$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152426.roa File: AS152426.roa (raw, json) Hash identifier: OLFjrDwlPKLNDOyHt5DpKst40pjUJWVkaHb1BRKVEOw= Subject key identifier: FB:B0:2C:F0:DC:D9:6F:A4:39:30:42:85:B2:86:DB:47:F8:D9:36:1A Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 354B038D6CA990B77B7C4B687ED58B775239351C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152426.roa Signing time: Sat 02 May 2026 09:25:55 +0000 ROA not before: Sat 02 May 2026 09:20:55 +0000 ROA not after: Sat 01 May 2027 09:25:55 +0000 asID: 152426 IP address blocks: 2001:df3:9cc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:4b:03:8d:6c:a9:90:b7:7b:7c:4b:68:7e:d5:8b:77:52:39:35:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 09:20:55 2026 GMT Not After : May 1 09:25:55 2027 GMT Subject: CN=FBB02CF0DCD96FA439304285B286DB47F8D9361A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:54:db:36:e2:86:90:52:98:e7:5c:ec:82:41: 8e:ee:0a:bd:b6:74:1f:40:b8:90:4a:d2:82:12:f7: fd:58:f7:41:81:b5:3e:e2:b6:06:fe:da:4f:d4:4b: c1:ce:69:1d:76:cc:d3:5e:3f:8a:98:d0:3d:05:0f: 1f:e9:0f:d7:5a:40:83:e6:cd:78:57:bd:c7:af:69: ab:ef:d8:32:a7:4c:f2:b2:60:05:d6:bb:80:ce:26: 15:4a:98:ab:7e:3c:a3:85:9d:5b:67:08:80:97:46: 46:87:51:18:75:c5:be:5f:a7:a3:4b:bd:3c:7b:cf: 5d:20:fb:18:c3:57:dc:11:52:a6:ea:d6:5a:9c:d1: 77:55:70:67:58:25:18:42:78:7c:49:a2:d4:67:da: 42:65:f9:b7:3e:b9:ed:8a:38:68:09:a4:81:79:63: 3f:e2:74:6f:7d:29:22:5d:10:9d:56:1e:8d:b0:f2: f6:90:ea:5a:5e:13:5f:36:16:b9:64:bd:09:ff:ca: 33:05:fe:19:25:93:9b:21:a4:85:9e:a3:ce:b3:35: ef:22:3a:6a:a6:f6:4f:c5:28:f7:e8:53:f9:79:ac: 3e:d7:3f:ec:6e:4c:d2:ac:87:36:f9:67:39:0b:a2: 82:53:9b:fe:83:30:53:8f:39:68:f4:9b:f3:5b:38: 98:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:B0:2C:F0:DC:D9:6F:A4:39:30:42:85:B2:86:DB:47:F8:D9:36:1A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152426.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:9cc0::/48 Signature Algorithm: sha256WithRSAEncryption 1b:a3:cc:cd:f1:91:e8:4c:b5:22:a9:24:3e:d0:bf:a5:8d:bd: 4b:bb:34:cb:f3:9b:dc:5e:3e:3d:37:19:1f:15:20:14:3d:7a: 78:33:10:31:6d:6d:ab:37:ce:9e:93:47:18:df:98:c9:55:fd: af:ff:c4:58:df:ec:5f:e3:dc:e2:85:ab:1d:17:7d:82:d9:c8: 34:41:e8:8a:cd:37:0a:81:20:bd:d0:c8:3f:63:2e:76:25:77: eb:a9:7d:7d:62:82:3a:82:05:c6:d6:65:0b:cb:2f:fa:f7:25: 7c:41:6d:c4:5c:61:ec:74:76:9a:c1:5f:a1:98:fe:40:8a:64: 13:8a:fe:3e:f2:cd:9a:97:39:39:7e:10:58:48:c1:84:50:c2: 13:dc:fe:04:10:5a:eb:d1:cb:78:e5:95:5b:3e:8e:d0:a2:e1: cc:28:27:a8:df:bd:4d:60:86:ee:b7:c8:5a:f1:ae:49:38:03: 58:eb:9e:e1:4b:16:86:80:0d:b1:73:1c:63:b1:9b:1c:e6:51: b8:cb:3f:e3:e2:71:96:1a:0c:38:48:7f:ad:20:67:55:5f:dd: be:da:9c:10:dd:1f:34:f8:a3:d3:d5:c6:37:d5:15:d7:17:a3: 47:81:e8:42:b1:6a:a5:04:79:b5:e3:fb:1b:90:53:61:04:c5: d6:52:ba:1b -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUNUsDjWypkLd7fEtoftWLd1I5NRwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjA5MjA1NVoX DTI3MDUwMTA5MjU1NVowMzExMC8GA1UEAxMoRkJCMDJDRjBEQ0Q5NkZBNDM5MzA0 Mjg1QjI4NkRCNDdGOEQ5MzYxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKtU2zbihpBSmOdc7IJBju4KvbZ0H0C4kErSghL3/Vj3QYG1PuK2Bv7aT9RL wc5pHXbM014/ipjQPQUPH+kP11pAg+bNeFe9x69pq+/YMqdM8rJgBda7gM4mFUqY q348o4WdW2cIgJdGRodRGHXFvl+no0u9PHvPXSD7GMNX3BFSpurWWpzRd1VwZ1gl GEJ4fEmi1GfaQmX5tz657Yo4aAmkgXljP+J0b30pIl0QnVYejbDy9pDqWl4TXzYW uWS9Cf/KMwX+GSWTmyGkhZ6jzrM17yI6aqb2T8Uo9+hT+XmsPtc/7G5M0qyHNvln OQuiglOb/oMwU485aPSb81s4mAECAwEAAaOCAc8wggHLMB0GA1UdDgQWBBT7sCzw 3NlvpDkwQoWyhttH+Nk2GjAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyNDI2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN85zAMA0GCSqGSIb3DQEBCwUAA4IBAQAbo8zN8ZHoTLUiqSQ+0L+l jb1LuzTL85vcXj49NxkfFSAUPXp4MxAxbW2rN86ek0cY35jJVf2v/8RY3+xf49zi hasdF32C2cg0QeiKzTcKgSC90Mg/Yy52JXfrqX19YoI6ggXG1mULyy/69yV8QW3E XGHsdHaawV+hmP5AimQTiv4+8s2alzk5fhBYSMGEUMIT3P4EEFrr0ct45ZVbPo7Q ouHMKCeo371NYIbut8ha8a5JOANY657hSxaGgA2xcxxjsZsc5lG4yz/j4nGWGgw4 SH+tIGdVX92+2pwQ3R80+KPT1cY31RXXF6NHgehCsWqlBHm14/sbkFNhBMXWUrob -----END CERTIFICATE-----Generated at Sun May 3 00:40:28 2026 by rpki-client