$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa File: AS152430.roa (raw, json) Hash identifier: Vk5OaGM3ysFM3OmF6aShCur0WF0wzIdeRxyppqTbwO4= Subject key identifier: CA:86:2D:76:4F:17:46:8A:BD:C6:ED:19:87:AD:05:BA:A9:F1:29:18 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1AA093FD99D5BE2F307484F94B6B67EC13B1C197 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa Signing time: Mon 26 May 2025 08:00:10 +0000 ROA not before: Mon 26 May 2025 07:55:10 +0000 ROA not after: Mon 25 May 2026 08:00:10 +0000 asID: 152430 IP address blocks: 157.20.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 08:40:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:a0:93:fd:99:d5:be:2f:30:74:84:f9:4b:6b:67:ec:13:b1:c1:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 26 07:55:10 2025 GMT Not After : May 25 08:00:10 2026 GMT Subject: CN=CA862D764F17468ABDC6ED1987AD05BAA9F12918 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:93:1d:5b:9f:35:2f:c4:5a:02:18:b8:ee:2a: 12:62:f3:a5:6f:72:8a:e1:d3:d2:c1:2b:c2:86:94: 86:d9:f2:67:39:2c:d6:28:c4:49:bc:1e:6d:c2:98: cf:6f:31:1e:18:fe:7b:3f:31:ed:1f:80:18:e7:0a: 21:3f:37:1c:3c:8b:cf:ea:12:76:74:9f:27:51:0a: 53:42:b1:d0:34:83:ef:40:a9:ca:aa:5f:26:0b:43: 6d:37:df:1e:d6:04:8f:c4:aa:5c:40:ec:3e:b1:41: cf:29:c4:56:56:da:be:2f:36:8a:50:57:ad:99:19: fe:7e:81:bd:ac:5a:47:ce:50:31:0d:d1:64:de:73: 7b:55:c7:8e:00:1b:b0:ab:5c:61:e3:ce:48:2c:b7: 9c:cb:32:b5:62:e9:f5:d0:28:68:e9:b3:07:6e:55: 96:8a:16:be:6e:05:2c:bc:08:cb:95:e5:ba:81:86: c3:d3:bb:08:c9:f9:91:81:a4:26:9b:b1:ec:88:6c: 48:0e:3b:ea:6f:38:24:6a:71:94:d7:fa:61:90:84: 2e:4f:08:4a:a3:13:92:bd:d1:bc:15:c6:1e:ac:46: 0c:7c:63:c6:2c:be:64:2d:0e:4b:57:de:0f:f2:5c: 76:cf:53:9a:73:2b:1f:ae:a2:eb:7e:95:57:7c:23: 17:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:86:2D:76:4F:17:46:8A:BD:C6:ED:19:87:AD:05:BA:A9:F1:29:18 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.128.0/24 Signature Algorithm: sha256WithRSAEncryption 74:86:3b:b3:db:ab:a4:0f:c0:ea:c9:91:46:a4:65:8f:5a:34: 06:7a:28:cc:1d:12:4b:9c:f8:83:84:dd:3c:a4:61:1f:5d:3f: 6d:d5:ec:4d:99:11:5c:84:8f:3d:9b:b1:a3:32:b2:37:63:06: 3d:fd:4d:bc:3e:70:44:2b:8c:db:26:90:c2:66:8d:70:84:e5: 0d:3d:ff:aa:22:f0:37:13:de:01:d0:2d:a7:18:81:75:22:8c: 43:9a:01:47:7c:c6:ea:e5:e2:4e:bd:be:87:fb:d8:e8:7c:59: ec:0d:f2:33:b8:2a:3d:3c:ad:cb:99:3f:9f:df:6e:f5:3a:78: 80:42:ce:93:44:da:d7:7e:2b:fd:38:4f:4a:87:0b:1c:7b:7d: 0e:86:8e:7d:77:2e:30:45:d4:3c:ea:0d:c4:0d:70:f2:cf:2e: 2f:ba:c5:62:a8:24:69:a1:a5:c6:ac:61:00:74:02:fc:f9:08: c4:a6:c9:3c:72:c5:c7:c4:87:f2:08:45:55:7d:e0:da:8e:88: 38:3d:06:8a:50:35:19:0e:7c:bd:53:04:dc:2c:44:43:6a:f7: c6:5a:74:c3:d8:a6:f9:d2:64:df:5e:1f:5d:01:84:ff:69:30: ff:db:17:f5:0b:ba:57:4d:25:0a:8c:c3:47:9f:d8:0c:90:0b: 0e:7f:94:6e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUGqCT/ZnVvi8wdIT5S2tn7BOxwZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUyNjA3NTUxMFoX DTI2MDUyNTA4MDAxMFowMzExMC8GA1UEAxMoQ0E4NjJENzY0RjE3NDY4QUJEQzZF RDE5ODdBRDA1QkFBOUYxMjkxODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN2THVufNS/EWgIYuO4qEmLzpW9yiuHT0sErwoaUhtnyZzks1ijESbwebcKY z28xHhj+ez8x7R+AGOcKIT83HDyLz+oSdnSfJ1EKU0Kx0DSD70CpyqpfJgtDbTff HtYEj8SqXEDsPrFBzynEVlbavi82ilBXrZkZ/n6BvaxaR85QMQ3RZN5ze1XHjgAb sKtcYePOSCy3nMsytWLp9dAoaOmzB25VlooWvm4FLLwIy5XluoGGw9O7CMn5kYGk Jpux7IhsSA476m84JGpxlNf6YZCELk8ISqMTkr3RvBXGHqxGDHxjxiy+ZC0OS1fe D/Jcds9TmnMrH66i636VV3wjFwcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTKhi12 TxdGir3G7RmHrQW6qfEpGDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0UgDANBgkqhkiG9w0BAQsFAAOCAQEAdIY7s9urpA/A6smRRqRl j1o0BnoozB0SS5z4g4TdPKRhH10/bdXsTZkRXISPPZuxozKyN2MGPf1NvD5wRCuM 2yaQwmaNcITlDT3/qiLwNxPeAdAtpxiBdSKMQ5oBR3zG6uXiTr2+h/vY6HxZ7A3y M7gqPTyty5k/n99u9Tp4gELOk0Ta134r/ThPSocLHHt9DoaOfXcuMEXUPOoNxA1w 8s8uL7rFYqgkaaGlxqxhAHQC/PkIxKbJPHLFx8SH8ghFVX3g2o6IOD0GilA1GQ58 vVME3CxEQ2r3xlp0w9im+dJk314fXQGE/2kw/9sX9Qu6V00lCozDR5/YDJALDn+U bg== -----END CERTIFICATE-----Generated at Wed Nov 5 07:25:06 2025 by rpki-client