$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa File: AS152367.roa (raw, json) Hash identifier: pkphffPukkmo+UsqGmuSc59UMoB0PbMS6Rke0tjCbtQ= Subject key identifier: D2:61:BA:5D:72:E7:79:80:57:68:73:1F:72:46:1A:80:BD:E7:7A:87 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3C29B5F057DD5C72EC08EC0D7943E931900D1BC1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa Signing time: Thu 08 Jan 2026 11:00:08 +0000 ROA not before: Thu 08 Jan 2026 10:55:08 +0000 ROA not after: Thu 07 Jan 2027 11:00:08 +0000 asID: 152367 IP address blocks: 157.15.78.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:29:b5:f0:57:dd:5c:72:ec:08:ec:0d:79:43:e9:31:90:0d:1b:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:08 2026 GMT Not After : Jan 7 11:00:08 2027 GMT Subject: CN=D261BA5D72E779805768731F72461A80BDE77A87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b5:8d:c8:bc:27:f3:44:83:b7:6f:92:5d:b3: 21:d6:ec:fd:ab:e2:b4:1a:39:ff:10:39:e4:8e:7d: ea:a2:43:23:a8:6b:1b:49:e7:48:0c:6b:05:97:18: 3f:a3:49:65:fd:91:79:68:07:f9:87:44:ed:31:bf: 3e:96:fa:dc:af:5a:0e:51:1a:34:25:42:9b:94:da: 2e:42:bd:69:aa:05:3b:54:3f:9d:bf:f7:c2:38:bd: 3b:70:67:41:0d:29:dc:4c:b4:86:83:97:3e:62:56: 44:fa:63:c2:c8:ba:87:8a:6c:c9:62:49:c8:dd:98: ef:e7:71:c5:4c:d7:c4:60:66:38:f6:7d:77:be:08: bf:bd:ff:51:ca:23:62:c8:3f:4e:20:cb:15:d0:46: dc:e7:93:bf:d3:e9:45:ab:59:b8:8c:a8:90:0e:50: 30:40:5f:31:bd:39:1e:f5:9b:a3:db:f6:1a:42:78: 26:9f:31:14:43:60:a7:a9:33:ce:0b:c9:eb:f1:ae: 5e:99:05:ad:03:5d:5f:ac:42:f0:16:0c:61:56:49: 3d:e9:ff:68:54:67:3a:7d:ce:12:78:48:cd:fa:73: ef:39:ed:85:4e:9f:71:d3:40:c9:01:af:ec:0c:13: c3:06:e2:55:e7:9e:d4:af:a6:58:5a:a3:71:85:33: 19:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:61:BA:5D:72:E7:79:80:57:68:73:1F:72:46:1A:80:BD:E7:7A:87 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.78.0/23 Signature Algorithm: sha256WithRSAEncryption 0c:19:a7:0b:e2:88:31:82:9d:cc:53:11:60:4a:99:e5:4b:74: 8e:5c:6a:c6:88:da:e2:38:13:bc:15:6e:d6:f9:ca:b0:98:ad: 25:41:a4:14:c5:4c:9d:4a:5a:f0:9f:bd:33:1c:82:04:39:41: cf:68:9f:cd:13:76:ac:0d:4f:fd:2e:81:09:97:85:b2:d3:e4: 90:b2:a6:19:35:02:a6:4b:d6:f8:20:9f:a3:52:a1:ee:a9:2b: 8b:d6:e9:8b:1b:90:cb:b6:41:6e:23:a6:4f:1a:e3:96:6c:a1: cc:60:a5:7e:1f:51:86:e2:6c:09:f7:b9:1e:72:60:27:cd:f4: 32:b3:93:a3:e7:ac:e2:bc:b5:d9:2f:63:9c:2a:f2:6d:f0:64: 60:15:2c:0e:60:49:1b:97:0d:e0:7c:1d:db:66:36:fe:30:20: b6:7e:b1:40:e6:7f:28:99:41:81:b6:44:28:af:25:33:4b:7d: 3a:ca:c0:8d:0d:25:b3:08:66:69:72:89:04:d1:55:d4:93:a7: 9b:a9:36:5c:63:e6:1c:9d:00:ba:fc:49:69:85:84:86:83:37: 85:b3:d3:b1:2a:15:9a:ed:41:ed:02:85:24:77:ef:0a:08:90: 16:7e:ba:1e:18:42:01:14:1f:63:50:f9:a8:cf:e6:f4:1f:ed: b3:2c:4f:77 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUPCm18FfdXHLsCOwNeUPpMZANG8EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOFoX DTI3MDEwNzExMDAwOFowMzExMC8GA1UEAxMoRDI2MUJBNUQ3MkU3Nzk4MDU3Njg3 MzFGNzI0NjFBODBCREU3N0E4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALK1jci8J/NEg7dvkl2zIdbs/avitBo5/xA55I596qJDI6hrG0nnSAxrBZcY P6NJZf2ReWgH+YdE7TG/Ppb63K9aDlEaNCVCm5TaLkK9aaoFO1Q/nb/3wji9O3Bn QQ0p3Ey0hoOXPmJWRPpjwsi6h4psyWJJyN2Y7+dxxUzXxGBmOPZ9d74Iv73/Ucoj Ysg/TiDLFdBG3OeTv9PpRatZuIyokA5QMEBfMb05HvWbo9v2GkJ4Jp8xFENgp6kz zgvJ6/GuXpkFrQNdX6xC8BYMYVZJPen/aFRnOn3OEnhIzfpz7znthU6fcdNAyQGv 7AwTwwbiVeee1K+mWFqjcYUzGZsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTSYbpd cud5gFdocx9yRhqAved6hzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PTjANBgkqhkiG9w0BAQsFAAOCAQEADBmnC+KIMYKdzFMRYEqZ 5Ut0jlxqxoja4jgTvBVu1vnKsJitJUGkFMVMnUpa8J+9MxyCBDlBz2ifzRN2rA1P /S6BCZeFstPkkLKmGTUCpkvW+CCfo1Kh7qkri9bpixuQy7ZBbiOmTxrjlmyhzGCl fh9RhuJsCfe5HnJgJ830MrOTo+es4ry12S9jnCrybfBkYBUsDmBJG5cN4Hwd22Y2 /jAgtn6xQOZ/KJlBgbZEKK8lM0t9OsrAjQ0lswhmaXKJBNFV1JOnm6k2XGPmHJ0A uvxJaYWEhoM3hbPTsSoVmu1B7QKFJHfvCgiQFn66HhhCARQfY1D5qM/m9B/tsyxP dw== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:53 2026 by rpki-client