$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AS152442.roa File: AS152442.roa (raw, json) Hash identifier: /97Yen3a4Z/WE90fqu/HymQgcGwYC5ItzPG0Ja9y8f0= Subject key identifier: 41:04:21:6E:F0:27:D5:E4:EA:63:31:D3:77:66:E5:69:52:9A:0C:D2 Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7DB7C45F67C3838609E6F6671F2CE779A81F18CE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152442.roa Signing time: Sat 02 May 2026 16:47:37 +0000 ROA not before: Sat 02 May 2026 16:42:37 +0000 ROA not after: Sat 01 May 2027 16:47:37 +0000 asID: 152442 IP address blocks: 2001:df3:b040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 01:27:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:b7:c4:5f:67:c3:83:86:09:e6:f6:67:1f:2c:e7:79:a8:1f:18:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 16:42:37 2026 GMT Not After : May 1 16:47:37 2027 GMT Subject: CN=4104216EF027D5E4EA6331D37766E569529A0CD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:5e:96:bc:0b:d5:8d:1b:91:15:59:73:a7:80: dd:bf:b8:ee:04:89:f5:e9:7e:9d:cc:47:98:60:a1: d9:fa:c9:b5:e7:ca:77:44:b4:7c:e7:07:5c:fc:fa: 33:70:4f:d1:5d:6d:b5:22:d1:7f:79:ae:81:b7:d3: 2e:f2:42:d9:bb:58:94:60:a9:72:0a:1b:e0:08:da: d1:1a:a4:51:1f:5a:ae:5d:9d:54:b8:b8:45:19:1d: 9c:4d:aa:d1:23:26:2d:0a:ba:e6:72:1b:c6:67:aa: 3f:77:4a:b9:ea:57:9c:ca:2a:6b:cb:31:a3:fe:fd: e6:41:30:f5:a5:7c:78:14:c1:4c:0b:34:26:89:c9: 9f:de:1a:e0:3d:01:36:f5:0a:c2:3a:a6:51:71:5c: 32:8a:cf:ae:38:10:9b:85:b3:e3:f4:26:db:47:b8: 76:de:ca:06:c1:21:a9:dc:48:85:c5:4d:45:f1:1f: 35:75:9d:a3:d6:2a:5d:c2:cb:c4:98:bc:af:c2:e6: 92:b4:e6:f2:a0:75:87:70:44:cd:1f:de:b3:7c:d4: f9:d2:0e:fd:39:2b:08:47:b0:99:82:16:d7:f6:7a: 3d:fb:22:98:b7:97:45:5a:77:6f:95:14:40:df:ca: f9:4e:dc:06:b4:de:5f:71:83:da:94:3a:c3:ba:46: 83:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:04:21:6E:F0:27:D5:E4:EA:63:31:D3:77:66:E5:69:52:9A:0C:D2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/AS152442.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:b040::/48 Signature Algorithm: sha256WithRSAEncryption 52:02:f0:0a:49:c1:ce:bf:36:61:0e:c3:ed:ed:92:f6:3d:0f: cf:ed:52:90:cb:c2:76:ca:e5:38:f1:c2:5c:09:e6:d0:a6:41: ab:07:9c:63:3d:c5:20:e3:3c:ad:28:40:76:3a:4d:d3:9b:e1: 0f:17:5b:0b:ca:ad:72:a5:1a:89:15:07:dc:82:8b:3f:58:24: ca:34:81:36:e4:b0:de:20:d2:a2:a7:94:0e:60:06:49:91:fd: 1b:2c:45:45:c6:0e:47:84:0e:45:ee:dd:c8:32:93:68:a0:7a: d3:91:6b:b2:e1:7c:ec:93:fc:a7:aa:eb:a6:4a:4f:35:d4:24: c9:74:39:f8:a9:ce:16:28:ed:1c:b8:0d:08:13:a0:3a:f7:ec: 8d:64:bd:70:4d:ac:a6:98:07:b9:0a:7d:34:d9:a1:89:13:ba: 87:4d:4b:89:d2:cf:9d:11:82:d5:a9:71:21:e3:ca:a3:90:50: 00:4e:a7:e8:6a:c6:24:1c:85:65:4c:ea:ce:10:36:72:98:ff: 1e:4c:82:1f:b3:78:f2:50:fe:f7:5b:18:8c:79:9f:e1:dc:51: e9:78:5f:42:b9:97:0e:23:8f:54:c2:be:b2:01:34:29:8c:af: 91:e5:2c:f8:ff:f8:dd:53:ae:fb:fe:41:3e:13:8d:5d:95:5c: b3:23:2f:4d -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUfbfEX2fDg4YJ5vZnHyzneagfGM4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjE2NDIzN1oX DTI3MDUwMTE2NDczN1owMzExMC8GA1UEAxMoNDEwNDIxNkVGMDI3RDVFNEVBNjMz MUQzNzc2NkU1Njk1MjlBMENEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpelrwL1Y0bkRVZc6eA3b+47gSJ9el+ncxHmGCh2frJtefKd0S0fOcHXPz6 M3BP0V1ttSLRf3mugbfTLvJC2btYlGCpcgob4Aja0RqkUR9arl2dVLi4RRkdnE2q 0SMmLQq65nIbxmeqP3dKuepXnMoqa8sxo/795kEw9aV8eBTBTAs0JonJn94a4D0B NvUKwjqmUXFcMorPrjgQm4Wz4/Qm20e4dt7KBsEhqdxIhcVNRfEfNXWdo9YqXcLL xJi8r8LmkrTm8qB1h3BEzR/es3zU+dIO/TkrCEewmYIW1/Z6PfsimLeXRVp3b5UU QN/K+U7cBrTeX3GD2pQ6w7pGgyMCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRBBCFu 8CfV5OpjMdN3ZuVpUpoM0jAfBgNVHSMEGDAWgBRBmoXN+KQwUWlGhp0cSSA31rxu njAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzEvNDE5QTg1Q0RGOEE0MzA1MTY5 NDY4NjlEMUM0OTIwMzdENkJDNkU5RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VG NTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvUVpxRnpmaWtNRkZwUm9hZEhFa2dO OWE4YnA0LmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8xL0FTMTUyNDQyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcAIAEN87BAMA0GCSqGSIb3DQEBCwUAA4IBAQBSAvAKScHOvzZhDsPt7ZL2 PQ/P7VKQy8J2yuU48cJcCebQpkGrB5xjPcUg4zytKEB2Ok3Tm+EPF1sLyq1ypRqJ FQfcgos/WCTKNIE25LDeINKip5QOYAZJkf0bLEVFxg5HhA5F7t3IMpNooHrTkWuy 4Xzsk/ynquumSk811CTJdDn4qc4WKO0cuA0IE6A69+yNZL1wTaymmAe5Cn002aGJ E7qHTUuJ0s+dEYLVqXEh48qjkFAATqfoasYkHIVlTOrOEDZymP8eTIIfs3jyUP73 WxiMeZ/h3FHpeF9CuZcOI49Uwr6yATQpjK+R5Sz4//jdU677/kE+E41dlVyzIy9N -----END CERTIFICATE-----Generated at Sun May 3 01:44:54 2026 by rpki-client