2b:33:b2:8d:50:e2:c2:1e:7d:db:ff: 4c:de:5f:89:29:af:64:c5:79:7c:ec:03:bf:40:d8: 50:ca:0e:ec:20:f6:f9:17:85:19:60:0b:3e:54:a2: 4a:02:6f:ec:5d:ca:7c:6e:dc:b7:39:bb:15:f6:58: 36:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:9D:47:70:42:EB:C1:42:04:1F:24:92:EE:D3:EF:A0:89:5C:0E:9A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152023.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.123.143.0/24 Signature Algorithm: sha256WithRSAEncryption 29:59:83:b3:7b:96:10:c7:27:74:3c:8a:e3:c3:29:13:f1:a1: fa:04:8b:b1:43:04:f3:19:2d:b5:9c:f0:9e:c1:24:27:4c:04: a4:2a:2a:56:7b:28:d2:c1:f0:8d:fe:67:3a:ca:02:92:a3:63: d8:f9:9a:3b:c4:54:a0:25:4f:f4:ab:16:44:bd:8c:5c:9f:37: 79:f3:0f:c3:57:d9:2d:89:f2:70:98:16:67:96:b5:e3:c7:e1: da:bb:6a:91:94:06:6f:1d:82:08:83:0d:d6:cf:4d:8d:32:67: 0a:85:73:6b:26:b4:3b:31:b3:a1:80:df:0d:d6:be:7d:3c:d7: 3f:a4:79:ba:b9:13:eb:6d:97:95:4d:47:e1:79:63:d8:dc:a1: c7:e9:93:a5:b9:14:d9:8d:35:6f:17:50:99:aa:de:0e:3e:15: 33:80:cf:12:e7:51:12:ec:16:65:57:7a:4a:a4:dd:99:f7:38: d8:f4:69:02:99:ab:40:64:45:3c:fa:88:07:0e:5d:ae:72:e4: 6e:0d:a2:c8:ff:41:e1:37:ce:24:81:97:43:c6:f6:eb:55:61: 56:4e:ef:17:07:3f:eb:31:32:38:e2:7b:c8:9b:82:52:af:09: ea:52:b4:84:1c:43:3a:47:c3:78:33:5c:95:2e:08:9c:ce:d3: 57:ef:15:2f -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUcQYMZ/V8ljd29NF66TwS9AFwo+0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIzMVoX DTI3MDUwMTA5MjczMVowMzExMC8GA1UEAxMoQkI5RDQ3NzA0MkVCQzE0MjA0MUYy NDkyRUVEM0VGQTA4OTVDMEU5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM3rWloBItZqZQfATiZQyMDOY8k6uKBiaVKQFFj++SaeprT6GInlaLrsNyPp Wnx2Ix32UWjf9TiQ8ZvmUkiAv9xTUbFC3miBz15LydaT8rWh8i1GVZQEEbCvJDQ7 t1rXL4twL8dMS4thHPbSFCjGp+CrYvZz5WbP2CDv1sX78CC9qzHmx1l54Xb2Q/nD hJVcMQNXd+haQ2WidXfpQFwwsduTiIrb4FCFj6xdKhVISe1AkdpXRCAUQhwUbcrj 5aNduVzjDaE3GSszso1Q4sIefdv/TN5fiSmvZMV5fOwDv0DYUMoO7CD2+ReFGWAL PlSiSgJv7F3KfG7ctzm7FfZYNt0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBS7nUdw QuvBQgQfJJLu0++giVwOmjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDIzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQALXuPMA0GCSqGSIb3DQEBCwUAA4IBAQApWYOze5YQxyd0PIrjwykT8aH6 BIuxQwTzGS21nPCewSQnTASkKipWeyjSwfCN/mc6ygKSo2PY+Zo7xFSgJU/0qxZE vYxcnzd58w/DV9ktifJwmBZnlrXjx+Hau2qRlAZvHYIIgw3Wz02NMmcKhXNrJrQ7 MbOhgN8N1r59PNc/pHm6uRPrbZeVTUfheWPY3KHH6ZOluRTZjTVvF1CZqt4OPhUz gM8S51ES7BZlV3pKpN2Z9zjY9GkCmatAZEU8+ogHDl2ucuRuDaLI/0HhN84kgZdD xvbrVWFWTu8XBz/rMTI44nvIm4JSrwnqUrSEHEM6R8N4M1yVLgicztNX7xUv -----END CERTIFICATE-----Generated at Sun May 3 00:39:46 2026 by rpki-client