$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152426.roa File: AS152426.roa (raw, json) Hash identifier: 2ILOJdAuvKZbimv83DwDosQtAn3qw8r3ypzve0q3mdc= Subject key identifier: 56:CD:A1:3A:28:29:5A:6E:67:E2:0D:34:A7:27:81:F8:AC:65:EA:A5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4F095C3EE3AC6AF091AE6C88743BC1EA816A4C4E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152426.roa Signing time: Mon 03 Nov 2025 07:00:00 +0000 ROA not before: Mon 03 Nov 2025 06:55:00 +0000 ROA not after: Mon 02 Nov 2026 07:00:00 +0000 asID: 152426 IP address blocks: 2001:df3:9cc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 07:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:09:5c:3e:e3:ac:6a:f0:91:ae:6c:88:74:3b:c1:ea:81:6a:4c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 3 06:55:00 2025 GMT Not After : Nov 2 07:00:00 2026 GMT Subject: CN=56CDA13A28295A6E67E20D34A72781F8AC65EAA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d4:1d:6f:f4:05:fa:55:af:99:3c:04:36:6f: b5:06:e1:93:4b:b0:98:96:7f:b7:94:3a:38:7b:cb: 86:af:b6:9f:06:15:6a:9d:e4:a1:43:59:04:5c:a2: 48:ee:ba:5d:5b:ba:34:9b:b9:3a:3c:6b:ef:c8:21: ee:cf:81:93:b6:f5:14:9a:10:4d:da:1d:09:8a:24: 3c:cf:5d:5b:7d:d3:e2:3b:22:86:5c:2c:c5:ae:3b: 28:2f:5f:00:a2:33:8b:43:4a:3a:97:8c:ab:05:c6: 16:32:df:aa:d4:ba:f4:52:c3:7c:8c:e5:38:ef:4c: 73:2e:8b:2a:72:32:4b:ae:ac:eb:a0:0f:48:25:82: 3c:8d:6c:a3:42:1e:aa:fa:d2:62:48:07:2a:4d:20: b0:2a:8e:89:30:7b:e8:26:bb:b5:79:a4:61:a8:fa: 98:af:28:df:50:f8:60:be:90:cd:e0:45:c8:45:62: 43:9c:c2:c9:c6:2b:53:13:dd:6a:95:0b:fd:2e:f6: dc:2e:99:56:32:61:98:78:b3:3d:f8:0e:c5:f8:63: a5:d1:c9:00:6e:44:7c:1f:ea:91:8d:e6:6a:85:ad: f0:ca:b7:68:af:6f:c7:3c:f2:66:df:64:b9:5c:07: bd:14:00:d4:ea:06:e2:c7:3f:96:c6:7d:61:2a:bc: 31:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:CD:A1:3A:28:29:5A:6E:67:E2:0D:34:A7:27:81:F8:AC:65:EA:A5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152426.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:9cc0::/48 Signature Algorithm: sha256WithRSAEncryption 33:91:ad:64:82:b3:39:9c:7d:d2:08:87:ca:3c:d5:1d:b9:07: 15:c6:17:5c:42:9b:a8:6d:6b:4c:05:e4:99:38:32:4e:58:66: 7c:5a:c7:9f:7d:1a:2f:cf:d7:fe:c9:36:c6:f1:f3:94:d2:66: d2:8c:1d:bf:9a:a9:ef:b3:88:21:c4:60:e5:d3:8a:18:41:3f: c0:e4:07:f6:ae:3b:e7:e8:cc:6c:8c:02:d2:27:8e:b6:fc:b2: 2b:29:c5:e2:77:f0:89:75:04:e4:bd:a8:a8:e8:7f:88:51:17: a9:b6:57:8e:22:99:00:23:c1:b7:4f:a6:85:6a:73:21:e7:17: 5b:bc:6a:2b:b3:2e:3b:ba:9b:95:a6:d7:65:f9:4c:7f:5c:32: 55:5a:02:6c:7b:db:0e:75:38:52:3a:d6:d8:1a:7b:1c:9a:05: 17:39:8c:1e:c5:4d:d0:9d:92:45:a9:8b:81:cc:cc:e0:6b:31: f9:f7:39:0f:b5:12:2e:5b:1b:b0:ce:1b:82:51:b6:53:53:06: 97:82:c9:a8:9c:bc:eb:12:d1:4a:5d:b6:71:cd:98:4e:b2:3c: 1f:37:05:1b:1e:15:9d:21:56:0c:8d:f4:3b:af:97:78:00:dd: b4:3b:85:6f:e5:c8:36:a6:9b:38:fe:21:30:35:fc:04:af:49: 7f:ee:62:de -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUTwlcPuOsavCRrmyIdDvB6oFqTE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwMzA2NTUwMFoX DTI2MTEwMjA3MDAwMFowMzExMC8GA1UEAxMoNTZDREExM0EyODI5NUE2RTY3RTIw RDM0QTcyNzgxRjhBQzY1RUFBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjUHW/0BfpVr5k8BDZvtQbhk0uwmJZ/t5Q6OHvLhq+2nwYVap3koUNZBFyi SO66XVu6NJu5Ojxr78gh7s+Bk7b1FJoQTdodCYokPM9dW33T4jsihlwsxa47KC9f AKIzi0NKOpeMqwXGFjLfqtS69FLDfIzlOO9Mcy6LKnIyS66s66APSCWCPI1so0Ie qvrSYkgHKk0gsCqOiTB76Ca7tXmkYaj6mK8o31D4YL6QzeBFyEViQ5zCycYrUxPd apUL/S723C6ZVjJhmHizPfgOxfhjpdHJAG5EfB/qkY3maoWt8Mq3aK9vxzzyZt9k uVwHvRQA1OoG4sc/lsZ9YSq8MUsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRWzaE6 KClabmfiDTSnJ4H4rGXqpTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjQyNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOcwDANBgkqhkiG9w0BAQsFAAOCAQEAM5GtZIKzOZx90giH yjzVHbkHFcYXXEKbqG1rTAXkmTgyTlhmfFrHn30aL8/X/sk2xvHzlNJm0owdv5qp 77OIIcRg5dOKGEE/wOQH9q475+jMbIwC0ieOtvyyKynF4nfwiXUE5L2oqOh/iFEX qbZXjiKZACPBt0+mhWpzIecXW7xqK7MuO7qblabXZflMf1wyVVoCbHvbDnU4UjrW 2Bp7HJoFFzmMHsVN0J2SRamLgczM4Gsx+fc5D7USLlsbsM4bglG2U1MGl4LJqJy8 6xLRSl22cc2YTrI8HzcFGx4VnSFWDI30O6+XeADdtDuFb+XINqabOP4hMDX8BK9J f+5i3g== -----END CERTIFICATE-----Generated at Tue Nov 4 01:58:44 2025 by rpki-client