$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa File: AS152375.roa (raw, json) Hash identifier: J706wwB8vM39N65MwGrQ/ywhmXtoXw4crFI5EhpqZ44= Subject key identifier: F0:8E:85:34:BD:96:DB:AA:85:43:B9:1E:52:31:48:B9:DB:BF:FD:99 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 25B64D3F759AB4D4AA98F1AEF685D6AAA2F3BD50 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa Signing time: Thu 08 Jan 2026 11:00:06 +0000 ROA not before: Thu 08 Jan 2026 10:55:06 +0000 ROA not after: Thu 07 Jan 2027 11:00:06 +0000 asID: 152375 IP address blocks: 157.15.64.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b6:4d:3f:75:9a:b4:d4:aa:98:f1:ae:f6:85:d6:aa:a2:f3:bd:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:06 2026 GMT Not After : Jan 7 11:00:06 2027 GMT Subject: CN=F08E8534BD96DBAA8543B91E523148B9DBBFFD99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:cf:ce:28:56:22:c0:6a:15:28:1f:b0:50:db: 1e:f3:77:5b:a7:87:70:9f:38:72:12:98:0c:82:da: 98:b7:59:26:32:66:a8:0c:91:9a:5c:0e:8a:bf:e7: c7:90:36:a1:93:dc:77:e1:2f:1c:91:b6:be:fe:b9: 01:7f:19:fd:02:77:f2:32:b8:77:67:68:47:75:7c: 9e:f1:9b:0f:45:4b:df:66:c3:3c:97:d2:95:9b:0e: dc:6c:ea:01:2c:0a:81:ff:80:5b:4a:5d:81:41:04: a5:9b:9a:8a:f1:c9:c5:b1:f3:b9:78:2a:05:57:f8: 4e:f9:5d:df:de:63:7d:ba:d5:25:6e:b6:3c:45:96: 3a:a5:cc:5c:c9:52:b5:76:48:92:80:c4:e0:7a:c4: 58:ae:77:52:e0:50:05:31:b1:70:a5:7f:83:fe:e2: 43:06:28:e8:00:0c:e8:d8:84:fe:55:04:ec:55:cd: 34:e3:75:38:54:73:f6:c7:66:a5:d1:68:9a:c2:ed: 9f:a6:3d:f1:b1:f2:c5:91:8c:1a:52:dc:b2:b2:da: db:31:5c:6d:d5:1d:97:59:a0:64:5b:de:fe:f7:15: e0:c2:a9:33:d2:3b:61:1b:f1:2b:9b:a7:b0:b1:ab: 45:2f:c4:f4:fb:6d:7f:d9:83:48:04:eb:54:9e:64: 45:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:8E:85:34:BD:96:DB:AA:85:43:B9:1E:52:31:48:B9:DB:BF:FD:99 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152375.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.64.0/23 Signature Algorithm: sha256WithRSAEncryption 97:32:89:b0:58:aa:b6:ee:5e:e2:37:b8:26:ee:3a:ca:31:62: e6:f0:87:ef:68:58:1f:3a:1b:45:49:fe:30:85:78:2e:b2:f3: 03:22:43:d4:89:84:ce:83:52:d4:40:2a:b8:bd:8e:0a:93:4c: 58:a6:46:8c:ce:e8:f4:fc:5c:29:bb:bc:36:30:fc:15:ac:bb: 58:2e:36:c0:80:d0:32:f8:48:13:43:54:4f:a0:ea:ad:cc:e2: 0d:52:ee:cc:47:4b:1b:12:66:31:0e:0f:d2:91:12:96:fa:3c: e3:73:d8:98:e4:6e:96:c8:e0:aa:b4:08:61:2f:86:b4:8d:b7: 78:db:f1:00:ba:6c:05:3b:c3:c1:96:7f:df:e2:6d:b3:64:81: a3:e7:5e:f9:f7:18:fe:d3:fe:2a:a2:8d:4f:d5:be:18:30:2a: 8f:eb:78:d5:4b:3f:b4:0c:09:1e:cd:fc:36:5f:43:e3:cd:32: 23:cb:f5:c7:d7:35:69:1f:3d:f0:0c:e1:86:bb:27:94:80:c4: 2f:b9:e7:b5:94:ba:72:95:5c:e2:96:6c:bf:de:5a:f5:61:60: e5:f9:34:84:90:a6:32:f4:e8:9d:71:6c:98:d0:01:bf:3c:9d: 0b:18:a5:cc:a8:ae:df:55:4c:59:2d:95:51:b0:3c:a0:0a:a8: a8:23:0c:d4 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJbZNP3WatNSqmPGu9oXWqqLzvVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwNloX DTI3MDEwNzExMDAwNlowMzExMC8GA1UEAxMoRjA4RTg1MzRCRDk2REJBQTg1NDNC OTFFNTIzMTQ4QjlEQkJGRkQ5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7PzihWIsBqFSgfsFDbHvN3W6eHcJ84chKYDILamLdZJjJmqAyRmlwOir/n x5A2oZPcd+EvHJG2vv65AX8Z/QJ38jK4d2doR3V8nvGbD0VL32bDPJfSlZsO3Gzq ASwKgf+AW0pdgUEEpZuaivHJxbHzuXgqBVf4Tvld395jfbrVJW62PEWWOqXMXMlS tXZIkoDE4HrEWK53UuBQBTGxcKV/g/7iQwYo6AAM6NiE/lUE7FXNNON1OFRz9sdm pdFomsLtn6Y98bHyxZGMGlLcsrLa2zFcbdUdl1mgZFve/vcV4MKpM9I7YRvxK5un sLGrRS/E9Pttf9mDSATrVJ5kRXECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTwjoU0 vZbbqoVDuR5SMUi527/9mTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM3NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PQDANBgkqhkiG9w0BAQsFAAOCAQEAlzKJsFiqtu5e4je4Ju46 yjFi5vCH72hYHzobRUn+MIV4LrLzAyJD1ImEzoNS1EAquL2OCpNMWKZGjM7o9Pxc Kbu8NjD8Fay7WC42wIDQMvhIE0NUT6DqrcziDVLuzEdLGxJmMQ4P0pESlvo843PY mORulsjgqrQIYS+GtI23eNvxALpsBTvDwZZ/3+Jts2SBo+de+fcY/tP+KqKNT9W+ GDAqj+t41Us/tAwJHs38Nl9D480yI8v1x9c1aR898AzhhrsnlIDEL7nntZS6cpVc 4pZsv95a9WFg5fk0hJCmMvTonXFsmNABvzydCxilzKiu31VMWS2VUbA8oAqoqCMM 1A== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:57 2026 by rpki-client