$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa File: AS152431.roa (raw, json) Hash identifier: 8gJg+m/mJR38OFIHyyrF5fNEb4TJw75oVOEEaleP7Ns= Subject key identifier: 10:08:27:5C:C8:E7:FF:87:07:02:62:7F:88:BC:1B:66:80:B2:83:2F Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4B6EFB17042B1402C526D67A82D2A9F3B43BF327 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa Signing time: Thu 08 Jan 2026 11:00:03 +0000 ROA not before: Thu 08 Jan 2026 10:55:03 +0000 ROA not after: Thu 07 Jan 2027 11:00:03 +0000 asID: 152431 IP address blocks: 157.20.230.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:6e:fb:17:04:2b:14:02:c5:26:d6:7a:82:d2:a9:f3:b4:3b:f3:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:03 2026 GMT Not After : Jan 7 11:00:03 2027 GMT Subject: CN=1008275CC8E7FF870702627F88BC1B6680B2832F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f0:ae:8c:a7:4f:0e:d6:2c:cb:d5:93:6b:f1: 72:8e:39:72:41:7c:51:77:a2:26:8a:02:1b:77:b1: 0b:33:c2:80:a2:53:46:fc:b8:4c:f4:ea:59:ee:d7: 9b:b5:4f:34:fa:ee:c5:4e:94:c5:09:23:6f:fd:a7: 94:28:c9:0e:ba:06:58:f2:91:b8:06:fa:fc:8e:3c: 12:86:76:45:6a:9f:8b:ec:6d:92:a7:44:d8:35:4d: 6c:a8:5e:08:52:ea:1f:a9:f1:a5:78:5a:69:5a:b2: 25:4f:d8:c0:f9:5d:88:93:cf:67:a4:3e:8e:3d:35: 56:ae:aa:cd:b6:34:50:6d:62:11:37:2c:44:cc:51: d1:c4:4a:21:7a:f7:ba:e1:c6:fe:eb:7a:33:ca:90: 52:5c:71:42:93:fd:fb:15:a2:72:63:1f:fb:78:3d: e0:8a:46:29:5d:b1:82:9d:32:74:90:6a:9e:92:2f: 81:4f:ab:db:7c:26:0f:e2:3d:c7:21:f9:07:a4:8c: 78:23:27:64:2a:a9:10:5c:f6:b1:5d:53:62:bf:9f: e1:99:9a:0f:ae:6f:ab:af:7c:59:03:8f:2f:43:43: 4e:07:c6:44:b1:66:ca:de:95:59:b3:fb:5c:98:3a: c8:0a:11:f5:20:39:b7:57:c4:8f:73:71:5c:2d:33: 14:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:08:27:5C:C8:E7:FF:87:07:02:62:7F:88:BC:1B:66:80:B2:83:2F X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.230.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:45:c3:13:31:25:a4:50:db:92:f0:83:3f:b4:64:af:33:cd: 8c:32:fe:d3:02:6f:65:1b:e7:df:a9:75:b5:17:34:a9:98:c8: 75:6e:08:a5:b0:06:db:ff:57:e8:ac:01:96:5e:a4:42:75:be: 25:67:ae:b4:e8:c3:59:0e:f8:6c:b1:f0:bf:4a:e7:fa:0f:28: b9:0e:53:4b:95:d6:f4:b6:ee:22:76:b4:b1:92:9b:11:e7:d9: b7:30:72:32:dd:99:c5:80:71:c6:5c:d8:e9:6e:ce:74:03:15: 99:d7:0b:99:cc:5d:10:b9:68:77:8b:ae:de:a7:f3:3c:b9:ee: 70:8f:b5:e3:c9:81:fa:2c:87:42:e0:21:37:85:78:89:d0:4c: 89:c7:50:d0:0d:ae:11:5f:12:5b:ab:14:84:3d:14:21:6b:08: 3c:bb:fa:ac:6f:2e:ca:fe:2d:dd:c3:91:e2:17:58:52:6e:23: a3:2d:08:c0:e0:dc:04:02:94:b7:ab:01:06:6f:9a:7a:08:fc: ae:ae:7c:91:9e:a4:3e:06:dc:03:98:55:1b:d2:52:26:d3:73: 0a:17:21:63:44:68:59:d4:41:15:03:44:5b:15:30:50:e3:28: 80:8b:26:b9:3f:c8:ab:7e:57:12:09:49:ac:12:24:d6:67:46: 3a:81:bc:97 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUS277FwQrFALFJtZ6gtKp87Q78ycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwM1oX DTI3MDEwNzExMDAwM1owMzExMC8GA1UEAxMoMTAwODI3NUNDOEU3RkY4NzA3MDI2 MjdGODhCQzFCNjY4MEIyODMyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDwroynTw7WLMvVk2vxco45ckF8UXeiJooCG3exCzPCgKJTRvy4TPTqWe7X m7VPNPruxU6UxQkjb/2nlCjJDroGWPKRuAb6/I48EoZ2RWqfi+xtkqdE2DVNbKhe CFLqH6nxpXhaaVqyJU/YwPldiJPPZ6Q+jj01Vq6qzbY0UG1iETcsRMxR0cRKIXr3 uuHG/ut6M8qQUlxxQpP9+xWicmMf+3g94IpGKV2xgp0ydJBqnpIvgU+r23wmD+I9 xyH5B6SMeCMnZCqpEFz2sV1TYr+f4ZmaD65vq698WQOPL0NDTgfGRLFmyt6VWbP7 XJg6yAoR9SA5t1fEj3NxXC0zFJUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQQCCdc yOf/hwcCYn+IvBtmgLKDLzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0U5jANBgkqhkiG9w0BAQsFAAOCAQEAfEXDEzElpFDbkvCDP7Rk rzPNjDL+0wJvZRvn36l1tRc0qZjIdW4IpbAG2/9X6KwBll6kQnW+JWeutOjDWQ74 bLHwv0rn+g8ouQ5TS5XW9LbuIna0sZKbEefZtzByMt2ZxYBxxlzY6W7OdAMVmdcL mcxdELlod4uu3qfzPLnucI+148mB+iyHQuAhN4V4idBMicdQ0A2uEV8SW6sUhD0U IWsIPLv6rG8uyv4t3cOR4hdYUm4joy0IwODcBAKUt6sBBm+aegj8rq58kZ6kPgbc A5hVG9JSJtNzChchY0RoWdRBFQNEWxUwUOMogIsmuT/Iq35XEglJrBIk1mdGOoG8 lw== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:31 2026 by rpki-client