$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152025.roa File: AS152025.roa (raw, json) Hash identifier: zmWflmlJAfrAX3Lrw1n/cpfo9guTo9aliFnK+eE/Zv8= Subject key identifier: B7:FA:71:26:67:74:33:25:4B:46:26:91:68:89:C4:FC:54:C0:01:C2 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6FA9E0097ECD86B00335D870DA1B8DF812DEF194 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152025.roa Signing time: Sat 02 May 2026 09:27:07 +0000 ROA not before: Sat 02 May 2026 09:22:07 +0000 ROA not after: Sat 01 May 2027 09:27:07 +0000 asID: 152025 IP address blocks: 2001:df6:7e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:a9:e0:09:7e:cd:86:b0:03:35:d8:70:da:1b:8d:f8:12:de:f1:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:22:07 2026 GMT Not After : May 1 09:27:07 2027 GMT Subject: CN=B7FA7126677433254B4626916889C4FC54C001C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:b0:19:85:97:da:b1:96:19:c3:3f:7b:99:18: b8:ce:a0:98:bb:13:5f:c2:cb:62:40:cb:00:30:eb: fb:df:cd:fd:9d:9a:87:c9:ac:5c:ed:97:94:7a:25: de:24:30:b5:b6:03:08:75:85:0b:54:15:bc:b1:91: 95:f9:c6:39:b0:a1:70:bb:5c:6e:ed:6e:52:13:75: 96:fd:b0:a4:68:0f:cf:7e:cc:00:a2:18:1d:1b:b3: 4b:38:d1:02:d0:35:8f:16:4b:4d:bd:d8:fd:f4:9b: 01:1e:2f:b3:85:ce:62:7a:99:c9:0e:76:78:80:6d: 00:ee:61:09:61:ab:d2:99:3b:28:0d:df:68:62:42: 35:d3:77:41:92:1f:b0:b5:15:6c:cd:bd:62:f2:5f: 32:16:8b:f4:6c:b7:1f:3e:34:a6:33:af:b4:78:85: 50:38:51:e4:5d:dc:1e:3c:fe:a3:4e:dd:ae:8d:a9: a5:cc:ba:b6:d5:a2:cd:84:17:20:5e:fa:3e:9c:48: 36:a6:53:78:0f:6b:ad:8f:73:1a:73:c2:35:d9:7c: 4f:3b:7e:e5:d4:cb:c5:d2:5c:bb:e6:06:dc:de:a1: 77:ab:9f:d8:c4:cd:3b:bd:cc:81:f8:13:d0:02:e1: e1:c9:96:fa:31:50:57:f1:5b:f2:6e:43:85:91:78: cb:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:FA:71:26:67:74:33:25:4B:46:26:91:68:89:C4:FC:54:C0:01:C2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:7e40::/48 Signature Algorithm: sha256WithRSAEncryption 71:b0:90:4b:2a:4b:bb:09:e9:d8:de:1f:a5:3e:c2:e8:da:4a: cc:14:f1:33:64:7a:4f:51:b5:a4:1c:6f:60:9a:e2:aa:61:c4: ec:03:7e:97:1d:11:e3:6e:9e:29:cf:a9:b0:4b:4d:10:de:15: 10:5e:9b:ce:97:3a:91:44:b7:1c:34:d8:c0:a7:2e:33:2f:a1: 6b:38:31:01:fa:b2:a6:69:49:d0:5a:e6:6a:35:91:71:ee:38: 7f:48:79:d7:45:3f:ea:70:c2:de:2b:51:1a:71:07:3c:dd:d0: 58:38:c8:2d:3f:a5:89:d4:6d:b4:cf:dd:84:a1:ba:0f:13:62: 25:a6:83:8d:40:bd:c0:91:fb:8b:ba:2b:22:c0:ba:21:10:5e: 44:52:d5:98:dd:5d:67:1b:f7:69:5a:d5:85:ff:6d:cb:99:52: e2:06:4e:f4:4f:0c:2c:b0:ac:94:50:69:42:5c:1b:26:c7:8e: 41:aa:a0:88:53:bb:30:8b:52:8b:b1:5a:b4:1e:85:b4:63:9d: f3:f6:7b:45:80:ec:9a:89:24:d1:93:9b:06:10:9f:01:e5:d9: 1d:18:81:4f:17:55:18:03:a5:0a:ce:f0:ce:c8:3e:80:d0:10: 8d:95:c2:ff:98:b0:a2:30:9a:b0:d0:0c:40:01:f4:1b:1b:4e: f2:5f:db:5e -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUb6ngCX7NhrADNdhw2huN+BLe8ZQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjIwN1oX DTI3MDUwMTA5MjcwN1owMzExMC8GA1UEAxMoQjdGQTcxMjY2Nzc0MzMyNTRCNDYy NjkxNjg4OUM0RkM1NEMwMDFDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMOwGYWX2rGWGcM/e5kYuM6gmLsTX8LLYkDLADDr+9/N/Z2ah8msXO2XlHol 3iQwtbYDCHWFC1QVvLGRlfnGObChcLtcbu1uUhN1lv2wpGgPz37MAKIYHRuzSzjR AtA1jxZLTb3Y/fSbAR4vs4XOYnqZyQ52eIBtAO5hCWGr0pk7KA3faGJCNdN3QZIf sLUVbM29YvJfMhaL9Gy3Hz40pjOvtHiFUDhR5F3cHjz+o07dro2ppcy6ttWizYQX IF76PpxINqZTeA9rrY9zGnPCNdl8Tzt+5dTLxdJcu+YG3N6hd6uf2MTNO73MgfgT 0ALh4cmW+jFQV/Fb8m5DhZF4y0sCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBS3+nEm Z3QzJUtGJpFoicT8VMABwjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDI1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN9n5AMA0GCSqGSIb3DQEBCwUAA4IBAQBxsJBLKku7CenY3h+lPsLo 2krMFPEzZHpPUbWkHG9gmuKqYcTsA36XHRHjbp4pz6mwS00Q3hUQXpvOlzqRRLcc NNjApy4zL6FrODEB+rKmaUnQWuZqNZFx7jh/SHnXRT/qcMLeK1EacQc83dBYOMgt P6WJ1G20z92EoboPE2IlpoONQL3AkfuLuisiwLohEF5EUtWY3V1nG/dpWtWF/23L mVLiBk70TwwssKyUUGlCXBsmx45BqqCIU7swi1KLsVq0HoW0Y53z9ntFgOyaiSTR k5sGEJ8B5dkdGIFPF1UYA6UKzvDOyD6A0BCNlcL/mLCiMJqw0AxAAfQbG07yX9te -----END CERTIFICATE-----Generated at Sun May 3 00:40:23 2026 by rpki-client