$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152086.roa File: AS152086.roa (raw, json) Hash identifier: wynsU+mvRMiCXIx0QGuK7MHUAGfhvUWxz+zNQ+XmXKo= Subject key identifier: 60:5B:4B:A2:29:00:06:24:79:CE:62:49:2A:6D:53:0A:6C:1E:38:CD Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 31C883E185CCFA816BE471E57362BF75385154B5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152086.roa Signing time: Sat 02 May 2026 09:25:38 +0000 ROA not before: Sat 02 May 2026 09:20:38 +0000 ROA not after: Sat 01 May 2027 09:25:38 +0000 asID: 152086 IP address blocks: 2001:df3:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 03:13:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:c8:83:e1:85:cc:fa:81:6b:e4:71:e5:73:62:bf:75:38:51:54:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:38 2026 GMT Not After : May 1 09:25:38 2027 GMT Subject: CN=605B4BA22900062479CE62492A6D530A6C1E38CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:44:09:c0:a0:1c:75:1f:34:be:c4:43:a3:69: d5:61:4f:b9:8c:80:eb:99:ca:f6:73:5c:4e:5f:14: 1a:fd:25:38:76:d5:8f:fa:0d:9b:24:5b:4c:f1:bb: 33:79:53:5e:f2:fd:26:85:25:bb:57:f5:56:23:f8: a9:a6:42:38:c8:4f:00:4b:27:ee:db:40:83:cd:b0: 27:91:bf:bf:8d:ae:b0:cd:f4:ee:30:6f:c8:f7:19: b1:65:9a:63:e8:21:7b:47:e5:66:42:18:66:4d:cf: 05:0f:0d:5e:09:d0:ac:a7:81:04:76:23:9b:d9:d7: f6:f4:5b:bb:c5:74:c0:cd:41:0f:96:80:f0:b5:e0: 34:c7:5d:6b:50:a5:16:eb:9d:9f:d9:8b:5c:a7:07: 4b:e1:63:5c:95:a7:cd:86:69:21:ff:00:41:a8:d8: 5a:7d:ce:a1:52:26:8e:ac:99:7f:ab:30:88:8f:6a: 94:63:9a:d1:7b:5e:54:ac:7c:64:dd:22:34:1d:0e: a1:ec:90:d9:f5:9e:b6:8e:6b:80:b4:81:e2:82:60: 94:37:fd:6c:4f:67:8f:48:da:80:17:dd:3c:99:a6: ba:d7:79:01:29:76:59:fd:c2:fb:c8:90:85:4b:65: 71:46:a5:3b:a9:3e:f6:be:86:06:27:cb:58:b3:6c: 14:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5B:4B:A2:29:00:06:24:79:CE:62:49:2A:6D:53:0A:6C:1E:38:CD X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 7b:ac:83:6b:3a:f7:dc:02:8c:83:87:eb:6d:87:f3:84:24:4e: 51:be:84:3a:7b:99:b8:c3:f5:ea:71:0f:b9:6c:a7:e0:39:9a: a1:c9:87:da:83:52:43:0a:88:d6:62:38:28:fc:60:b6:45:4a: c3:4b:82:3d:53:52:2b:f4:2a:e7:3d:e7:4f:5f:68:a4:17:38: 03:e8:16:15:57:5b:8c:fc:3f:d0:a2:5e:17:32:ac:56:2e:e4: f9:9c:d5:7c:65:63:9a:48:42:e4:54:91:ba:21:13:18:52:7b: 6c:4c:62:ad:d4:e4:42:2c:8e:23:cb:18:4d:6d:7e:64:e9:3d: ab:cc:a9:17:3b:3a:44:2f:fa:c2:dd:5b:f3:df:ee:22:f0:4d: 1b:6e:c3:62:45:0d:b1:34:7f:08:3e:29:8b:75:eb:19:7e:dc: 10:f6:4a:99:ae:76:25:27:c1:9d:7e:98:41:16:9a:7e:16:9a: f4:e6:ea:1e:cf:5e:79:72:9a:43:00:a1:9b:1b:3c:83:d9:56: a1:b7:2a:da:3c:8a:62:46:57:9f:e3:b1:49:99:42:d6:b9:2f: 60:43:45:62:99:58:3d:b5:10:e4:02:c6:45:aa:7d:22:39:c6: ae:38:cc:ff:64:30:fa:fc:6e:0c:fc:35:08:52:ab:20:0d:13: 32:f6:ea:2b -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUMciD4YXM+oFr5HHlc2K/dThRVLUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjAzOFoX DTI3MDUwMTA5MjUzOFowMzExMC8GA1UEAxMoNjA1QjRCQTIyOTAwMDYyNDc5Q0U2 MjQ5MkE2RDUzMEE2QzFFMzhDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALJECcCgHHUfNL7EQ6Np1WFPuYyA65nK9nNcTl8UGv0lOHbVj/oNmyRbTPG7 M3lTXvL9JoUlu1f1ViP4qaZCOMhPAEsn7ttAg82wJ5G/v42usM307jBvyPcZsWWa Y+ghe0flZkIYZk3PBQ8NXgnQrKeBBHYjm9nX9vRbu8V0wM1BD5aA8LXgNMdda1Cl Fuudn9mLXKcHS+FjXJWnzYZpIf8AQajYWn3OoVImjqyZf6swiI9qlGOa0XteVKx8 ZN0iNB0OoeyQ2fWeto5rgLSB4oJglDf9bE9nj0jagBfdPJmmutd5ASl2Wf3C+8iQ hUtlcUalO6k+9r6GBifLWLNsFFMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRgW0ui KQAGJHnOYkkqbVMKbB44zTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMDg2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN813AMA0GCSqGSIb3DQEBCwUAA4IBAQB7rINrOvfcAoyDh+tth/OE JE5RvoQ6e5m4w/XqcQ+5bKfgOZqhyYfag1JDCojWYjgo/GC2RUrDS4I9U1Ir9Crn PedPX2ikFzgD6BYVV1uM/D/Qol4XMqxWLuT5nNV8ZWOaSELkVJG6IRMYUntsTGKt 1ORCLI4jyxhNbX5k6T2rzKkXOzpEL/rC3Vvz3+4i8E0bbsNiRQ2xNH8IPimLdesZ ftwQ9kqZrnYlJ8GdfphBFpp+Fpr05uoez155cppDAKGbGzyD2VahtyraPIpiRlef 47FJmULWuS9gQ0VimVg9tRDkAsZFqn0iOcauOMz/ZDD6/G4M/DUIUqsgDRMy9uor -----END CERTIFICATE-----Generated at Sun May 3 01:40:04 2026 by rpki-client