$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa File: AS152378.roa (raw, json) Hash identifier: jFvQhuDM1HvZiWvLzN+FMPmSrT4YfJbNoPHhB13P3gU= Subject key identifier: CE:26:4C:A4:40:CF:8A:86:6B:18:77:4B:F1:94:73:D7:81:3B:02:C2 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 481BDAED7FCC7D6397917BBF8AC1ACF160F80B9C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa Signing time: Thu 06 Feb 2025 10:44:53 +0000 ROA not before: Thu 06 Feb 2025 10:39:53 +0000 ROA not after: Thu 05 Feb 2026 10:44:53 +0000 asID: 152378 IP address blocks: 157.15.214.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 10:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:1b:da:ed:7f:cc:7d:63:97:91:7b:bf:8a:c1:ac:f1:60:f8:0b:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:53 2025 GMT Not After : Feb 5 10:44:53 2026 GMT Subject: CN=CE264CA440CF8A866B18774BF19473D7813B02C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:71:6d:40:7e:39:2e:4f:70:3f:6f:f7:bf:91: 53:e8:80:ab:35:ab:0e:80:f9:93:f9:52:dd:58:29: dd:e2:ad:1c:07:04:3e:31:39:dc:a7:78:be:fa:e2: a1:7a:52:60:d6:a6:7f:7d:ec:98:ed:1a:94:38:40: 45:36:4f:ec:45:de:93:7f:a6:b7:d9:62:be:71:7f: fa:8c:87:0e:9e:dd:f7:1d:20:1c:38:28:9b:62:2a: be:a9:43:08:71:35:e9:52:7c:28:c4:20:63:12:fa: 40:3f:38:b9:d0:90:67:63:80:f5:cb:b1:14:3c:41: 11:a8:2e:dc:08:bb:1b:ed:48:1c:de:20:d0:2e:c3: 5a:39:54:92:fb:97:ef:f3:bb:87:7c:f7:c2:57:d9: 6b:53:95:7d:ed:85:3a:2b:18:be:97:65:e8:4b:15: e8:0c:92:71:36:12:cc:c4:a8:57:15:19:1e:19:58: e5:f6:cc:e0:32:9d:a2:ef:a3:c7:ac:d7:d0:1f:5d: 4f:5f:b9:d1:45:82:a3:48:9b:9c:60:ab:eb:85:8a: af:b5:e3:5d:b3:13:e9:ba:90:a1:0b:45:ea:54:ac: cd:a0:3d:69:9d:d9:a2:3f:03:d7:e8:5e:e7:93:95: 42:70:c5:df:33:68:54:4b:72:a5:51:29:e4:be:a3: c0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:26:4C:A4:40:CF:8A:86:6B:18:77:4B:F1:94:73:D7:81:3B:02:C2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.214.0/23 Signature Algorithm: sha256WithRSAEncryption 39:83:17:7f:93:ef:ac:0b:e8:35:99:75:ef:f9:a1:3c:5e:05: 25:17:c1:8c:d2:ea:82:f9:32:28:5c:a6:d5:7e:7b:2f:69:5a: b1:17:c6:b7:16:83:51:59:f1:90:43:4d:bd:97:26:12:a9:17: d7:30:db:f7:f2:a4:d8:8e:5f:62:b8:a5:0f:2a:1d:43:3c:62: f5:87:0c:9a:bb:0e:10:36:52:97:40:97:4d:6f:6b:01:5c:a7: da:06:08:05:fd:6c:d2:02:20:c2:ea:5f:4a:a4:fb:cc:60:b0: 87:09:78:f3:bf:01:33:fa:46:0f:5b:1b:53:87:ba:31:b5:fd: 44:ce:62:a7:9c:8e:0a:1f:f8:2f:9e:9c:50:1e:79:49:94:6e: 7b:d1:5b:58:2e:07:ff:d7:fb:6e:02:df:d1:e7:ae:bb:60:26: 78:79:9d:32:dd:d0:5e:28:cf:23:8b:e6:f6:50:87:9e:c0:cd: fe:d0:d6:3b:38:4e:65:e3:89:3d:c5:6d:67:e6:56:fd:bb:8a: 40:83:b7:4b:ca:e1:dd:52:de:04:49:f9:6d:05:eb:14:c7:c4: 5e:bd:ea:f9:19:2b:73:dc:96:1a:89:7d:f5:a0:68:a5:3d:83: 5c:7b:d4:a7:85:01:ee:10:36:05:14:93:dd:bd:28:2d:3d:5e: a3:23:be:1a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUSBva7X/MfWOXkXu/isGs8WD4C5wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoQ0UyNjRDQTQ0MENGOEE4NjZCMTg3 NzRCRjE5NDczRDc4MTNCMDJDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1xbUB+OS5PcD9v97+RU+iAqzWrDoD5k/lS3Vgp3eKtHAcEPjE53Kd4vvri oXpSYNamf33smO0alDhARTZP7EXek3+mt9livnF/+oyHDp7d9x0gHDgom2IqvqlD CHE16VJ8KMQgYxL6QD84udCQZ2OA9cuxFDxBEagu3Ai7G+1IHN4g0C7DWjlUkvuX 7/O7h3z3wlfZa1OVfe2FOisYvpdl6EsV6AyScTYSzMSoVxUZHhlY5fbM4DKdou+j x6zX0B9dT1+50UWCo0ibnGCr64WKr7XjXbMT6bqQoQtF6lSszaA9aZ3Zoj8D1+he 55OVQnDF3zNoVEtypVEp5L6jwJkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTOJkyk QM+KhmsYd0vxlHPXgTsCwjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM3OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0P1jANBgkqhkiG9w0BAQsFAAOCAQEAOYMXf5PvrAvoNZl17/mh PF4FJRfBjNLqgvkyKFym1X57L2lasRfGtxaDUVnxkENNvZcmEqkX1zDb9/Kk2I5f YrilDyodQzxi9YcMmrsOEDZSl0CXTW9rAVyn2gYIBf1s0gIgwupfSqT7zGCwhwl4 878BM/pGD1sbU4e6MbX9RM5ip5yOCh/4L56cUB55SZRue9FbWC4H/9f7bgLf0eeu u2AmeHmdMt3QXijPI4vm9lCHnsDN/tDWOzhOZeOJPcVtZ+ZW/buKQIO3S8rh3VLe BEn5bQXrFMfEXr3q+Rkrc9yWGol99aBopT2DXHvUp4UB7hA2BRST3b0oLT1eoyO+ Gg== -----END CERTIFICATE-----Generated at Wed Nov 5 11:32:26 2025 by rpki-client