$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AS152758.roa File: AS152758.roa (raw, json) Hash identifier: Cty1sRgSm8S6qzGdGVWAXxcqhAm+0nc+XfeSIVDnspU= Subject key identifier: 16:A4:60:49:FF:D4:2D:F9:8A:C5:F5:31:E6:81:9A:3F:B1:73:6A:ED Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 631C40E36EE9E1EDFA3FCF7B42A7C98977E296FA Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject info access: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152758.roa Signing time: Sun 03 May 2026 05:38:19 +0000 ROA not before: Sun 03 May 2026 05:33:19 +0000 ROA not after: Sun 02 May 2027 05:38:19 +0000 asID: 152758 IP address blocks: 157.66.238.0/23 maxlen: 23 157.66.238.0/24 maxlen: 24 157.66.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:1c:40:e3:6e:e9:e1:ed:fa:3f:cf:7b:42:a7:c9:89:77:e2:96:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 05:33:19 2026 GMT Not After : May 2 05:38:19 2027 GMT Subject: CN=16A46049FFD42DF98AC5F531E6819A3FB1736AED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2b:dc:a7:24:2f:2a:6f:3b:52:06:13:73:13: 05:79:a1:56:84:b0:03:90:23:fa:1a:ae:c0:48:e4: 5e:77:34:48:3d:b5:47:eb:76:63:b4:dc:79:a4:b5: 5d:a4:e5:22:86:14:36:6c:ac:83:2a:8e:79:b1:65: 6a:4f:b4:2f:6c:b7:b5:9e:50:36:57:97:6e:2b:6a: 4f:f4:30:61:7b:aa:45:37:72:67:9c:f9:a0:3a:4b: 6a:7e:17:69:36:35:ed:38:79:f7:f6:56:ac:bf:a3: 5d:86:a1:2d:18:74:12:5b:62:e0:b9:47:38:db:08: cf:66:bf:68:2c:df:83:d9:f3:d8:7f:5f:b4:db:66: 85:0c:59:4e:b9:5e:a3:2f:c1:f3:97:e9:09:92:af: 45:5c:78:b3:ff:25:c9:b8:17:d4:56:47:82:e1:a3: 56:be:96:9a:ab:5e:34:58:96:35:5c:42:eb:2d:cd: 08:cc:5a:24:b7:70:0f:18:e5:b5:09:a7:3e:d4:0c: 54:3e:e6:ce:50:6f:3d:89:31:1b:86:7e:bf:e7:15: 90:f0:df:e9:e8:a4:cc:73:c8:11:d0:29:87:19:a0: cd:29:99:8b:e7:4c:5d:f0:d6:f7:07:44:87:80:d2: 29:2f:2a:79:c7:e6:6c:48:0d:3e:eb:45:8b:33:31: fd:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:A4:60:49:FF:D4:2D:F9:8A:C5:F5:31:E6:81:9A:3F:B1:73:6A:ED X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/AS152758.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.238.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:82:cf:6f:3b:51:8d:4d:e1:55:88:5e:97:c4:a2:05:e0:3f: b1:0c:54:a9:a9:fb:41:4a:93:fc:41:a4:3f:79:7a:56:9e:33: 47:0a:aa:9b:85:28:bc:d5:bc:2b:86:87:6a:4f:df:b0:05:26: fc:cf:48:b8:cf:34:0b:f7:9d:5c:2b:33:4d:f8:e6:a1:62:f6: 00:36:03:f5:34:c2:a2:ed:20:ef:87:47:b5:9a:fc:1e:b3:d5: a5:69:29:76:f7:e9:a6:9f:e7:71:99:4e:c1:8e:10:97:af:27: 62:2b:cf:e7:12:91:19:b2:12:88:f9:d8:39:15:52:a0:17:c1: 96:70:21:3a:ef:1e:a6:ba:6e:0c:c9:14:bb:6d:5f:fb:27:22: 94:03:07:ce:92:44:41:05:cc:27:c8:9b:99:3d:c9:c0:43:c1: 93:8d:15:3a:d2:14:ea:e4:07:ec:59:5c:5e:b8:e8:0d:67:c9: 79:c6:fe:e3:a5:7e:ba:87:34:ea:2a:d9:c2:dc:b8:1a:e7:a7: 2e:26:ab:25:bb:1d:83:85:eb:a6:be:c2:b1:42:1d:2f:59:a3: ba:07:82:f2:3e:30:1d:c4:be:5c:7b:a2:53:34:bb:a8:db:2c: a4:af:ca:73:f0:8f:6e:84:ac:2c:f7:4d:d3:9a:d2:f5:4a:49: 9d:d1:2f:44 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgIUYxxA427p4e36P897QqfJiXfilvowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzA1MzMxOVoX DTI3MDUwMjA1MzgxOVowMzExMC8GA1UEAxMoMTZBNDYwNDlGRkQ0MkRGOThBQzVG NTMxRTY4MTlBM0ZCMTczNkFFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYr3KckLypvO1IGE3MTBXmhVoSwA5Aj+hquwEjkXnc0SD21R+t2Y7TceaS1 XaTlIoYUNmysgyqOebFlak+0L2y3tZ5QNleXbitqT/QwYXuqRTdyZ5z5oDpLan4X aTY17Th59/ZWrL+jXYahLRh0Elti4LlHONsIz2a/aCzfg9nz2H9ftNtmhQxZTrle oy/B85fpCZKvRVx4s/8lybgX1FZHguGjVr6WmqteNFiWNVxC6y3NCMxaJLdwDxjl tQmnPtQMVD7mzlBvPYkxG4Z+v+cVkPDf6eikzHPIEdAphxmgzSmZi+dMXfDW9wdE h4DSKS8qecfmbEgNPutFizMx/fsCAwEAAaOCAcwwggHIMB0GA1UdDgQWBBQWpGBJ /9Qt+YrF9THmgZo/sXNq7TAfBgNVHSMEGDAWgBR99DSVNEQa8Rpl3dNYj3TcWcLT YjAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0fBGAwXjBcoFqgWIZWcnN5bmM6Ly9ycGtp LXJzeW5jLmlkbmljLm5ldC9yZXBvL0lETklDLzAvN0RGNDM0OTUzNDQ0MUFGMTFB NjVEREQzNTg4Rjc0REM1OUMyRDM2Mi5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsG AQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRG MjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvZmZRMGxUUkVHdkVhWmQzVFdJOTAz Rm5DMDJJLmNlcjBSBggrBgEFBQcBCwRGMEQwQgYIKwYBBQUHMAuGNnJzeW5jOi8v cnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9JRE5JQy8wL0FTMTUyNzU4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA ATAGAwQBnULuMA0GCSqGSIb3DQEBCwUAA4IBAQALgs9vO1GNTeFViF6XxKIF4D+x DFSpqftBSpP8QaQ/eXpWnjNHCqqbhSi81bwrhodqT9+wBSb8z0i4zzQL951cKzNN +OahYvYANgP1NMKi7SDvh0e1mvwes9WlaSl29+mmn+dxmU7BjhCXrydiK8/nEpEZ shKI+dg5FVKgF8GWcCE67x6mum4MyRS7bV/7JyKUAwfOkkRBBcwnyJuZPcnAQ8GT jRU60hTq5AfsWVxeuOgNZ8l5xv7jpX66hzTqKtnC3Lga56cuJqslux2DheumvsKx Qh0vWaO6B4LyPjAdxL5ce6JTNLuo2yykr8pz8I9uhKws903TmtL1Skmd0S9E -----END CERTIFICATE-----Generated at Tue May 12 22:43:19 2026 by rpki-client