$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa File: AS152432.roa (raw, json) Hash identifier: vAdkLmiLQw47qXkgXvcY1msdPf0CJaPrvjY4R++kKCQ= Subject key identifier: 42:F2:18:A0:6F:E8:23:39:A1:F0:3E:45:9A:94:CB:36:34:34:DA:9D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 47E5DBBE8A5134B4657F01D38238B4A368ECD644 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa Signing time: Thu 06 Feb 2025 10:44:52 +0000 ROA not before: Thu 06 Feb 2025 10:39:52 +0000 ROA not after: Thu 05 Feb 2026 10:44:52 +0000 asID: 152432 IP address blocks: 157.20.237.0/24 maxlen: 24 160.20.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:e5:db:be:8a:51:34:b4:65:7f:01:d3:82:38:b4:a3:68:ec:d6:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:52 2025 GMT Not After : Feb 5 10:44:52 2026 GMT Subject: CN=42F218A06FE82339A1F03E459A94CB363434DA9D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:f7:9e:90:5a:db:23:7e:dc:32:fb:23:ba: e2:37:bb:64:0a:36:e0:64:28:06:c0:af:79:98:58: 94:71:0c:1f:95:7f:81:4c:2d:8c:e0:90:46:f5:1e: a4:52:ff:ec:41:49:67:02:b7:b1:75:1a:7d:8b:d9: ac:c1:12:6d:61:3b:0a:d2:23:2c:be:c0:a4:9d:49: 32:aa:eb:6b:bb:d0:cb:34:90:f4:5c:34:71:9c:09: a8:e1:82:d4:90:2a:23:32:8b:53:fe:9e:b9:f9:af: ce:cd:95:53:ee:1f:8a:f4:d6:d8:9b:cb:80:a9:0e: 31:8c:87:dd:93:15:1e:7c:9c:8b:3a:bf:9e:e1:5a: 1d:3f:8b:4e:81:58:55:13:55:e0:04:6a:be:24:97: a7:0b:e1:0a:ff:7c:db:9f:09:15:57:46:74:8e:72: b2:64:5b:41:c1:42:72:b1:8b:5f:b4:2f:7d:e5:bc: 94:d7:f2:48:df:ad:26:70:b3:76:81:1f:a8:bd:a0: 11:fe:f0:91:76:0e:53:62:3b:fb:3d:57:df:6b:90: ab:90:20:c3:fd:7b:b8:46:e4:bd:a1:5c:a8:59:7e: 5e:23:3b:ed:ba:29:b9:35:12:1c:4a:1a:ba:1e:fe: e2:97:28:93:d4:6c:b9:73:18:4d:4e:f7:7e:71:f2: b9:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F2:18:A0:6F:E8:23:39:A1:F0:3E:45:9A:94:CB:36:34:34:DA:9D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.237.0/24 160.20.212.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:41:eb:91:3d:0f:c5:a2:db:24:b4:0b:6c:e6:84:ed:59:87: 44:94:76:e6:ee:34:02:2f:5c:e9:06:76:31:68:26:f3:fb:44: e3:2e:18:d5:86:4f:06:4a:7c:5a:00:a2:fe:6f:c8:47:17:ca: 2a:4c:7f:91:94:47:fc:ac:44:40:2a:ca:6c:b9:b2:d1:1a:d7: 7a:3f:28:ec:98:58:45:7f:da:87:e0:1c:21:02:0e:a8:45:3d: 21:3e:74:61:0f:b4:ac:4d:ff:28:34:39:be:71:fe:5b:32:66: 7e:69:d6:8c:f6:56:61:45:a9:86:b1:22:18:14:1e:74:4a:6b: 87:0e:d2:1f:e8:42:69:ba:e9:d7:bd:8e:5f:7d:1a:08:d2:7e: 26:d1:e2:34:98:a0:81:59:ef:87:97:64:b5:55:58:16:31:12: 68:b8:49:82:92:95:11:67:14:09:c2:c0:cc:2f:ed:d3:c2:36: 27:db:04:ee:b1:d6:45:f0:44:bd:d2:6e:d4:55:ef:d0:1a:ab: 59:ee:fb:43:3d:0e:d6:73:66:50:da:df:95:26:89:fb:e6:86: f8:61:4b:80:77:7a:a5:a0:59:7b:c5:ac:65:74:12:bd:e7:ad: 21:a7:0f:b6:c5:ec:5b:6a:d8:f5:5f:20:df:ca:b6:8b:f5:af: d5:01:ef:e8 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUR+XbvopRNLRlfwHTgji0o2js1kQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MloX DTI2MDIwNTEwNDQ1MlowMzExMC8GA1UEAxMoNDJGMjE4QTA2RkU4MjMzOUExRjAz RTQ1OUE5NENCMzYzNDM0REE5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSM956QWtsjftwy+yO64je7ZAo24GQoBsCveZhYlHEMH5V/gUwtjOCQRvUe pFL/7EFJZwK3sXUafYvZrMESbWE7CtIjLL7ApJ1JMqrra7vQyzSQ9Fw0cZwJqOGC 1JAqIzKLU/6eufmvzs2VU+4fivTW2JvLgKkOMYyH3ZMVHnycizq/nuFaHT+LToFY VRNV4ARqviSXpwvhCv98258JFVdGdI5ysmRbQcFCcrGLX7QvfeW8lNfySN+tJnCz doEfqL2gEf7wkXYOU2I7+z1X32uQq5Agw/17uEbkvaFcqFl+XiM77bopuTUSHEoa uh7+4pcok9RsuXMYTU73fnHyueECAwEAAaOCAdYwggHSMB0GA1UdDgQWBBRC8hig b+gjOaHwPkWalMs2NDTanTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAJ0U7QMEAKAU1DANBgkqhkiG9w0BAQsFAAOCAQEAH0HrkT0PxaLb JLQLbOaE7VmHRJR25u40Ai9c6QZ2MWgm8/tE4y4Y1YZPBkp8WgCi/m/IRxfKKkx/ kZRH/KxEQCrKbLmy0RrXej8o7JhYRX/ah+AcIQIOqEU9IT50YQ+0rE3/KDQ5vnH+ WzJmfmnWjPZWYUWphrEiGBQedEprhw7SH+hCabrp172OX30aCNJ+JtHiNJiggVnv h5dktVVYFjESaLhJgpKVEWcUCcLAzC/t08I2J9sE7rHWRfBEvdJu1FXv0BqrWe77 Qz0O1nNmUNrflSaJ++aG+GFLgHd6paBZe8WsZXQSveetIacPtsXsW2rY9V8g38q2 i/Wv1QHv6A== -----END CERTIFICATE-----Generated at Wed Nov 5 02:06:14 2025 by rpki-client