$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152380.roa File: AS152380.roa (raw, json) Hash identifier: GE98C/iQPjKTNNpPiSzXXxT9H9vQ22wu9xB4s7EyUm8= Subject key identifier: 78:4E:38:E4:76:5B:E0:C3:2C:DA:25:CF:E3:60:5E:18:25:6B:F8:DD Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 01C45C11617AD8DD3BB1E3E38E734751FD3011AC Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152380.roa Signing time: Thu 08 Jan 2026 11:00:03 +0000 ROA not before: Thu 08 Jan 2026 10:55:03 +0000 ROA not after: Thu 07 Jan 2027 11:00:03 +0000 asID: 152380 IP address blocks: 157.15.168.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:c4:5c:11:61:7a:d8:dd:3b:b1:e3:e3:8e:73:47:51:fd:30:11:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:03 2026 GMT Not After : Jan 7 11:00:03 2027 GMT Subject: CN=784E38E4765BE0C32CDA25CFE3605E18256BF8DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:c8:42:84:9e:75:85:8b:a0:44:dd:ff:96:a1: bd:27:79:4e:28:b8:5b:20:e9:ec:02:0e:a6:2f:53: bf:d0:d3:21:30:b6:c5:a6:42:43:bf:2c:26:e3:3e: df:28:a0:0f:48:40:fc:5a:c8:16:57:55:c1:8f:ad: 27:5a:d8:63:f9:53:cc:f8:ed:99:21:b6:14:bc:5b: 6e:f6:b0:cb:43:de:c1:f7:5d:64:8e:d4:ca:c4:35: fd:50:29:01:1a:a2:f8:f9:fa:79:56:21:df:61:6c: 78:a2:a4:20:fa:42:bb:b4:99:5d:9f:11:6b:73:6d: 11:62:b4:63:2d:2f:ba:1a:c5:44:c5:d4:43:4b:12: 4a:b0:92:74:26:f3:d5:4d:62:85:e6:5b:36:2d:62: 60:48:2c:b5:2a:e2:ca:1b:01:57:aa:7d:1f:9d:b7: c5:37:3d:62:2b:57:7c:e2:df:5e:cf:84:2a:17:40: 64:96:35:e3:12:bb:e5:8c:79:38:cf:d3:bd:01:48: 51:2c:a5:af:89:d8:22:0a:2d:3c:15:1f:37:1b:47: b7:5d:ff:b0:a0:61:d9:d0:4f:59:33:91:85:c4:cc: e9:6e:b4:de:76:5c:4b:01:ed:77:82:4b:2b:09:0a: 88:78:d9:eb:bb:51:9b:9c:3b:65:fc:a3:3b:df:50: 6f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:4E:38:E4:76:5B:E0:C3:2C:DA:25:CF:E3:60:5E:18:25:6B:F8:DD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152380.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.168.0/23 Signature Algorithm: sha256WithRSAEncryption 79:d2:ff:da:c4:78:fb:05:bc:fc:85:bf:7a:c4:11:e2:f4:31: 1e:47:47:9f:61:0d:8f:4e:5a:eb:8d:6d:d3:9b:ce:b1:9c:55: cd:51:7d:75:02:55:9c:69:1f:9e:ac:9d:b4:27:7c:c1:ff:f7: b8:54:3d:e7:b4:e6:d6:06:ed:ea:e5:13:48:f9:02:aa:d9:d2: 27:89:dd:4a:c8:c0:0e:d3:d2:e8:38:d8:c6:1b:01:27:dd:9f: 94:92:f7:36:70:8b:b4:2c:84:0e:d4:86:d8:d6:73:bf:cb:18: dd:3d:f4:d5:d1:36:67:ea:d1:cf:f7:fd:63:9b:dc:02:a9:46: d6:65:04:28:ad:88:53:75:ab:14:30:05:15:d7:94:12:83:fd: dd:a4:2c:23:4f:99:4c:98:35:bc:b7:08:90:e2:f0:2e:b7:a4: 97:5d:b4:56:38:f8:83:57:7a:12:b5:80:ef:4f:d7:cd:bd:65: e7:81:76:05:b7:9d:c4:f2:24:5d:d3:ca:5e:cc:99:86:2c:a2: d2:73:ba:a9:25:d6:57:35:75:47:22:df:b2:94:63:92:64:3b: fe:2b:6b:bf:79:ff:de:02:3c:d8:0e:c9:ac:43:fb:92:60:9a: 5d:23:61:05:dd:6c:51:7f:34:2c:3e:9b:f1:80:be:a2:01:61: 50:1b:71:32 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAcRcEWF62N07sePjjnNHUf0wEawwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwM1oX DTI3MDEwNzExMDAwM1owMzExMC8GA1UEAxMoNzg0RTM4RTQ3NjVCRTBDMzJDREEy NUNGRTM2MDVFMTgyNTZCRjhERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKbIQoSedYWLoETd/5ahvSd5Tii4WyDp7AIOpi9Tv9DTITC2xaZCQ78sJuM+ 3yigD0hA/FrIFldVwY+tJ1rYY/lTzPjtmSG2FLxbbvawy0PewfddZI7UysQ1/VAp ARqi+Pn6eVYh32FseKKkIPpCu7SZXZ8Ra3NtEWK0Yy0vuhrFRMXUQ0sSSrCSdCbz 1U1iheZbNi1iYEgstSriyhsBV6p9H523xTc9YitXfOLfXs+EKhdAZJY14xK75Yx5 OM/TvQFIUSylr4nYIgotPBUfNxtHt13/sKBh2dBPWTORhcTM6W603nZcSwHtd4JL KwkKiHjZ67tRm5w7ZfyjO99Qb9ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR4Tjjk dlvgwyzaJc/jYF4YJWv43TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PqDANBgkqhkiG9w0BAQsFAAOCAQEAedL/2sR4+wW8/IW/esQR 4vQxHkdHn2ENj05a641t05vOsZxVzVF9dQJVnGkfnqydtCd8wf/3uFQ957Tm1gbt 6uUTSPkCqtnSJ4ndSsjADtPS6DjYxhsBJ92flJL3NnCLtCyEDtSG2NZzv8sY3T30 1dE2Z+rRz/f9Y5vcAqlG1mUEKK2IU3WrFDAFFdeUEoP93aQsI0+ZTJg1vLcIkOLw Lrekl120Vjj4g1d6ErWA70/Xzb1l54F2BbedxPIkXdPKXsyZhiyi0nO6qSXWVzV1 RyLfspRjkmQ7/itrv3n/3gI82A7JrEP7kmCaXSNhBd1sUX80LD6b8YC+ogFhUBtx Mg== -----END CERTIFICATE-----Generated at Mon Mar 2 07:56:02 2026 by rpki-client