$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152358.roa File: AS152358.roa (raw, json) Hash identifier: jnX2vEYTNQdZzidb7i+QmIEXnHdvVoPubjbByl95Q1A= Subject key identifier: 55:0C:78:26:AF:B2:F4:34:51:77:89:98:73:2B:D3:BD:76:0A:9F:2F Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 07B947846E626996061430D8B08827905564C5ED Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152358.roa Signing time: Wed 18 Mar 2026 04:10:52 +0000 ROA not before: Wed 18 Mar 2026 04:05:52 +0000 ROA not after: Wed 17 Mar 2027 04:10:52 +0000 asID: 152358 IP address blocks: 157.15.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 22:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:b9:47:84:6e:62:69:96:06:14:30:d8:b0:88:27:90:55:64:c5:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 18 04:05:52 2026 GMT Not After : Mar 17 04:10:52 2027 GMT Subject: CN=550C7826AFB2F43451778998732BD3BD760A9F2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:a6:48:c8:fe:23:3a:0f:2b:2d:53:71:2e:d2: c1:3d:4b:fb:2f:7a:ba:68:42:06:d2:ec:68:fe:7e: de:1f:d5:5f:34:00:2e:69:99:1d:26:05:80:f5:ea: c5:ae:04:99:59:70:7c:ae:e1:03:88:08:24:0f:65: 67:30:f6:4a:4d:df:59:24:9c:73:42:ac:d5:83:3a: 4d:cd:f4:d4:be:13:8e:b3:e1:1b:48:2a:05:37:55: f3:e4:31:62:aa:09:39:a8:4d:6a:d6:fc:74:59:64: d4:a2:59:27:f5:01:c3:5d:36:c8:49:8b:99:e6:07: 20:0c:50:a1:9c:4a:0a:12:1c:91:ba:f2:a0:73:fe: f3:3a:fb:e3:c4:bb:e5:9a:da:56:f8:ea:37:73:98: 70:90:8d:7c:e4:44:79:4d:20:b6:47:ea:43:a6:5c: 67:1b:f7:9f:1c:64:03:27:33:d6:4d:f3:ea:4b:fd: 9d:8f:3d:8e:8c:96:bf:3a:9d:49:ad:70:78:8d:51: a1:be:e1:81:3a:4f:75:52:d8:cd:40:17:3a:b0:da: 49:64:69:dd:0a:10:d8:74:77:6d:17:bc:a7:7a:96: 1f:7b:9a:d8:9a:74:1f:e0:d3:09:40:6a:70:d5:c4: 7b:f4:7e:54:27:e5:77:fc:bb:19:2f:a0:52:2b:9b: 23:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:0C:78:26:AF:B2:F4:34:51:77:89:98:73:2B:D3:BD:76:0A:9F:2F X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152358.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.4.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:0c:c6:a3:72:90:63:29:5c:c3:e0:45:da:41:33:1a:ee:85: 6e:8c:b9:63:49:9e:23:79:e6:27:86:91:36:7e:ba:57:28:63: 2d:c0:c1:5d:29:d8:51:20:cf:9b:7c:6e:a8:ea:96:7e:e6:87: c3:55:77:08:fa:f3:3c:7b:63:94:7c:8a:ac:42:d7:d5:be:67: 24:d8:1e:8c:fa:de:94:16:bf:e5:c5:bb:02:88:b8:30:b5:0e: 1d:f6:da:ec:d7:87:e0:f3:41:48:d9:0e:ea:3f:57:3f:2c:61: 8a:22:da:3c:89:cb:31:5a:1a:82:e1:76:09:a0:46:fd:c7:de: b4:5b:98:08:09:e7:e5:6a:89:bd:21:8d:23:88:26:ae:c6:69: da:00:d3:25:da:b0:37:2c:c3:57:8c:82:66:f0:94:ea:d8:b3: f3:61:ef:3c:ae:40:19:10:17:25:7b:47:84:1a:db:11:52:e1: 52:13:ec:2e:db:5b:d6:2a:ed:ad:78:4e:75:2c:3c:6d:68:52: 30:3e:b9:35:af:37:e4:0a:71:2f:1d:24:99:5c:2d:fa:4f:84: cf:de:5c:0d:63:0d:43:c6:43:4d:5f:c6:59:16:59:29:15:de: 06:76:0c:30:f0:79:b2:a9:20:c8:97:9a:cd:ea:5f:ee:c5:a2: eb:cb:7b:91 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUB7lHhG5iaZYGFDDYsIgnkFVkxe0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMxODA0MDU1MloX DTI3MDMxNzA0MTA1MlowMzExMC8GA1UEAxMoNTUwQzc4MjZBRkIyRjQzNDUxNzc4 OTk4NzMyQkQzQkQ3NjBBOUYyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmmSMj+IzoPKy1TcS7SwT1L+y96umhCBtLsaP5+3h/VXzQALmmZHSYFgPXq xa4EmVlwfK7hA4gIJA9lZzD2Sk3fWSScc0Ks1YM6Tc301L4TjrPhG0gqBTdV8+Qx YqoJOahNatb8dFlk1KJZJ/UBw102yEmLmeYHIAxQoZxKChIckbryoHP+8zr748S7 5ZraVvjqN3OYcJCNfOREeU0gtkfqQ6ZcZxv3nxxkAycz1k3z6kv9nY89joyWvzqd Sa1weI1Rob7hgTpPdVLYzUAXOrDaSWRp3QoQ2HR3bRe8p3qWH3ua2Jp0H+DTCUBq cNXEe/R+VCfld/y7GS+gUiubI4kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRVDHgm r7L0NFF3iZhzK9O9dgqfLzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM1OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0PBDANBgkqhkiG9w0BAQsFAAOCAQEAjgzGo3KQYylcw+BF2kEz Gu6Fboy5Y0meI3nmJ4aRNn66VyhjLcDBXSnYUSDPm3xuqOqWfuaHw1V3CPrzPHtj lHyKrELX1b5nJNgejPrelBa/5cW7Aoi4MLUOHfba7NeH4PNBSNkO6j9XPyxhiiLa PInLMVoaguF2CaBG/cfetFuYCAnn5WqJvSGNI4gmrsZp2gDTJdqwNyzDV4yCZvCU 6tiz82HvPK5AGRAXJXtHhBrbEVLhUhPsLttb1irtrXhOdSw8bWhSMD65Na835Apx Lx0kmVwt+k+Ez95cDWMNQ8ZDTV/GWRZZKRXeBnYMMPB5sqkgyJeazepf7sWi68t7 kQ== -----END CERTIFICATE-----Generated at Thu Mar 26 20:40:49 2026 by rpki-client