$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152438.roa File: AS152438.roa (raw, json) Hash identifier: 3FvrCYyYRxZuluhRG7VClr/CR//WVA/+eVCwmkqZzsI= Subject key identifier: 44:09:DB:6C:37:B6:43:8F:CE:CD:5B:50:2F:B4:03:D9:16:A5:F6:9D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 51821D14B88BDCBFBD49EEEB8A4AB90280450EC4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152438.roa Signing time: Thu 08 Jan 2026 11:00:07 +0000 ROA not before: Thu 08 Jan 2026 10:55:07 +0000 ROA not after: Thu 07 Jan 2027 11:00:07 +0000 asID: 152438 IP address blocks: 157.66.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:82:1d:14:b8:8b:dc:bf:bd:49:ee:eb:8a:4a:b9:02:80:45:0e:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:07 2026 GMT Not After : Jan 7 11:00:07 2027 GMT Subject: CN=4409DB6C37B6438FCECD5B502FB403D916A5F69D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b2:7c:1e:48:ac:cb:cd:cf:31:b8:2e:d0:66: 26:49:f9:e7:22:1e:a3:16:88:fb:be:16:33:b1:96: dc:dc:82:da:0a:93:d2:8d:26:9b:ee:e0:93:3a:b4: fa:37:16:e6:01:a0:20:5a:b2:ed:b1:e3:2f:7c:0b: 1a:7b:32:f3:2e:0e:24:da:62:bf:60:d7:6e:0b:af: fb:cd:3a:e8:a2:1f:4a:0c:87:d6:04:6e:19:c4:46: 85:d0:88:97:93:25:cf:ff:2f:e5:a9:c5:ea:53:6b: e3:c8:69:a6:99:7f:7a:49:b9:9f:4a:d1:b5:50:ae: 7d:0b:dd:b0:d2:a0:f7:7f:34:8c:6c:76:ab:ba:80: c9:48:43:03:90:9e:21:84:ce:7c:4e:9c:b9:3f:61: 77:d2:ef:14:c4:bc:7a:6d:01:61:cb:75:37:7f:15: f5:ce:c9:59:d8:10:e9:0a:61:66:35:59:8a:c2:24: 9c:21:5a:9e:7b:e4:66:f4:0d:21:93:87:2b:e4:c7: e6:c9:f3:02:63:33:de:d1:cb:fa:71:2b:7a:29:2e: a3:c8:d5:4c:3a:85:78:d8:dc:90:b1:d4:17:10:b5: 21:02:28:dc:64:be:c1:08:ad:09:b0:26:29:29:da: 56:a1:1d:12:01:3d:7e:59:1f:2c:05:6d:80:2c:cc: fc:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:09:DB:6C:37:B6:43:8F:CE:CD:5B:50:2F:B4:03:D9:16:A5:F6:9D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152438.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.50.0/23 Signature Algorithm: sha256WithRSAEncryption 74:31:94:bf:71:12:f0:b5:96:04:10:b7:eb:a9:f4:fb:be:0a: 33:0e:fb:a3:fe:fc:11:d4:0c:06:6e:24:d0:02:83:2e:fb:6c: 0c:d3:84:2d:7b:73:68:b5:e8:9f:0b:e8:d3:a9:99:ae:7a:89: 49:2f:c8:20:3f:b9:ed:59:9c:8f:ed:a7:1d:95:89:87:87:91: 27:b4:8a:0b:df:51:ec:78:23:d7:4f:16:56:26:d2:29:b3:1e: 9c:86:97:60:32:1a:e7:f3:9a:c9:04:87:48:a3:f9:7f:78:96: 3c:ec:0f:c5:b2:16:56:70:3f:5e:ec:d1:37:3e:30:09:ad:3a: 70:b7:d3:00:76:52:50:a3:35:83:d8:e5:9a:66:78:ae:04:5c: 00:7a:d0:34:c4:f4:62:68:97:3e:52:26:95:40:c1:91:ac:3f: 4e:5a:be:8f:b3:d6:43:9d:82:a2:06:f2:bf:3a:96:ee:17:92: e5:3e:21:f4:83:48:90:38:b6:fb:c2:79:e5:d9:e9:39:9b:ef: aa:d0:37:6a:1e:0e:6c:7d:9a:8f:88:32:18:b2:c1:8c:95:26: 5c:4d:0d:b3:f6:c7:30:f2:bc:1e:4d:71:d8:9a:21:c9:47:90: cc:7b:cf:0d:b4:f4:f9:0f:4b:87:56:ba:bc:ca:18:58:4e:d0: 4e:f6:76:52 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUYIdFLiL3L+9Se7rikq5AoBFDsQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwN1oX DTI3MDEwNzExMDAwN1owMzExMC8GA1UEAxMoNDQwOURCNkMzN0I2NDM4RkNFQ0Q1 QjUwMkZCNDAzRDkxNkE1RjY5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqyfB5IrMvNzzG4LtBmJkn55yIeoxaI+74WM7GW3NyC2gqT0o0mm+7gkzq0 +jcW5gGgIFqy7bHjL3wLGnsy8y4OJNpiv2DXbguv+8066KIfSgyH1gRuGcRGhdCI l5Mlz/8v5anF6lNr48hpppl/ekm5n0rRtVCufQvdsNKg9380jGx2q7qAyUhDA5Ce IYTOfE6cuT9hd9LvFMS8em0BYct1N38V9c7JWdgQ6QphZjVZisIknCFannvkZvQN IZOHK+TH5snzAmMz3tHL+nEreikuo8jVTDqFeNjckLHUFxC1IQIo3GS+wQitCbAm KSnaVqEdEgE9flkfLAVtgCzM/EcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRECdts N7ZDj87NW1AvtAPZFqX2nTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ1CMjANBgkqhkiG9w0BAQsFAAOCAQEAdDGUv3ES8LWWBBC366n0 +74KMw77o/78EdQMBm4k0AKDLvtsDNOELXtzaLXonwvo06mZrnqJSS/IID+57Vmc j+2nHZWJh4eRJ7SKC99R7Hgj108WVibSKbMenIaXYDIa5/OayQSHSKP5f3iWPOwP xbIWVnA/XuzRNz4wCa06cLfTAHZSUKM1g9jlmmZ4rgRcAHrQNMT0YmiXPlImlUDB kaw/Tlq+j7PWQ52CogbyvzqW7heS5T4h9INIkDi2+8J55dnpOZvvqtA3ah4ObH2a j4gyGLLBjJUmXE0Ns/bHMPK8Hk1x2JohyUeQzHvPDbT0+Q9Lh1a6vMoYWE7QTvZ2 Ug== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:26 2026 by rpki-client