$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS150235.roa File: AS150235.roa (raw, json) Hash identifier: GhZVjeo6lNTsE1vNxLUa+DnRa+Sai73Kpvsyh7/7x38= Subject key identifier: B6:10:6A:4C:C9:82:50:4D:9B:E5:EB:8B:7B:FD:EF:91:AE:9A:A6:BC Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 29C3FFAA02949AD4AC4461B6078D3F5D5F889408 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS150235.roa Signing time: Sun 11 Jan 2026 09:00:00 +0000 ROA not before: Sun 11 Jan 2026 08:55:00 +0000 ROA not after: Sun 10 Jan 2027 09:00:00 +0000 asID: 150235 IP address blocks: 161.248.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 09:03:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:c3:ff:aa:02:94:9a:d4:ac:44:61:b6:07:8d:3f:5d:5f:88:94:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 11 08:55:00 2026 GMT Not After : Jan 10 09:00:00 2027 GMT Subject: CN=B6106A4CC982504D9BE5EB8B7BFDEF91AE9AA6BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0c:c5:23:1d:41:02:07:93:9e:39:52:55:68: 6d:6f:37:c9:e1:59:55:e3:ec:6c:a0:7e:3e:3a:bd: 6a:ad:36:cf:7b:8f:96:97:46:ab:e9:3e:52:c2:99: ed:5b:ce:9c:3b:35:85:06:bd:42:10:7a:c0:7e:ef: 46:2a:87:50:62:f3:2a:37:2e:1d:a6:86:f0:1e:87: b0:9e:da:9a:03:1f:5a:29:b2:32:5d:15:df:6e:71: 1d:66:6c:91:35:9e:7b:98:39:4e:3e:89:84:b5:9c: 11:77:06:22:08:a7:fb:6d:9a:7d:eb:9e:a1:8a:8d: ec:a3:27:b2:0b:45:25:e5:4c:f7:dd:7e:38:4d:0e: 62:73:44:7b:a1:e0:e5:7c:c4:9d:74:51:f3:be:48: 77:cc:78:e5:ed:33:14:6d:f4:11:8e:b6:ab:5e:a5: 75:4e:c1:e4:f8:bf:fb:ab:e0:be:c1:41:3d:9d:fa: ce:3a:1b:21:af:75:ac:0c:25:a7:58:7e:93:73:e4: ab:17:15:7e:af:36:13:f7:95:72:4c:df:0b:ae:88: 3f:a7:f6:dd:92:2b:9d:d0:0e:6c:a8:8f:f8:7d:fd: 52:c9:91:c6:93:4d:b8:70:0e:1c:f9:c0:29:30:b8: 16:61:bc:1d:9f:4f:72:58:e2:a6:cf:a4:ef:fe:77: 62:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:10:6A:4C:C9:82:50:4D:9B:E5:EB:8B:7B:FD:EF:91:AE:9A:A6:BC X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS150235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.222.0/24 Signature Algorithm: sha256WithRSAEncryption 34:f1:18:92:84:66:d6:c7:3d:74:5e:74:b8:cb:ae:42:a1:c2: 84:3d:93:67:ef:06:97:e6:87:7d:7f:65:b0:d8:c0:0f:fd:a4: a6:c5:37:c2:ab:df:57:49:d4:ba:94:46:56:f6:72:3c:43:e1: d2:a1:51:b8:99:ce:fd:ed:ec:a4:ea:42:9d:9a:24:b0:d7:30: 44:85:7b:48:e7:16:4b:65:8c:03:ab:22:be:2c:ad:67:b9:af: 51:be:1a:72:2c:6f:c1:ef:eb:ce:df:d8:ab:d1:c1:5c:d1:a5: e9:53:84:75:b7:9e:f8:fa:37:3b:d1:a7:77:8b:32:ec:52:23: 0e:d7:8f:92:af:31:63:73:d5:d2:6a:79:d2:9f:10:50:6a:39: b1:58:bb:4c:27:48:ab:0a:c2:5d:13:e5:14:f2:8c:00:12:65: 86:25:c1:17:09:39:05:06:d7:49:87:73:42:0d:0f:c2:89:33: 5d:52:b1:de:95:5f:c5:96:7f:94:4c:55:06:3c:b9:6c:bf:12: e2:15:36:2a:ff:2c:02:cd:cb:00:93:cc:1d:21:7a:eb:c5:cf: 30:f9:fe:02:33:5f:3f:64:33:09:c6:eb:71:0a:b9:09:23:b6: d8:65:fd:02:d6:20:33:8b:ad:30:26:3c:4b:4d:cc:7b:81:36: 62:58:07:73 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKcP/qgKUmtSsRGG2B40/XV+IlAgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDExMTA4NTUwMFoX DTI3MDExMDA5MDAwMFowMzExMC8GA1UEAxMoQjYxMDZBNENDOTgyNTA0RDlCRTVF QjhCN0JGREVGOTFBRTlBQTZCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMMxSMdQQIHk545UlVobW83yeFZVePsbKB+Pjq9aq02z3uPlpdGq+k+UsKZ 7VvOnDs1hQa9QhB6wH7vRiqHUGLzKjcuHaaG8B6HsJ7amgMfWimyMl0V325xHWZs kTWee5g5Tj6JhLWcEXcGIgin+22afeueoYqN7KMnsgtFJeVM991+OE0OYnNEe6Hg 5XzEnXRR875Id8x45e0zFG30EY62q16ldU7B5Pi/+6vgvsFBPZ36zjobIa91rAwl p1h+k3PkqxcVfq82E/eVckzfC66IP6f23ZIrndAObKiP+H39UsmRxpNNuHAOHPnA KTC4FmG8HZ9Pcljips+k7/53YhMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS2EGpM yYJQTZvl64t7/e+RrpqmvDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MDIzNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH43jANBgkqhkiG9w0BAQsFAAOCAQEANPEYkoRm1sc9dF50uMuu QqHChD2TZ+8Gl+aHfX9lsNjAD/2kpsU3wqvfV0nUupRGVvZyPEPh0qFRuJnO/e3s pOpCnZoksNcwRIV7SOcWS2WMA6siviytZ7mvUb4acixvwe/rzt/Yq9HBXNGl6VOE dbee+Po3O9Gnd4sy7FIjDtePkq8xY3PV0mp50p8QUGo5sVi7TCdIqwrCXRPlFPKM ABJlhiXBFwk5BQbXSYdzQg0PwokzXVKx3pVfxZZ/lExVBjy5bL8S4hU2Kv8sAs3L AJPMHSF668XPMPn+AjNfP2QzCcbrcQq5CSO22GX9AtYgM4utMCY8S03Me4E2YlgH cw== -----END CERTIFICATE-----Generated at Mon Mar 2 03:18:52 2026 by rpki-client