$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152422.roa File: AS152422.roa (raw, json) Hash identifier: cp0EUV/+qPbwQGY86MbT3ZTK7SPnE7HPUZIrqoNJMyM= Subject key identifier: 10:D0:7B:1F:75:DB:F6:63:51:B2:86:68:0F:76:1F:E5:AB:D3:DB:49 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 29888D1C809C319DF0F4ADF2E3796D780050CCBC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152422.roa Signing time: Sun 03 May 2026 01:33:25 +0000 ROA not before: Sun 03 May 2026 01:28:25 +0000 ROA not after: Sun 02 May 2027 01:33:25 +0000 asID: 152422 IP address blocks: 157.20.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:88:8d:1c:80:9c:31:9d:f0:f4:ad:f2:e3:79:6d:78:00:50:cc:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:28:25 2026 GMT Not After : May 2 01:33:25 2027 GMT Subject: CN=10D07B1F75DBF66351B286680F761FE5ABD3DB49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c5:8b:e5:d7:5c:c1:d6:92:61:e9:fb:bd:ab: a7:af:62:f6:fe:c3:e5:50:a3:60:0a:8c:5e:79:cb: 31:96:9f:e1:f6:b8:85:81:71:1b:fb:6e:14:49:3f: 6a:13:23:c2:7a:7a:2b:d5:3f:55:ff:46:2c:e0:c2: 54:22:69:74:a5:62:36:6c:8f:3c:8a:b5:2d:33:d5: 7a:2f:f1:db:a6:74:8d:8b:96:ad:2d:4e:2a:66:3b: 33:a1:87:33:9a:d8:8c:98:c1:80:20:4f:27:d8:41: 0d:01:7d:c4:43:e2:09:96:27:30:04:ac:6a:ff:db: d1:ca:b1:90:e2:a2:6f:4d:03:03:8b:1c:73:53:d2: c4:01:11:8d:98:e9:6f:28:7a:ab:d3:62:52:c0:ca: e8:d8:1d:fa:0e:3c:7c:4d:05:da:9f:59:df:de:94: 96:3f:c2:9d:96:43:2e:03:ef:4e:b6:74:66:ad:52: 4b:92:03:1a:1b:83:43:ad:17:0f:50:29:d3:37:3e: 6b:e2:e2:46:da:f2:57:ac:a6:30:6f:8d:01:ff:3f: 66:06:e2:93:ec:92:96:bc:59:19:94:97:93:7c:86: a9:a9:4f:25:da:4d:74:eb:d1:12:b4:1c:07:cf:55: fc:14:2d:65:84:e2:9b:15:36:74:51:a7:f8:7e:f6: d1:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:D0:7B:1F:75:DB:F6:63:51:B2:86:68:0F:76:1F:E5:AB:D3:DB:49 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152422.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.189.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:b4:ad:b4:93:7d:54:fe:a2:c7:59:b4:8e:95:b7:d1:bf:b3: c2:fa:de:27:25:f7:8e:a0:0f:49:67:bb:47:19:82:fa:b7:09: 59:c3:a3:0f:f5:b5:01:12:0c:f1:44:4a:15:92:0a:10:b9:55: 65:68:01:74:8b:11:ea:d3:f5:e2:da:91:64:06:69:71:8d:8e: 88:52:2f:3b:63:52:a0:f7:75:c8:bb:c4:65:18:db:ea:76:96: 7c:2e:4e:7f:da:aa:42:26:49:17:9b:a3:28:05:e8:7f:6f:c1: f7:08:6d:fe:e1:80:51:e6:7a:84:7c:2e:65:7f:3c:a5:bf:6c: 76:f7:61:e6:b8:75:9b:90:ba:98:6a:a3:3d:11:5f:7a:ce:93: a1:7e:a4:46:a7:91:75:ac:e9:d4:a7:5e:a9:0a:3b:85:87:64: 7b:ae:f0:3b:cf:a5:7f:c9:6e:77:c1:63:4c:6a:ad:9e:79:13: 41:17:b7:22:f8:5c:43:08:9e:e9:a7:fd:55:8a:2b:9d:51:0b: a4:0e:62:ea:f1:8b:b3:59:54:ad:50:14:7a:33:76:64:bd:3a: 3a:2c:14:2c:31:d0:19:b0:4d:52:84:d2:38:58:e0:9f:3c:14: 4d:2e:75:4e:4f:69:b0:fc:ed:11:64:f5:ab:fb:ca:a9:3d:6b: cb:83:cd:3b -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUKYiNHICcMZ3w9K3y43lteABQzLwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMjgyNVoX DTI3MDUwMjAxMzMyNVowMzExMC8GA1UEAxMoMTBEMDdCMUY3NURCRjY2MzUxQjI4 NjY4MEY3NjFGRTVBQkQzREI0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTFi+XXXMHWkmHp+72rp69i9v7D5VCjYAqMXnnLMZaf4fa4hYFxG/tuFEk/ ahMjwnp6K9U/Vf9GLODCVCJpdKViNmyPPIq1LTPVei/x26Z0jYuWrS1OKmY7M6GH M5rYjJjBgCBPJ9hBDQF9xEPiCZYnMASsav/b0cqxkOKib00DA4scc1PSxAERjZjp byh6q9NiUsDK6Ngd+g48fE0F2p9Z396Ulj/CnZZDLgPvTrZ0Zq1SS5IDGhuDQ60X D1Ap0zc+a+LiRtryV6ymMG+NAf8/Zgbik+ySlrxZGZSXk3yGqalPJdpNdOvRErQc B89V/BQtZYTimxU2dFGn+H720ZcCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQQ0Hsf ddv2Y1GyhmgPdh/lq9PbSTAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDIyLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQAnRS9MA0GCSqGSIb3DQEBCwUAA4IBAQB8tK20k31U/qLHWbSOlbfRv7PC +t4nJfeOoA9JZ7tHGYL6twlZw6MP9bUBEgzxREoVkgoQuVVlaAF0ixHq0/Xi2pFk BmlxjY6IUi87Y1Kg93XIu8RlGNvqdpZ8Lk5/2qpCJkkXm6MoBeh/b8H3CG3+4YBR 5nqEfC5lfzylv2x292HmuHWbkLqYaqM9EV96zpOhfqRGp5F1rOnUp16pCjuFh2R7 rvA7z6V/yW53wWNMaq2eeRNBF7ci+FxDCJ7pp/1ViiudUQukDmLq8YuzWVStUBR6 M3ZkvTo6LBQsMdAZsE1ShNI4WOCfPBRNLnVOT2mw/O0RZPWr+8qpPWvLg807 -----END CERTIFICATE-----Generated at Tue May 12 22:43:18 2026 by rpki-client