$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152383.roa File: AS152383.roa (raw, json) Hash identifier: SqUTKWxE+jWiNUGwiCwv25HMWXwHrCP5yUOWvwr3Luc= Subject key identifier: 37:EF:3F:BA:9A:8B:AE:D3:A6:EA:73:4A:D2:16:F5:39:9F:8C:0E:D6 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 07BF225EE21E57CC211C77ACE1F796DF261E7E27 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152383.roa Signing time: Thu 08 Jan 2026 11:00:03 +0000 ROA not before: Thu 08 Jan 2026 10:55:03 +0000 ROA not after: Thu 07 Jan 2027 11:00:03 +0000 asID: 152383 IP address blocks: 157.15.172.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:bf:22:5e:e2:1e:57:cc:21:1c:77:ac:e1:f7:96:df:26:1e:7e:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:03 2026 GMT Not After : Jan 7 11:00:03 2027 GMT Subject: CN=37EF3FBA9A8BAED3A6EA734AD216F5399F8C0ED6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e3:ea:b1:4d:31:63:1a:4b:7f:45:b6:01:7c: d4:c5:06:c1:6a:d7:fa:72:c2:32:8f:64:87:51:41: 45:7c:79:b3:18:3d:3e:bc:57:31:89:02:54:5d:d3: c1:43:d2:5a:67:34:b2:a9:0c:82:c2:37:c5:3a:43: 79:cf:f4:0e:ac:45:af:85:3b:ae:2d:77:d7:7a:60: 39:2e:76:22:6a:01:87:3c:33:14:2b:70:e5:91:63: 6f:97:d4:d9:8a:de:de:5c:ec:ee:e7:11:57:6c:f0: 7e:29:43:d6:b8:83:6c:58:c4:58:90:b8:74:13:01: 22:31:98:1a:19:be:89:ca:d8:1d:68:4c:cf:8e:27: f7:fe:36:14:36:85:2a:7f:e8:5c:8c:f5:ba:7f:dc: 57:ee:d0:e3:b7:a4:68:be:ae:c8:73:de:08:9b:68: 19:c6:c1:2a:bc:bb:b7:26:71:62:50:17:c3:bd:6c: b1:5d:f7:bc:a9:d8:b0:2a:a8:d6:fd:a0:3a:9f:73: 4b:72:6c:22:7c:da:3b:42:2f:47:0b:bf:b8:56:75: 65:a4:64:5c:dc:96:2b:62:b8:9a:bd:bc:58:10:81: 1c:43:79:d0:d1:2a:65:a1:b2:ca:02:bd:a2:71:6c: d1:d9:30:5d:b7:33:5b:0e:d5:08:d2:f2:a5:6f:14: a7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:EF:3F:BA:9A:8B:AE:D3:A6:EA:73:4A:D2:16:F5:39:9F:8C:0E:D6 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152383.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.172.0/23 Signature Algorithm: sha256WithRSAEncryption 88:6e:8c:1d:8f:aa:7d:3a:1f:4c:b5:a9:3d:c4:19:42:bf:00: 5a:85:22:15:00:53:1c:07:a5:22:f1:4e:c0:7e:55:37:e5:3d: 55:99:7b:38:9c:bc:aa:d7:27:10:16:cd:02:f5:10:61:3b:10: 68:50:6f:4c:18:f2:ec:6c:84:be:c3:b2:be:df:2c:3a:51:7c: c3:3f:b1:75:16:4b:64:76:e7:71:f7:c8:85:18:ea:bd:2b:34: 3a:50:2d:53:f2:dc:01:9b:a8:ef:98:60:63:09:65:f9:e7:e8: b8:9e:a1:5c:10:15:cd:90:02:f4:a9:1d:b6:16:43:34:6a:af: 30:44:b1:b5:65:d6:99:49:bd:b0:62:29:e0:4e:cf:8d:ce:2c: c5:75:8e:25:74:ca:67:82:36:20:9c:d1:11:1a:36:00:c6:7c: 80:0a:3a:3e:a4:9d:f3:c2:e2:6b:fe:25:f3:3f:22:2c:7c:42: f7:b7:f2:f5:16:47:5c:14:49:57:ac:c4:5b:55:38:00:58:03: bc:c6:2e:f9:14:2c:bd:d4:26:e9:19:59:9c:fe:87:54:63:12: 56:0e:8c:e3:56:60:45:68:75:3d:50:e6:d4:a2:6b:05:3f:5c: d5:7f:76:4a:50:dd:fe:ba:cf:fa:f4:34:65:da:a0:26:86:84: 7a:ad:75:e0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUB78iXuIeV8whHHes4feW3yYeficwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwM1oX DTI3MDEwNzExMDAwM1owMzExMC8GA1UEAxMoMzdFRjNGQkE5QThCQUVEM0E2RUE3 MzRBRDIxNkY1Mzk5RjhDMEVENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALTj6rFNMWMaS39FtgF81MUGwWrX+nLCMo9kh1FBRXx5sxg9PrxXMYkCVF3T wUPSWmc0sqkMgsI3xTpDec/0DqxFr4U7ri1313pgOS52ImoBhzwzFCtw5ZFjb5fU 2Yre3lzs7ucRV2zwfilD1riDbFjEWJC4dBMBIjGYGhm+icrYHWhMz44n9/42FDaF Kn/oXIz1un/cV+7Q47ekaL6uyHPeCJtoGcbBKry7tyZxYlAXw71ssV33vKnYsCqo 1v2gOp9zS3JsInzaO0IvRwu/uFZ1ZaRkXNyWK2K4mr28WBCBHEN50NEqZaGyygK9 onFs0dkwXbczWw7VCNLypW8Up1sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ37z+6 mouu06bqc0rSFvU5n4wO1jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PrDANBgkqhkiG9w0BAQsFAAOCAQEAiG6MHY+qfTofTLWpPcQZ Qr8AWoUiFQBTHAelIvFOwH5VN+U9VZl7OJy8qtcnEBbNAvUQYTsQaFBvTBjy7GyE vsOyvt8sOlF8wz+xdRZLZHbncffIhRjqvSs0OlAtU/LcAZuo75hgYwll+efouJ6h XBAVzZAC9KkdthZDNGqvMESxtWXWmUm9sGIp4E7Pjc4sxXWOJXTKZ4I2IJzRERo2 AMZ8gAo6PqSd88Lia/4l8z8iLHxC97fy9RZHXBRJV6zEW1U4AFgDvMYu+RQsvdQm 6RlZnP6HVGMSVg6M41ZgRWh1PVDm1KJrBT9c1X92SlDd/rrP+vQ0ZdqgJoaEeq11 4A== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:59 2026 by rpki-client