$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa File: AS152429.roa (raw, json) Hash identifier: rIwnbM/HwmRE7IrsoVd5u7vzs9+vxWMsZEceRxkbEpM= Subject key identifier: 68:63:59:83:15:A7:21:1D:C8:15:31:7D:45:67:DE:7C:AE:1C:1F:E0 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 32F72779A6230275E6771395AB1D54D5B49CC0CB Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa Signing time: Sun 03 May 2026 02:21:37 +0000 ROA not before: Sun 03 May 2026 02:16:37 +0000 ROA not after: Sun 02 May 2027 02:21:37 +0000 asID: 152429 IP address blocks: 157.20.238.0/23 maxlen: 24 157.20.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:f7:27:79:a6:23:02:75:e6:77:13:95:ab:1d:54:d5:b4:9c:c0:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:16:37 2026 GMT Not After : May 2 02:21:37 2027 GMT Subject: CN=6863598315A7211DC815317D4567DE7CAE1C1FE0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:ad:05:9d:f1:8d:33:d0:c7:63:ca:4c:bb:3f: 54:8b:88:5b:34:fb:0f:d0:40:28:f1:b6:8e:40:fa: 34:09:97:7d:00:a1:47:00:28:19:12:5e:54:02:55: 65:c4:12:45:ad:a9:f5:53:e8:1a:81:81:78:46:92: b8:ac:b1:10:19:d8:ac:3e:bf:f8:0b:fb:99:36:60: 7a:d5:f5:fc:e0:ad:1c:1b:ce:fb:91:3a:dc:af:15: f6:05:c0:1b:f4:af:37:9f:8a:cc:84:e8:7c:c0:3b: dd:08:c9:15:56:b3:b3:6e:96:83:06:8d:a0:b7:b2: 35:37:7e:98:56:94:4f:5c:1f:e9:11:8d:86:14:61: f5:bd:50:9d:a1:d1:f6:68:05:25:e5:57:5d:6a:a2: e4:f0:b1:61:3a:3e:16:d9:82:8c:2f:69:a8:9e:cc: 49:76:39:4d:f9:e7:94:e6:d8:40:7a:38:7f:ef:49: a0:a0:29:d6:1d:fc:88:58:8c:6f:60:95:9f:77:c2: 81:c0:f3:25:f7:4d:75:db:77:be:84:ea:fb:10:bb: 1e:43:17:6b:f5:27:d5:5f:04:52:d9:8f:bb:2c:a9: 3c:53:cb:4b:07:2b:15:6c:3d:12:8d:ab:eb:b4:9d: a5:4a:cb:42:55:e4:a1:ad:a4:06:53:f5:a7:ae:d5: 01:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:63:59:83:15:A7:21:1D:C8:15:31:7D:45:67:DE:7C:AE:1C:1F:E0 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152429.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.238.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:7d:cf:d9:5f:0f:6f:4b:d9:36:20:b0:02:00:05:a1:df:16: 13:bc:21:bf:68:7e:1a:69:72:d7:38:42:52:5b:24:d1:3b:60: c9:32:77:de:40:66:19:1d:23:65:0f:19:06:79:10:fc:5a:53: 30:31:67:84:87:73:cd:21:a8:19:dd:51:a7:66:a0:02:15:80: b7:07:5d:a5:65:5e:e9:df:9d:78:ae:09:0e:8d:d4:58:2e:c5: 6e:67:c9:71:44:7b:7d:45:f5:46:d5:9f:12:8d:ed:c0:fa:1d: 55:4a:f4:b6:05:c4:62:ce:7f:64:04:cb:26:3e:94:9b:d2:46: 83:71:be:ad:93:e7:95:56:84:89:31:23:76:5d:d2:0c:90:6b: ee:cf:47:f9:60:5b:0f:3c:4b:73:ed:fd:98:9e:48:39:94:66: d5:9f:a5:cb:1e:3a:39:4f:27:b2:db:6f:bf:0b:cd:69:60:f1: 60:18:49:a4:f1:74:9b:56:17:65:ea:be:7b:1e:ab:93:d7:ba: c6:9a:57:a4:c3:10:f0:10:62:74:9b:39:7c:62:25:d9:55:8d: 7d:ce:f5:cf:b4:09:b6:ec:90:3e:2b:76:19:b9:7a:1c:09:67: 21:ef:e4:07:cc:31:73:97:67:24:b4:b1:4e:ff:b1:07:60:1c: e3:8c:21:dd -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUMvcneaYjAnXmdxOVqx1U1bScwMswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMTYzN1oX DTI3MDUwMjAyMjEzN1owMzExMC8GA1UEAxMoNjg2MzU5ODMxNUE3MjExREM4MTUz MTdENDU2N0RFN0NBRTFDMUZFMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJKtBZ3xjTPQx2PKTLs/VIuIWzT7D9BAKPG2jkD6NAmXfQChRwAoGRJeVAJV ZcQSRa2p9VPoGoGBeEaSuKyxEBnYrD6/+Av7mTZgetX1/OCtHBvO+5E63K8V9gXA G/SvN5+KzITofMA73QjJFVazs26WgwaNoLeyNTd+mFaUT1wf6RGNhhRh9b1QnaHR 9mgFJeVXXWqi5PCxYTo+FtmCjC9pqJ7MSXY5TfnnlObYQHo4f+9JoKAp1h38iFiM b2CVn3fCgcDzJfdNddt3voTq+xC7HkMXa/Un1V8EUtmPuyypPFPLSwcrFWw9Eo2r 67SdpUrLQlXkoa2kBlP1p67VAdECAwEAAaOCAcwwggHIMB0GA1UdDgQWBBRoY1mD FachHcgVMX1FZ958rhwf4DAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNDI5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnRTuMA0GCSqGSIb3DQEBCwUAA4IBAQALfc/ZXw9vS9k2ILACAAWh3xYT vCG/aH4aaXLXOEJSWyTRO2DJMnfeQGYZHSNlDxkGeRD8WlMwMWeEh3PNIagZ3VGn ZqACFYC3B12lZV7p3514rgkOjdRYLsVuZ8lxRHt9RfVG1Z8Sje3A+h1VSvS2BcRi zn9kBMsmPpSb0kaDcb6tk+eVVoSJMSN2XdIMkGvuz0f5YFsPPEtz7f2Ynkg5lGbV n6XLHjo5Tyey22+/C81pYPFgGEmk8XSbVhdl6r57HquT17rGmlekwxDwEGJ0mzl8 YiXZVY19zvXPtAm27JA+K3YZuXocCWch7+QHzDFzl2cktLFO/7EHYBzjjCHd -----END CERTIFICATE-----Generated at Tue May 12 22:43:07 2026 by rpki-client