$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa File: AS152378.roa (raw, json) Hash identifier: pI4TnVkfB7VEwx9Qe1onfKIHjNa6DFtmSb8Sa0oA0S4= Subject key identifier: 91:BA:9F:94:ED:34:C6:99:2F:66:F9:F5:F5:A0:2F:04:5B:06:E5:5D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 657348B891E580E4D856DDB20E84A02E459F03A5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa Signing time: Thu 08 Jan 2026 11:00:07 +0000 ROA not before: Thu 08 Jan 2026 10:55:07 +0000 ROA not after: Thu 07 Jan 2027 11:00:07 +0000 asID: 152378 IP address blocks: 157.15.214.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:73:48:b8:91:e5:80:e4:d8:56:dd:b2:0e:84:a0:2e:45:9f:03:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:07 2026 GMT Not After : Jan 7 11:00:07 2027 GMT Subject: CN=91BA9F94ED34C6992F66F9F5F5A02F045B06E55D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ea:4d:9a:61:11:07:51:67:47:85:f4:66:e2: c6:16:84:39:5a:a4:e1:8a:a3:8d:b9:32:01:51:06: 5f:f9:65:2c:d2:6c:57:cd:b2:9a:eb:84:89:d4:99: 2c:0e:1c:24:d6:21:0e:d2:a1:95:10:6b:82:a6:d1: 40:b3:a9:ce:a0:3f:c4:7c:ba:fe:06:66:1f:da:85: 03:4c:c9:34:2a:d8:3b:1c:f4:77:c3:f7:a9:cd:6f: bc:f0:ae:6d:75:ea:c7:22:88:19:37:08:fc:a7:c5: 78:f4:24:71:99:71:5b:ed:ae:4f:cd:68:fe:d1:a8: af:e8:6b:0a:ab:00:cb:d5:43:77:15:27:87:70:0f: 20:47:02:24:cc:36:2b:c4:1b:b0:43:5a:e0:6e:e5: fb:9b:48:4a:1c:13:4e:93:b1:fb:be:54:36:30:6a: 7d:7b:fd:7d:43:db:05:de:9d:ff:37:a0:8c:20:e9: 13:94:ac:9e:51:df:33:a3:fb:cc:62:d9:6b:c2:00: 52:a3:e7:36:a0:5b:b9:55:7d:78:fe:a7:6b:55:95: 0a:40:89:71:4f:fa:e5:57:7e:0c:7f:53:bf:03:d2: 27:92:14:c5:03:6c:a5:96:57:ee:77:86:6a:f2:26: e5:6e:8f:2a:11:ce:fc:64:ca:1b:d2:9b:40:65:7b: 9c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:BA:9F:94:ED:34:C6:99:2F:66:F9:F5:F5:A0:2F:04:5B:06:E5:5D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152378.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.214.0/23 Signature Algorithm: sha256WithRSAEncryption 45:cf:3c:be:73:73:0b:43:ac:5d:98:19:15:1b:41:50:23:ab: cd:ac:43:63:c2:f9:3f:b4:d1:c7:f0:da:ef:e0:c8:ab:63:db: 93:fc:91:05:31:4e:21:1a:21:2e:27:26:10:89:e1:15:28:82: 53:a4:61:16:76:3b:d2:ae:91:cb:59:24:9e:99:a9:9b:4f:3e: 5e:ab:fd:43:ea:ca:2e:89:ae:a6:7e:08:3f:9c:00:72:fa:10: 46:3c:f0:fb:fe:f1:2e:a6:0d:3a:43:b6:6a:ac:c3:72:87:02: 94:1c:f5:bc:ea:f7:07:aa:f2:62:ec:c9:64:be:84:67:9c:36: e2:6c:78:77:52:9e:a2:63:59:cd:fa:8c:01:20:f3:48:8d:3a: b3:26:f0:0a:0b:97:67:5c:93:0f:85:3f:50:a3:be:9a:4f:3b: 59:19:b4:aa:f4:ba:a1:ca:5b:80:e3:ee:54:4a:f2:7a:59:f5: f4:7e:a8:17:d2:4f:62:49:36:28:44:8e:3a:90:98:6c:28:6a: fd:fa:3f:0b:58:40:79:f2:35:8a:3c:d6:63:6d:d0:0c:fc:6c: c6:7c:6a:df:4b:8e:9b:4c:c9:71:8c:f1:50:46:43:5e:7a:31: 2c:7b:fb:0c:96:92:b1:51:90:e7:ef:83:f0:46:b2:fd:eb:f7: 17:63:81:68 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUZXNIuJHlgOTYVt2yDoSgLkWfA6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwN1oX DTI3MDEwNzExMDAwN1owMzExMC8GA1UEAxMoOTFCQTlGOTRFRDM0QzY5OTJGNjZG OUY1RjVBMDJGMDQ1QjA2RTU1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALvqTZphEQdRZ0eF9GbixhaEOVqk4YqjjbkyAVEGX/llLNJsV82ymuuEidSZ LA4cJNYhDtKhlRBrgqbRQLOpzqA/xHy6/gZmH9qFA0zJNCrYOxz0d8P3qc1vvPCu bXXqxyKIGTcI/KfFePQkcZlxW+2uT81o/tGor+hrCqsAy9VDdxUnh3APIEcCJMw2 K8QbsENa4G7l+5tIShwTTpOx+75UNjBqfXv9fUPbBd6d/zegjCDpE5SsnlHfM6P7 zGLZa8IAUqPnNqBbuVV9eP6na1WVCkCJcU/65Vd+DH9TvwPSJ5IUxQNspZZX7neG avIm5W6PKhHO/GTKG9KbQGV7nN8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSRup+U 7TTGmS9m+fX1oC8EWwblXTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM3OC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0P1jANBgkqhkiG9w0BAQsFAAOCAQEARc88vnNzC0OsXZgZFRtB UCOrzaxDY8L5P7TRx/Da7+DIq2Pbk/yRBTFOIRohLicmEInhFSiCU6RhFnY70q6R y1kknpmpm08+Xqv9Q+rKLomupn4IP5wAcvoQRjzw+/7xLqYNOkO2aqzDcocClBz1 vOr3B6ryYuzJZL6EZ5w24mx4d1KeomNZzfqMASDzSI06sybwCguXZ1yTD4U/UKO+ mk87WRm0qvS6ocpbgOPuVEryeln19H6oF9JPYkk2KESOOpCYbChq/fo/C1hAefI1 ijzWY23QDPxsxnxq30uOm0zJcYzxUEZDXnoxLHv7DJaSsVGQ5++D8Eay/ev3F2OB aA== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:31 2026 by rpki-client