$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142171.roa File: AS142171.roa (raw, json) Hash identifier: /VuOs1DDRrSoIAakCVo/n0uFZnLu7/ZH4DhNw+hzYDA= Subject key identifier: 63:57:D1:88:D3:C6:7E:E8:C8:0F:C1:E1:86:25:09:71:47:99:62:D2 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 752CF9407D7ED26E1826ACE0F979BB349A667290 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142171.roa Signing time: Mon 02 Mar 2026 02:28:53 +0000 ROA not before: Mon 02 Mar 2026 02:23:53 +0000 ROA not after: Mon 01 Mar 2027 02:28:53 +0000 asID: 142171 IP address blocks: 144.79.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:2c:f9:40:7d:7e:d2:6e:18:26:ac:e0:f9:79:bb:34:9a:66:72:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 2 02:23:53 2026 GMT Not After : Mar 1 02:28:53 2027 GMT Subject: CN=6357D188D3C67EE8C80FC1E186250971479962D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:3b:70:6c:7d:35:9e:e2:e6:14:e6:bb:eb:1c: a9:e4:79:b8:bb:26:e4:ba:34:2f:d9:bd:e4:1f:53: 38:0c:da:8e:0a:2d:11:1b:38:85:25:c6:8c:f6:c5: 17:d7:74:b8:06:6f:86:bc:c2:6d:6e:b1:72:16:47: 5d:ff:20:51:cf:41:01:47:99:a4:92:7e:94:74:30: e8:8a:ee:2d:7d:b6:31:d5:b9:a1:3c:9e:6f:f7:8e: 73:6f:56:57:fa:80:8f:8d:fa:b9:90:80:e4:bf:59: ce:5f:37:54:f5:93:24:3f:ab:2e:ab:56:e6:d7:38: 97:c1:ad:8c:7d:d1:72:5a:d8:e4:44:0d:ce:d9:2e: 23:c9:2b:a0:2e:4e:51:3f:71:ee:79:bc:38:01:28: 4b:89:d3:64:ef:fa:68:6b:c5:21:f0:c9:6d:4b:7c: ba:c5:61:f9:c9:0b:d2:14:c9:2a:19:5e:63:d0:85: 4e:91:46:fb:3f:50:42:33:42:b3:51:ee:56:89:3f: 35:fe:bc:a8:67:0e:22:53:28:ee:3b:5d:1a:83:46: 67:2b:7c:a3:f1:9a:2f:9c:f1:27:67:73:c2:dc:79: b3:d1:ec:72:b0:65:c8:a5:23:eb:06:cd:46:25:74: 0f:57:6e:57:d5:5a:31:2c:76:c8:25:64:a3:81:73: d6:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:57:D1:88:D3:C6:7E:E8:C8:0F:C1:E1:86:25:09:71:47:99:62:D2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142171.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.79.202.0/24 Signature Algorithm: sha256WithRSAEncryption 38:dd:ed:7d:a4:c4:50:c2:94:90:5a:f2:73:be:fe:dc:94:e9: 99:9d:40:1d:4d:11:21:61:82:80:46:01:84:d1:df:6d:7a:08: 55:c0:a4:66:94:21:dd:c6:c5:55:61:5f:b6:6b:91:f0:59:f3: 43:98:cc:f1:2e:63:89:ea:9d:f1:5e:5d:8b:3e:89:9a:0e:95: bb:25:65:39:84:e9:37:4a:e6:51:c5:f8:33:98:a4:0b:92:9a: c0:fa:ab:e5:c1:f2:6b:6d:cd:9c:ce:64:5a:33:c3:bf:ce:b6: a9:04:76:22:19:04:e8:d4:f7:21:42:e2:92:bb:2d:b1:b2:e6: a6:95:b7:6d:ad:87:43:8b:00:3f:46:50:ca:cd:fd:e6:96:fb: b0:48:49:71:c1:04:8a:e8:9c:ab:6f:ec:00:a2:d9:ce:41:0e: ba:0d:47:29:63:16:dd:50:6f:9d:ce:c1:ec:c4:77:aa:80:34: ff:81:a1:71:c4:d3:7d:8a:74:be:3d:f2:d8:d3:03:f8:40:c6: 50:ea:c2:8a:ca:0b:5e:f7:53:14:3c:53:0b:b0:3e:cb:0e:1a: 96:3f:c3:cc:87:18:b9:ac:2d:b7:dd:dc:3d:c5:c6:12:bb:8a: 34:69:08:da:1d:ae:5b:94:cc:ae:a8:ef:ad:ef:18:9c:e5:b8: b3:99:00:23 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUdSz5QH1+0m4YJqzg+Xm7NJpmcpAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMwMjAyMjM1M1oX DTI3MDMwMTAyMjg1M1owMzExMC8GA1UEAxMoNjM1N0QxODhEM0M2N0VFOEM4MEZD MUUxODYyNTA5NzE0Nzk5NjJEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO07cGx9NZ7i5hTmu+scqeR5uLsm5Lo0L9m95B9TOAzajgotERs4hSXGjPbF F9d0uAZvhrzCbW6xchZHXf8gUc9BAUeZpJJ+lHQw6IruLX22MdW5oTyeb/eOc29W V/qAj436uZCA5L9Zzl83VPWTJD+rLqtW5tc4l8GtjH3RclrY5EQNztkuI8kroC5O UT9x7nm8OAEoS4nTZO/6aGvFIfDJbUt8usVh+ckL0hTJKhleY9CFTpFG+z9QQjNC s1HuVok/Nf68qGcOIlMo7jtdGoNGZyt8o/GaL5zxJ2dzwtx5s9HscrBlyKUj6wbN RiV0D1duV9VaMSx2yCVko4Fz1lkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRjV9GI 08Z+6MgPweGGJQlxR5li0jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0MjE3MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJBPyjANBgkqhkiG9w0BAQsFAAOCAQEAON3tfaTEUMKUkFryc77+ 3JTpmZ1AHU0RIWGCgEYBhNHfbXoIVcCkZpQh3cbFVWFftmuR8FnzQ5jM8S5jieqd 8V5diz6Jmg6VuyVlOYTpN0rmUcX4M5ikC5KawPqr5cHya23NnM5kWjPDv862qQR2 IhkE6NT3IULikrstsbLmppW3ba2HQ4sAP0ZQys395pb7sEhJccEEiuicq2/sAKLZ zkEOug1HKWMW3VBvnc7B7MR3qoA0/4GhccTTfYp0vj3y2NMD+EDGUOrCisoLXvdT FDxTC7A+yw4alj/DzIcYuawtt93cPcXGEruKNGkI2h2uW5TMrqjvre8YnOW4s5kA Iw== -----END CERTIFICATE-----Generated at Mon Mar 2 09:34:58 2026 by rpki-client