$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152424.roa File: AS152424.roa (raw, json) Hash identifier: /6KYO9955C4pQk12VQNfrmDOqAElivV/U/aJoCiZejI= Subject key identifier: 33:DA:10:73:E8:76:F6:B9:AF:29:B3:20:8A:4B:09:05:11:B3:1C:40 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 06C962B6843F482759ADD309858D836D58FDE03C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152424.roa Signing time: Wed 15 Oct 2025 08:20:19 +0000 ROA not before: Wed 15 Oct 2025 08:15:19 +0000 ROA not after: Wed 14 Oct 2026 08:20:19 +0000 asID: 152424 IP address blocks: 157.20.34.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:c9:62:b6:84:3f:48:27:59:ad:d3:09:85:8d:83:6d:58:fd:e0:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 15 08:15:19 2025 GMT Not After : Oct 14 08:20:19 2026 GMT Subject: CN=33DA1073E876F6B9AF29B3208A4B090511B31C40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e3:8c:a2:bd:ff:d8:5d:4a:b6:c7:ef:b4:32: c2:f0:47:2a:7a:07:c5:55:c9:b8:f8:65:eb:ed:38: 5a:8a:b7:b4:10:10:8c:2a:d2:ce:c7:15:2d:64:61: 4b:b4:db:43:68:f1:86:dd:2d:a0:4b:3d:bb:f7:cd: 8b:2e:ca:8e:5d:2b:39:5b:c7:40:d6:e6:51:29:aa: 43:5f:9c:fd:a0:f8:9c:4b:47:0c:c7:63:4b:15:1a: 74:58:ef:3d:23:b8:6f:75:eb:fb:3f:a2:c6:f0:04: ce:3f:7c:0b:07:01:c3:90:bc:70:99:0f:2f:db:0c: 5d:4b:3c:3b:3b:a5:51:d7:f7:77:3c:54:3d:c4:61: 43:e6:f0:5e:8d:43:6b:e5:ed:90:e6:23:24:81:8d: 85:3c:d0:40:07:52:0b:73:d2:2f:c9:21:33:31:31: a2:2f:32:a9:79:3a:b3:0e:48:3b:a5:7f:6c:05:80: 33:c9:80:7f:8f:d5:ce:d2:13:0a:77:9b:08:82:64: 45:71:41:80:11:0e:f4:fa:d0:c9:c2:7e:e7:43:5d: 37:c0:da:51:2b:a5:9f:43:ab:fb:c2:91:7d:af:5a: 89:9a:dd:22:15:47:29:a8:54:8a:f4:e6:e4:5b:4e: d5:4c:9d:3a:2a:1a:5c:68:84:cc:01:b6:24:98:1c: 44:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:DA:10:73:E8:76:F6:B9:AF:29:B3:20:8A:4B:09:05:11:B3:1C:40 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152424.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.34.0/23 Signature Algorithm: sha256WithRSAEncryption 06:db:05:4c:ee:eb:50:73:2f:c7:fc:27:f9:54:fe:57:6d:33: d7:a6:b9:a4:8c:65:5b:9d:4b:cc:bc:20:1d:c9:8b:e9:de:c4: 0d:c0:8a:9a:ef:b3:fb:84:24:94:55:88:b5:0b:66:f9:67:b4: 88:ae:39:4b:f4:3f:cf:8d:3d:35:30:06:9c:0f:e0:a7:31:b3: d6:ee:45:b1:a7:7c:4a:9f:a4:5f:34:6d:28:0e:ea:41:13:a6: df:b6:29:b7:b4:82:6a:5b:ac:a5:d1:e7:66:37:3f:dd:6f:b6: 30:a1:ae:37:1d:3f:9d:8b:15:64:1b:11:d7:92:4e:ef:4b:9c: 5e:8b:3e:87:78:b2:d5:3b:80:2c:39:1a:54:18:61:39:c1:21: 83:e2:0a:81:40:eb:2c:5e:9b:4e:f1:cc:cb:c9:49:37:09:d6: e1:d0:ee:25:72:cb:e8:b3:5f:e4:9f:a0:d0:7c:eb:5b:8e:4e: 11:26:ef:3d:40:ba:3f:c1:e8:0c:c5:fa:6b:13:99:42:08:02: a7:b7:61:e8:7e:cb:a0:91:dc:45:60:b1:49:0c:55:8a:96:53: b8:d5:f7:ca:62:f4:d2:05:d0:3b:ff:9b:40:fe:c7:17:97:6f: cb:6c:8c:30:d7:1f:42:a7:68:60:48:60:30:b2:94:e9:2e:65: 88:86:31:22 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUBslitoQ/SCdZrdMJhY2DbVj94DwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxNTA4MTUxOVoX DTI2MTAxNDA4MjAxOVowMzExMC8GA1UEAxMoMzNEQTEwNzNFODc2RjZCOUFGMjlC MzIwOEE0QjA5MDUxMUIzMUM0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANbjjKK9/9hdSrbH77QywvBHKnoHxVXJuPhl6+04Woq3tBAQjCrSzscVLWRh S7TbQ2jxht0toEs9u/fNiy7Kjl0rOVvHQNbmUSmqQ1+c/aD4nEtHDMdjSxUadFjv PSO4b3Xr+z+ixvAEzj98CwcBw5C8cJkPL9sMXUs8OzulUdf3dzxUPcRhQ+bwXo1D a+XtkOYjJIGNhTzQQAdSC3PSL8khMzExoi8yqXk6sw5IO6V/bAWAM8mAf4/VztIT CnebCIJkRXFBgBEO9PrQycJ+50NdN8DaUSuln0Or+8KRfa9aiZrdIhVHKahUivTm 5FtO1UydOioaXGiEzAG2JJgcRGECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQz2hBz 6Hb2ua8psyCKSwkFEbMcQDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UIjANBgkqhkiG9w0BAQsFAAOCAQEABtsFTO7rUHMvx/wn+VT+ V20z16a5pIxlW51LzLwgHcmL6d7EDcCKmu+z+4QklFWItQtm+We0iK45S/Q/z409 NTAGnA/gpzGz1u5Fsad8Sp+kXzRtKA7qQROm37Ypt7SCaluspdHnZjc/3W+2MKGu Nx0/nYsVZBsR15JO70ucXos+h3iy1TuALDkaVBhhOcEhg+IKgUDrLF6bTvHMy8lJ NwnW4dDuJXLL6LNf5J+g0HzrW45OESbvPUC6P8HoDMX6axOZQggCp7dh6H7LoJHc RWCxSQxVipZTuNX3ymL00gXQO/+bQP7HF5dvy2yMMNcfQqdoYEhgMLKU6S5liIYx Ig== -----END CERTIFICATE-----Generated at Mon Oct 20 13:29:29 2025 by rpki-client