$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133637.roa File: AS133637.roa (raw, json) Hash identifier: 9uu6htdg+u8oOzinDSKh6dgW6naf+UtbOPtfFZ3FcME= Subject key identifier: 16:45:07:B0:88:13:6D:DD:9F:F0:A4:2E:01:3D:73:F0:99:FE:90:68 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3C43A0CEE1ED5A660C984E9BC3D84A693D44D19F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133637.roa Signing time: Tue 20 Jan 2026 04:00:00 +0000 ROA not before: Tue 20 Jan 2026 03:55:00 +0000 ROA not after: Tue 19 Jan 2027 04:00:00 +0000 asID: 133637 IP address blocks: 160.250.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:43:a0:ce:e1:ed:5a:66:0c:98:4e:9b:c3:d8:4a:69:3d:44:d1:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 20 03:55:00 2026 GMT Not After : Jan 19 04:00:00 2027 GMT Subject: CN=164507B088136DDD9FF0A42E013D73F099FE9068 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f2:9d:82:24:fc:65:ab:9c:78:1c:37:1d:2f: d2:c0:7c:b5:8b:5c:50:a1:ee:e1:a3:50:c0:f2:3e: 00:b0:0d:81:8e:0e:71:2d:71:21:21:d4:26:cd:e3: 71:6d:6c:7f:c4:42:5e:ac:f3:e1:9f:aa:b1:e6:34: a5:03:8c:e3:84:45:32:38:b8:16:39:f7:74:4f:e2: 0c:b6:c6:c8:ad:02:92:21:37:4e:e8:a2:a3:82:2e: 7f:f7:91:bd:0d:5c:f9:4d:1f:a4:86:08:e0:44:85: 01:77:1c:25:17:5d:06:ec:aa:35:dc:6a:12:f3:a1: f9:6e:5b:b5:12:f2:1f:b4:28:fa:f5:d0:fd:00:28: c4:5e:d8:44:54:1f:a7:a4:1a:c9:46:f7:ee:1c:84: eb:8c:32:5e:eb:87:9d:46:41:aa:53:8c:24:c7:32: f4:88:65:e5:43:77:3c:f0:14:1a:1c:02:c5:41:65: 6a:58:88:45:c7:8c:71:25:ce:fb:a9:53:26:68:68: 7d:d0:36:5f:77:6d:3b:b9:60:5a:b6:fc:19:5f:97: 57:30:0c:40:f8:30:bf:7a:a0:d7:5e:1d:36:53:8c: 38:66:43:b3:44:62:79:c5:fb:0d:3c:83:90:ea:0b: 78:6a:f8:ad:e0:71:3d:b5:94:56:0e:68:7e:b4:c7: 28:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:45:07:B0:88:13:6D:DD:9F:F0:A4:2E:01:3D:73:F0:99:FE:90:68 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS133637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.238.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:a8:cc:3a:2f:f4:38:02:23:8f:dd:a9:a2:aa:be:b1:67:d4: 3b:ce:5c:a5:d1:81:90:ad:e2:76:0f:70:1e:8b:28:8d:35:95: ff:8d:7c:76:56:76:46:6c:94:ef:99:d7:10:56:f6:3c:85:ad: e5:b8:89:02:71:39:05:e3:30:c3:67:36:c3:eb:21:f0:a4:e3: 65:14:6c:69:f3:c9:9a:b4:c5:9f:e4:3b:ef:fb:89:53:7f:50: 25:86:8f:38:87:84:40:c6:b2:91:64:63:a3:f0:25:e4:ad:f6: 66:13:fc:d1:ab:ae:d1:81:0e:79:50:c7:8b:98:d5:d0:c5:6b: 00:7c:94:df:99:9c:3c:c8:6a:16:34:48:53:43:b1:80:bd:69: 1b:83:bb:27:c8:a8:4e:4d:17:6c:06:f4:ec:ac:f9:d9:bf:7d: dc:a8:c5:49:78:57:29:48:04:79:6b:8a:a1:a1:df:fc:ed:02: 49:34:4e:97:ad:fa:d0:7c:03:94:08:26:e0:3e:22:18:09:34: 6c:c1:cc:9c:36:61:e0:b8:c2:75:6d:38:8c:84:e3:55:c2:4b: 71:5f:9d:3c:66:e6:11:42:5a:71:aa:42:30:40:23:37:cd:3e: 43:f6:3e:c9:b5:ab:ce:f8:2c:ad:12:14:3b:1c:88:ee:3e:60: 05:e8:72:89 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUPEOgzuHtWmYMmE6bw9hKaT1E0Z8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEyMDAzNTUwMFoX DTI3MDExOTA0MDAwMFowMzExMC8GA1UEAxMoMTY0NTA3QjA4ODEzNkRERDlGRjBB NDJFMDEzRDczRjA5OUZFOTA2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALfynYIk/GWrnHgcNx0v0sB8tYtcUKHu4aNQwPI+ALANgY4OcS1xISHUJs3j cW1sf8RCXqzz4Z+qseY0pQOM44RFMji4Fjn3dE/iDLbGyK0CkiE3Tuiio4Iuf/eR vQ1c+U0fpIYI4ESFAXccJRddBuyqNdxqEvOh+W5btRLyH7Qo+vXQ/QAoxF7YRFQf p6QayUb37hyE64wyXuuHnUZBqlOMJMcy9Ihl5UN3PPAUGhwCxUFlaliIRceMcSXO +6lTJmhofdA2X3dtO7lgWrb8GV+XVzAMQPgwv3qg114dNlOMOGZDs0RiecX7DTyD kOoLeGr4reBxPbWUVg5ofrTHKNkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQWRQew iBNt3Z/wpC4BPXPwmf6QaDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzMzYzNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKD67jANBgkqhkiG9w0BAQsFAAOCAQEAXKjMOi/0OAIjj92poqq+ sWfUO85cpdGBkK3idg9wHosojTWV/418dlZ2RmyU75nXEFb2PIWt5biJAnE5BeMw w2c2w+sh8KTjZRRsafPJmrTFn+Q77/uJU39QJYaPOIeEQMaykWRjo/Al5K32ZhP8 0auu0YEOeVDHi5jV0MVrAHyU35mcPMhqFjRIU0OxgL1pG4O7J8ioTk0XbAb07Kz5 2b993KjFSXhXKUgEeWuKoaHf/O0CSTROl6360HwDlAgm4D4iGAk0bMHMnDZh4LjC dW04jITjVcJLcV+dPGbmEUJacapCMEAjN80+Q/Y+ybWrzvgsrRIUOxyI7j5gBehy iQ== -----END CERTIFICATE-----Generated at Mon Mar 2 12:59:56 2026 by rpki-client