$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa File: AS152432.roa (raw, json) Hash identifier: P6dpufp1qFu7rwpU37DWW9E/GgUlIsA0jm8epu5dmkM= Subject key identifier: C0:B6:35:74:1F:E7:23:A9:AC:AF:D6:8E:1F:08:2D:29:2C:F8:DA:41 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4A90544082C2855C648D1D8DBFB73ABD277B6AEA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa Signing time: Wed 14 Jan 2026 02:06:57 +0000 ROA not before: Wed 14 Jan 2026 02:01:57 +0000 ROA not after: Wed 13 Jan 2027 02:06:57 +0000 asID: 152432 IP address blocks: 157.20.237.0/24 maxlen: 24 160.20.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:90:54:40:82:c2:85:5c:64:8d:1d:8d:bf:b7:3a:bd:27:7b:6a:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 14 02:01:57 2026 GMT Not After : Jan 13 02:06:57 2027 GMT Subject: CN=C0B635741FE723A9ACAFD68E1F082D292CF8DA41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6d:76:80:26:2b:ea:88:d8:36:92:17:2a:24: 50:b8:29:f0:c5:9e:74:ca:bf:d6:47:b8:c9:bd:ed: 7f:c7:90:fd:38:e2:5c:2f:73:17:54:75:1e:6b:33: 7c:24:e5:ef:93:87:2a:bd:d5:9a:30:c9:ac:e5:20: 8a:b3:eb:98:91:2b:fb:a5:a3:58:fc:c0:b6:1f:4b: 02:bd:bf:9e:e3:c6:f8:55:19:1e:79:cc:40:65:5c: 0e:12:a2:c4:f8:97:2e:dd:ef:69:d2:98:18:8f:0e: a0:2e:4a:b2:ab:5a:00:7b:06:ef:9c:e7:d5:62:c4: 03:95:bf:b5:66:a0:66:2e:b8:0b:43:24:42:48:d1: 6a:95:fa:c0:f9:e1:53:32:ec:70:06:41:74:4e:22: 77:63:c2:d9:49:bb:0d:47:c8:b9:1e:20:9d:41:e8: 17:e3:e0:9f:79:14:e0:3d:7e:4e:6c:64:79:cb:52: 46:4a:74:e5:ba:27:15:dc:e0:65:34:9f:d0:85:71: 96:65:2c:13:7d:89:53:ff:75:c0:41:b5:2e:80:fd: d5:39:b0:51:37:d5:b2:7c:b6:57:e2:c6:fc:2b:84: ab:c1:03:82:ba:77:87:df:67:8a:d2:03:cc:e1:ec: af:e2:c8:91:9e:3e:6a:7c:cb:46:a5:b2:44:76:c8: cc:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:B6:35:74:1F:E7:23:A9:AC:AF:D6:8E:1F:08:2D:29:2C:F8:DA:41 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.237.0/24 160.20.212.0/24 Signature Algorithm: sha256WithRSAEncryption 74:1f:c8:a6:81:e9:02:0e:8e:5b:40:18:8e:30:3a:36:0a:ec: 85:49:a9:bb:40:7c:b7:d5:3b:1e:d7:b7:ba:69:de:ab:27:bb: f1:86:67:df:7d:f4:10:71:0f:a3:04:84:b8:81:b1:7d:ae:ff: c1:82:d9:f3:2a:8f:fa:55:f0:bc:aa:74:10:b5:79:06:0a:62: 5c:fa:aa:e9:c2:11:05:03:1a:5d:5a:f2:a6:33:9f:12:9e:4d: a5:aa:6d:f4:8d:1e:5d:2c:f8:76:7d:b8:ab:2a:05:e0:9e:f4: 3b:48:ca:5c:05:bd:5c:df:e3:84:5f:46:1c:bb:89:91:e8:c8: 8d:86:a4:bb:f4:3f:e5:c1:5f:2b:92:27:83:a9:0c:99:74:30: 2a:ef:88:67:35:d5:d7:3d:a0:73:fb:84:ae:4a:3b:f0:2f:22: 91:cb:fc:6a:c8:5d:8b:30:65:24:fc:5d:f2:ec:c3:48:97:7a: 3d:ca:a7:03:ff:6d:e1:c0:11:07:24:eb:47:5f:d2:b1:d3:e5: 13:c0:64:e4:12:bf:5f:75:20:11:f6:18:e0:8c:76:e2:fa:8f: 98:a8:f2:a9:3c:af:29:d9:3a:b6:8b:43:66:e0:0a:88:e7:98: 03:95:6d:5c:af:8f:26:ec:65:d0:8b:fb:53:f7:2e:5c:19:26: 1a:5e:72:05 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUSpBUQILChVxkjR2Nv7c6vSd7auowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDExNDAyMDE1N1oX DTI3MDExMzAyMDY1N1owMzExMC8GA1UEAxMoQzBCNjM1NzQxRkU3MjNBOUFDQUZE NjhFMUYwODJEMjkyQ0Y4REE0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKptdoAmK+qI2DaSFyokULgp8MWedMq/1ke4yb3tf8eQ/TjiXC9zF1R1Hmsz fCTl75OHKr3VmjDJrOUgirPrmJEr+6WjWPzAth9LAr2/nuPG+FUZHnnMQGVcDhKi xPiXLt3vadKYGI8OoC5KsqtaAHsG75zn1WLEA5W/tWagZi64C0MkQkjRapX6wPnh UzLscAZBdE4id2PC2Um7DUfIuR4gnUHoF+Pgn3kU4D1+TmxkectSRkp05bonFdzg ZTSf0IVxlmUsE32JU/91wEG1LoD91TmwUTfVsny2V+LG/CuEq8EDgrp3h99nitID zOHsr+LIkZ4+anzLRqWyRHbIzCsCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBTAtjV0 H+cjqayv1o4fCC0pLPjaQTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAJ0U7QMEAKAU1DANBgkqhkiG9w0BAQsFAAOCAQEAdB/IpoHpAg6O W0AYjjA6NgrshUmpu0B8t9U7Hte3umneqye78YZn3330EHEPowSEuIGxfa7/wYLZ 8yqP+lXwvKp0ELV5BgpiXPqq6cIRBQMaXVrypjOfEp5Npapt9I0eXSz4dn24qyoF 4J70O0jKXAW9XN/jhF9GHLuJkejIjYaku/Q/5cFfK5Ing6kMmXQwKu+IZzXV1z2g c/uErko78C8ikcv8ashdizBlJPxd8uzDSJd6PcqnA/9t4cARByTrR1/SsdPlE8Bk 5BK/X3UgEfYY4Ix24vqPmKjyqTyvKdk6totDZuAKiOeYA5VtXK+PJuxl0Iv7U/cu XBkmGl5yBQ== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:51 2026 by rpki-client