$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152394.roa File: AS152394.roa (raw, json) Hash identifier: 4lZOzWMiFocOrFZP55eHi3kfMz6xoXPj+B821FNuZpE= Subject key identifier: 4B:FD:AC:5E:26:D6:69:B6:02:B6:05:5A:BC:63:38:7D:4C:E7:0A:75 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 36277A62EE9BE40E2F8F704FAF27C53884BB1DD3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152394.roa Signing time: Sat 02 May 2026 09:25:53 +0000 ROA not before: Sat 02 May 2026 09:20:53 +0000 ROA not after: Sat 01 May 2027 09:25:53 +0000 asID: 152394 IP address blocks: 2001:df3:98c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:27:7a:62:ee:9b:e4:0e:2f:8f:70:4f:af:27:c5:38:84:bb:1d:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:53 2026 GMT Not After : May 1 09:25:53 2027 GMT Subject: CN=4BFDAC5E26D669B602B6055ABC63387D4CE70A75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0f:f3:db:bd:73:8d:fd:83:25:ad:d3:28:51: 79:78:57:62:2b:a1:76:40:f1:41:f1:22:f2:d7:24: 13:47:c1:38:58:23:30:8a:ba:e9:81:e4:ec:19:cc: f5:6b:6e:95:dd:83:d4:39:c9:b9:60:c2:bd:0b:24: d5:92:df:9f:00:9e:fe:77:1d:73:ca:d1:5e:f4:e9: 0f:be:b8:34:56:16:30:05:9c:88:c1:d2:3e:89:27: 3f:38:82:16:fb:3f:1e:4a:ea:3c:8b:80:b6:99:8e: 0e:ec:14:91:3a:bb:69:7f:83:b9:b6:f8:26:43:a4: 40:a8:02:ca:b3:1c:d9:52:c5:c5:c6:e5:fb:d6:35: 66:29:36:de:e1:4f:f5:91:da:22:ab:28:90:50:f3: 5e:04:f8:84:da:23:25:1f:b8:b6:36:00:14:f6:9b: 72:80:d3:66:00:aa:18:a3:e7:14:61:f2:0b:e8:03: 56:32:a5:79:a8:f8:19:24:99:4b:e9:37:3b:64:4b: cb:a6:e8:04:48:b9:3a:83:23:45:89:a7:9e:64:fb: 45:60:88:fc:c3:bd:19:2a:85:78:d2:1b:6b:31:80: 70:71:50:f2:25:43:dd:e9:6f:2d:8d:20:b8:db:d0: 75:96:1e:00:da:41:24:fd:15:e9:79:9d:66:17:45: 67:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:FD:AC:5E:26:D6:69:B6:02:B6:05:5A:BC:63:38:7D:4C:E7:0A:75 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152394.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:98c0::/48 Signature Algorithm: sha256WithRSAEncryption 50:d1:e6:42:31:0b:72:a8:33:7e:17:31:f7:24:ac:c5:08:d0: 4f:d2:bd:da:b3:ca:fb:15:42:29:35:24:51:a1:6e:b2:22:c0: 1d:ee:27:7d:07:7d:ac:b1:26:06:38:5d:0b:01:60:17:ec:ed: 44:e6:15:ce:2b:74:89:ff:46:71:26:cc:0b:cf:11:ad:34:40: 97:ed:f4:43:e8:d1:ff:ea:9a:b0:30:90:e2:1d:af:4d:6a:fc: c6:83:7e:08:e7:07:6b:af:1b:f3:91:87:3e:dd:b2:38:0b:ad: b2:c9:59:69:bd:3c:69:d9:a0:1e:95:5d:af:d0:2a:93:74:bf: 7e:5a:9e:43:b0:87:8c:b4:f1:f5:7f:5e:13:2f:52:00:22:25: fe:2f:c2:f3:40:09:3d:d7:27:1c:35:62:7d:fe:9b:0d:64:53: 1b:94:51:f0:8b:30:f0:89:dd:99:27:b5:83:57:82:5f:80:a7: 60:29:fe:42:67:c4:43:ee:c2:27:46:24:3d:28:d8:87:75:fe: fe:eb:9d:e1:26:f6:63:67:53:35:e3:7b:a3:3f:96:05:ef:98: ab:4b:33:6e:22:7b:f3:03:af:82:fe:9c:96:d4:9d:ec:7c:6b: 1a:4e:2f:b9:b4:b7:81:c2:01:dd:be:84:58:35:63:59:6a:3e: 30:5d:ad:f5 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUNid6Yu6b5A4vj3BPryfFOIS7HdMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1M1oX DTI3MDUwMTA5MjU1M1owMzExMC8GA1UEAxMoNEJGREFDNUUyNkQ2NjlCNjAyQjYw NTVBQkM2MzM4N0Q0Q0U3MEE3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMUP89u9c439gyWt0yhReXhXYiuhdkDxQfEi8tckE0fBOFgjMIq66YHk7BnM 9Wtuld2D1DnJuWDCvQsk1ZLfnwCe/ncdc8rRXvTpD764NFYWMAWciMHSPoknPziC Fvs/HkrqPIuAtpmODuwUkTq7aX+Dubb4JkOkQKgCyrMc2VLFxcbl+9Y1Zik23uFP 9ZHaIqsokFDzXgT4hNojJR+4tjYAFPabcoDTZgCqGKPnFGHyC+gDVjKleaj4GSSZ S+k3O2RLy6boBEi5OoMjRYmnnmT7RWCI/MO9GSqFeNIbazGAcHFQ8iVD3elvLY0g uNvQdZYeANpBJP0V6XmdZhdFZ30CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRL/axe JtZptgK2BVq8Yzh9TOcKdTAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyMzk0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN85jAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ0eZCMQtyqDN+FzH3JKzF CNBP0r3as8r7FUIpNSRRoW6yIsAd7id9B32ssSYGOF0LAWAX7O1E5hXOK3SJ/0Zx JswLzxGtNECX7fRD6NH/6pqwMJDiHa9NavzGg34I5wdrrxvzkYc+3bI4C62yyVlp vTxp2aAelV2v0CqTdL9+Wp5DsIeMtPH1f14TL1IAIiX+L8LzQAk91yccNWJ9/psN ZFMblFHwizDwid2ZJ7WDV4JfgKdgKf5CZ8RD7sInRiQ9KNiHdf7+653hJvZjZ1M1 43ujP5YF75irSzNuInvzA6+C/pyW1J3sfGsaTi+5tLeBwgHdvoRYNWNZaj4wXa31 -----END CERTIFICATE-----Generated at Sun May 3 00:40:25 2026 by rpki-client