$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152036.roa File: AS152036.roa (raw, json) Hash identifier: YpZfA35RL2qZ7cZHOg/c6OD7iBV3Jn8bDSanSVioEFg= Subject key identifier: 2E:85:BC:ED:68:8B:F3:0C:7F:18:12:A5:3D:C9:4B:F7:3E:A7:F7:03 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7CB6A62BD2CA2346A7E6AAF3EAFDDF120FA1F4FE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152036.roa Signing time: Sat 02 May 2026 09:26:02 +0000 ROA not before: Sat 02 May 2026 09:21:02 +0000 ROA not after: Sat 01 May 2027 09:26:02 +0000 asID: 152036 IP address blocks: 2001:df3:5d40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:b6:a6:2b:d2:ca:23:46:a7:e6:aa:f3:ea:fd:df:12:0f:a1:f4:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:21:02 2026 GMT Not After : May 1 09:26:02 2027 GMT Subject: CN=2E85BCED688BF30C7F1812A53DC94BF73EA7F703 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9f:bf:2f:3e:16:14:bb:0a:49:19:24:2d:d3: 3d:9b:05:91:f8:48:f4:f9:b9:8b:87:1a:d5:18:7a: 89:89:38:45:8b:6b:56:7b:3c:01:bb:de:56:62:d9: 75:de:d0:f8:2b:b8:8f:eb:2c:0f:77:f6:a0:aa:ed: 54:c9:46:da:60:fa:cc:de:5a:6e:57:ae:8d:4f:f0: 75:37:15:be:3d:e0:ed:63:2c:70:45:5e:40:a8:a7: 5a:0a:b3:1b:7f:16:fa:24:f5:12:00:09:e9:54:a3: 2e:62:6a:38:98:5f:e5:44:32:d2:3f:cf:c8:4f:d8: 0a:df:7c:a0:32:b5:8b:4f:e8:af:0e:d1:74:7f:b3: ab:df:dc:85:df:61:ec:fc:c5:19:84:94:fb:e9:aa: af:21:90:14:bf:85:7f:cc:55:f3:52:ac:23:1c:8f: 04:08:2b:9c:1d:24:14:65:ba:3c:7f:15:b8:ad:8e: 05:f9:07:7d:7f:f8:dd:f3:df:87:c1:1d:1c:41:e5: 3c:d7:44:cc:48:3b:ab:88:75:52:8e:86:b9:99:5f: 6c:60:aa:d2:83:83:e3:b8:ad:2a:7e:92:c9:63:79: 02:c6:aa:7d:90:b3:24:3d:61:66:30:03:b4:89:34: 70:3f:26:05:e8:ba:52:b3:a3:be:d6:7e:0e:65:e0: a7:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:85:BC:ED:68:8B:F3:0C:7F:18:12:A5:3D:C9:4B:F7:3E:A7:F7:03 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5d40::/48 Signature Algorithm: sha256WithRSAEncryption 0c:db:55:7c:ef:10:f3:94:67:6c:be:52:4a:46:ca:c7:a4:82: 3f:3a:31:19:e3:cd:ea:0f:8e:c0:f9:a4:b2:54:71:52:1c:99: 67:67:97:15:c0:82:ce:56:cb:5e:ca:22:18:d7:af:a9:04:36: 06:49:8c:ab:b8:c2:bc:69:16:b7:cc:cb:83:4a:ad:d4:87:e3: 8d:f0:13:a1:1f:ff:b7:0b:ba:c7:e2:37:6f:74:99:93:2b:e8: 4a:8d:25:1f:47:21:9b:58:bf:e0:bf:c9:27:1f:ee:36:c3:b0: a6:07:4b:d9:af:af:82:fb:40:b6:05:43:a1:9c:9e:ba:24:c4: 75:70:f1:61:62:80:4d:31:3b:b2:5a:d1:a0:53:e8:f7:86:32: 27:97:7e:ff:7c:05:f3:b6:d3:e2:50:2b:5f:93:bd:7f:6e:28: 20:d2:5a:5c:b4:1c:b7:84:d1:18:90:24:f7:9b:fd:1f:3b:53: c8:65:3f:e0:de:1e:23:c5:df:cd:d1:b8:75:d5:90:d9:e2:8a: 4e:28:b0:b7:72:ac:5d:39:a7:a4:27:93:3d:27:48:82:54:50: 9e:af:35:d0:7b:9a:89:0c:28:61:eb:79:1b:29:05:bc:c8:45: c1:5f:4f:0e:9f:a4:43:59:9a:ee:8c:74:ef:54:44:6b:6a:05: 2b:18:77:c2 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUfLamK9LKI0an5qrz6v3fEg+h9P4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjEwMloX DTI3MDUwMTA5MjYwMlowMzExMC8GA1UEAxMoMkU4NUJDRUQ2ODhCRjMwQzdGMTgx MkE1M0RDOTRCRjczRUE3RjcwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOKfvy8+FhS7CkkZJC3TPZsFkfhI9Pm5i4ca1Rh6iYk4RYtrVns8AbveVmLZ dd7Q+Cu4j+ssD3f2oKrtVMlG2mD6zN5ableujU/wdTcVvj3g7WMscEVeQKinWgqz G38W+iT1EgAJ6VSjLmJqOJhf5UQy0j/PyE/YCt98oDK1i0/orw7RdH+zq9/chd9h 7PzFGYSU++mqryGQFL+Ff8xV81KsIxyPBAgrnB0kFGW6PH8VuK2OBfkHfX/43fPf h8EdHEHlPNdEzEg7q4h1Uo6GuZlfbGCq0oOD47itKn6SyWN5AsaqfZCzJD1hZjAD tIk0cD8mBei6UrOjvtZ+DmXgp0kCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQuhbzt aIvzDH8YEqU9yUv3Pqf3AzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDM2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN811AMA0GCSqGSIb3DQEBCwUAA4IBAQAM21V87xDzlGdsvlJKRsrH pII/OjEZ483qD47A+aSyVHFSHJlnZ5cVwILOVsteyiIY16+pBDYGSYyruMK8aRa3 zMuDSq3Uh+ON8BOhH/+3C7rH4jdvdJmTK+hKjSUfRyGbWL/gv8knH+42w7CmB0vZ r6+C+0C2BUOhnJ66JMR1cPFhYoBNMTuyWtGgU+j3hjInl37/fAXzttPiUCtfk71/ bigg0lpctBy3hNEYkCT3m/0fO1PIZT/g3h4jxd/N0bh11ZDZ4opOKLC3cqxdOaek J5M9J0iCVFCerzXQe5qJDChh63kbKQW8yEXBX08On6RDWZrujHTvVERragUrGHfC -----END CERTIFICATE-----Generated at Sun May 3 00:40:28 2026 by rpki-client