$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152401.roa File: AS152401.roa (raw, json) Hash identifier: j1S+cHhmtIdtW5mClpaL3AfVXvcBOh1R6gl8lpcfOTE= Subject key identifier: 11:6A:54:3A:F7:70:EA:BB:0A:13:F9:7C:72:8B:58:DB:20:79:E0:3F Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 02F91D1F049F29D45433B33AA0B5393C1768E632 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152401.roa Signing time: Sat 02 May 2026 09:24:33 +0000 ROA not before: Sat 02 May 2026 09:19:33 +0000 ROA not after: Sat 01 May 2027 09:24:33 +0000 asID: 152401 IP address blocks: 163.227.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:58:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:f9:1d:1f:04:9f:29:d4:54:33:b3:3a:a0:b5:39:3c:17:68:e6:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:19:33 2026 GMT Not After : May 1 09:24:33 2027 GMT Subject: CN=116A543AF770EABB0A13F97C728B58DB2079E03F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:f5:a5:ff:17:1f:76:87:1c:cf:81:db:73:bb: 7c:3c:05:90:5a:9e:31:46:81:e5:ef:d2:38:c9:21: 8c:43:f0:8d:a8:46:2b:a0:96:da:41:e1:9a:aa:13: 7c:83:8b:b6:c4:8b:6d:16:b2:52:64:fd:33:c6:a0: d7:e5:61:07:5f:6a:20:3a:bf:32:d0:03:4f:8c:81: d5:9e:90:11:38:b3:1d:5c:98:1f:c1:fe:79:35:3d: 8a:df:26:4a:3d:6b:12:e6:cd:14:c8:8d:44:59:30: e9:aa:4a:9f:10:eb:6c:c8:fa:a9:26:df:8b:1a:fc: 18:8d:2e:65:48:c4:58:10:eb:f4:76:ac:28:8e:9b: 4c:b0:9b:73:6e:5a:22:cd:78:23:ad:f5:82:bd:b9: b6:a8:68:85:62:1f:8b:44:32:ce:aa:f2:a6:44:d2: ed:41:3f:a1:d8:74:8b:5c:8c:3e:5c:a6:72:38:46: bb:0c:b8:21:1a:81:da:0c:cd:6c:d1:d4:7c:55:da: 17:65:c8:9c:cc:cf:92:8a:dd:2e:ee:16:fe:d5:86: 4a:ab:11:bc:b5:98:95:dc:d3:9b:3a:51:8e:3c:23: ca:8f:c5:56:f9:48:03:bc:f5:cb:d9:e5:48:8b:b4: 74:d6:05:1c:fb:e9:b5:18:aa:ef:c1:30:58:d1:6f: 8d:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:6A:54:3A:F7:70:EA:BB:0A:13:F9:7C:72:8B:58:DB:20:79:E0:3F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152401.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.64.0/24 Signature Algorithm: sha256WithRSAEncryption 48:38:bc:6d:55:98:93:b3:3a:9e:ca:89:14:1e:51:35:5c:8f: 0a:67:49:43:90:06:47:f9:30:38:07:25:d1:df:d8:3d:3f:f1: 2b:1a:de:06:24:7c:38:51:cd:e5:af:36:77:7d:12:71:dd:25: c1:cb:23:54:9c:ac:17:12:1c:79:c8:25:61:3d:72:0e:f2:b1: bc:98:a8:15:ea:da:3c:3b:0c:e3:79:6f:00:32:a0:36:cb:c4: 5c:16:84:08:34:52:49:63:28:31:d7:15:49:3d:79:b4:a0:ac: b3:f8:10:62:f3:fb:9b:3a:00:77:71:15:f8:5e:6e:4a:63:30: cd:96:76:f9:cc:0b:f9:11:7f:b0:33:b8:a8:1b:af:ff:fc:cc: cc:e4:3a:13:f8:2e:04:4b:b9:b6:97:8f:f9:54:ca:7a:ae:d6: a4:bd:74:e7:95:f5:94:95:af:0e:24:be:9c:9f:55:20:91:b6: 4d:ad:25:49:23:17:0f:16:74:3d:8b:97:48:af:eb:f7:9b:43: 7f:5c:19:79:38:77:90:1b:28:a4:27:19:f1:9e:63:24:4f:b4: 9d:a3:e5:f0:ba:eb:50:42:fe:85:c6:f3:c6:e4:aa:a4:06:40: b0:ed:6e:8f:bd:ef:3b:b4:3b:70:49:14:55:6b:43:3e:f3:79: 95:79:26:b5 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUAvkdHwSfKdRUM7M6oLU5PBdo5jIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MTkzM1oX DTI3MDUwMTA5MjQzM1owMzExMC8GA1UEAxMoMTE2QTU0M0FGNzcwRUFCQjBBMTNG OTdDNzI4QjU4REIyMDc5RTAzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPD1pf8XH3aHHM+B23O7fDwFkFqeMUaB5e/SOMkhjEPwjahGK6CW2kHhmqoT fIOLtsSLbRayUmT9M8ag1+VhB19qIDq/MtADT4yB1Z6QETizHVyYH8H+eTU9it8m Sj1rEubNFMiNRFkw6apKnxDrbMj6qSbfixr8GI0uZUjEWBDr9HasKI6bTLCbc25a Is14I631gr25tqhohWIfi0QyzqrypkTS7UE/odh0i1yMPlymcjhGuwy4IRqB2gzN bNHUfFXaF2XInMzPkordLu4W/tWGSqsRvLWYldzTmzpRjjwjyo/FVvlIA7z1y9nl SIu0dNYFHPvptRiq78EwWNFvjR0CAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQRalQ6 93DquwoT+Xxyi1jbIHngPzAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyNDAxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAo+NAMA0GCSqGSIb3DQEBCwUAA4IBAQBIOLxtVZiTszqeyokUHlE1XI8K Z0lDkAZH+TA4ByXR39g9P/ErGt4GJHw4Uc3lrzZ3fRJx3SXByyNUnKwXEhx5yCVh PXIO8rG8mKgV6to8OwzjeW8AMqA2y8RcFoQINFJJYygx1xVJPXm0oKyz+BBi8/ub OgB3cRX4Xm5KYzDNlnb5zAv5EX+wM7ioG6///MzM5DoT+C4ES7m2l4/5VMp6rtak vXTnlfWUla8OJL6cn1UgkbZNrSVJIxcPFnQ9i5dIr+v3m0N/XBl5OHeQGyikJxnx nmMkT7Sdo+XwuutQQv6FxvPG5KqkBkCw7W6Pve87tDtwSRRVa0M+83mVeSa1 -----END CERTIFICATE-----Generated at Sun May 3 00:39:50 2026 by rpki-client