$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa File: AS152414.roa (raw, json) Hash identifier: a9afWkgsLUTk9MOBTu3qOn82FRTDyuMjTtg7HRFjNVE= Subject key identifier: 15:7F:FB:AA:DD:A8:24:D3:6A:BD:80:F0:93:01:0D:5B:88:19:A2:2D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3593621FBA10D51EE30D96A38C82320C0EBC484E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa Signing time: Thu 08 Jan 2026 11:00:06 +0000 ROA not before: Thu 08 Jan 2026 10:55:06 +0000 ROA not after: Thu 07 Jan 2027 11:00:06 +0000 asID: 152414 IP address blocks: 157.20.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:93:62:1f:ba:10:d5:1e:e3:0d:96:a3:8c:82:32:0c:0e:bc:48:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:06 2026 GMT Not After : Jan 7 11:00:06 2027 GMT Subject: CN=157FFBAADDA824D36ABD80F093010D5B8819A22D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ed:fc:fd:ae:74:8d:a1:a9:f2:0b:39:85:1c: cd:2d:a8:72:d4:30:44:98:f5:55:e8:c5:87:7e:ab: f5:db:14:23:e5:11:9a:57:11:96:fc:1e:68:55:a3: ab:c8:ab:18:6d:db:99:b4:ea:7e:88:0d:87:0f:56: 47:f5:f8:52:34:28:df:47:05:e3:22:fd:a5:6c:6e: 35:64:ff:39:2c:fb:12:c0:15:43:73:b2:cf:de:44: 95:25:df:71:ac:7e:ed:d0:e3:15:d7:f6:50:e6:e1: 72:30:dd:32:db:be:1b:99:7c:9a:24:11:90:7a:25: 04:ef:e4:07:96:5a:91:a4:89:2f:0f:3b:a2:cf:76: 41:a5:60:6b:2e:d2:6e:db:12:8d:ba:f7:c3:a1:8b: a3:d0:85:4c:c5:5d:08:97:89:33:67:55:43:21:23: 43:11:b7:ac:c0:e2:9a:d8:8e:f4:0e:c9:cb:71:1c: d9:0e:49:28:b0:94:c5:e4:cb:e1:f4:72:39:6b:5c: fd:b5:52:a3:31:2a:8f:f8:76:4c:e8:18:40:4d:96: 71:8c:67:da:3b:21:1a:64:ae:79:72:db:a3:c1:c4: fb:3c:05:0f:25:08:13:45:46:6b:77:a8:4a:2b:9f: b9:06:e8:0c:34:82:f0:99:c7:e7:be:22:e8:1f:42: 78:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:7F:FB:AA:DD:A8:24:D3:6A:BD:80:F0:93:01:0D:5B:88:19:A2:2D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.130.0/23 Signature Algorithm: sha256WithRSAEncryption 2b:5b:bc:bd:88:97:1e:aa:59:2b:1e:01:90:9d:38:27:84:3c: 29:35:da:14:5f:d3:11:48:28:39:54:4e:95:9e:90:d7:d9:c1: 7d:fb:ac:78:f7:b5:db:ca:33:a8:70:9c:f2:4b:8b:c4:44:21: e3:86:97:ad:50:ec:24:4c:76:b8:04:67:3f:63:32:2a:4a:c9: 70:53:7d:40:9d:a3:e6:83:2b:71:a6:12:cb:b8:3f:11:90:54: fb:44:2e:6b:64:36:8f:5c:46:32:9e:d2:e1:df:48:fc:4e:cf: e4:9a:bd:6c:00:2e:d4:02:c0:af:bd:cb:9f:24:87:40:c9:46: b0:9e:ca:27:e2:1a:99:07:90:01:25:43:3f:6f:0a:fb:0f:b3: 43:60:df:07:b3:01:18:ab:37:61:8a:ea:83:57:e6:c2:de:3f: 94:5e:4f:99:8c:d2:dc:60:7e:54:af:0f:c8:6c:1d:5c:aa:e4: 85:2e:dd:a6:a6:e1:e7:ca:e0:1c:e0:54:f7:65:cf:e8:22:af: 50:70:6f:d6:47:3f:23:37:cf:86:6a:b5:dd:5f:67:ea:28:4b: 48:bf:e0:fd:67:da:1a:3d:57:fd:18:4c:37:e0:e9:40:67:77: 92:ce:d8:b2:b1:9a:da:10:6c:d5:51:13:54:c6:52:23:4f:3f: 8b:eb:04:de -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNZNiH7oQ1R7jDZajjIIyDA68SE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwNloX DTI3MDEwNzExMDAwNlowMzExMC8GA1UEAxMoMTU3RkZCQUFEREE4MjREMzZBQkQ4 MEYwOTMwMTBENUI4ODE5QTIyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOjt/P2udI2hqfILOYUczS2octQwRJj1VejFh36r9dsUI+URmlcRlvweaFWj q8irGG3bmbTqfogNhw9WR/X4UjQo30cF4yL9pWxuNWT/OSz7EsAVQ3Oyz95ElSXf cax+7dDjFdf2UObhcjDdMtu+G5l8miQRkHolBO/kB5ZakaSJLw87os92QaVgay7S btsSjbr3w6GLo9CFTMVdCJeJM2dVQyEjQxG3rMDimtiO9A7Jy3Ec2Q5JKLCUxeTL 4fRyOWtc/bVSozEqj/h2TOgYQE2WcYxn2jshGmSueXLbo8HE+zwFDyUIE0VGa3eo SiufuQboDDSC8JnH574i6B9CeGUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQVf/uq 3agk02q9gPCTAQ1biBmiLTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQxNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UgjANBgkqhkiG9w0BAQsFAAOCAQEAK1u8vYiXHqpZKx4BkJ04 J4Q8KTXaFF/TEUgoOVROlZ6Q19nBffusePe128ozqHCc8kuLxEQh44aXrVDsJEx2 uARnP2MyKkrJcFN9QJ2j5oMrcaYSy7g/EZBU+0Qua2Q2j1xGMp7S4d9I/E7P5Jq9 bAAu1ALAr73LnySHQMlGsJ7KJ+IamQeQASVDP28K+w+zQ2DfB7MBGKs3YYrqg1fm wt4/lF5PmYzS3GB+VK8PyGwdXKrkhS7dpqbh58rgHOBU92XP6CKvUHBv1kc/IzfP hmq13V9n6ihLSL/g/WfaGj1X/RhMN+DpQGd3ks7YsrGa2hBs1VETVMZSI08/i+sE 3g== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:31 2026 by rpki-client