$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa File: AS152389.roa (raw, json) Hash identifier: EeXMzcL8bPOazF9SFT910BJ7Koj0fUNUmYFLZR9f+Bc= Subject key identifier: 2C:B0:78:9F:F7:66:12:76:C5:6A:BF:B3:00:55:72:44:21:DF:AE:96 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7A76825BE627B649F68ED13278D41C97CE21E199 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa Signing time: Thu 08 Jan 2026 11:00:05 +0000 ROA not before: Thu 08 Jan 2026 10:55:05 +0000 ROA not after: Thu 07 Jan 2027 11:00:05 +0000 asID: 152389 IP address blocks: 157.15.216.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:76:82:5b:e6:27:b6:49:f6:8e:d1:32:78:d4:1c:97:ce:21:e1:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:05 2026 GMT Not After : Jan 7 11:00:05 2027 GMT Subject: CN=2CB0789FF7661276C56ABFB30055724421DFAE96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:50:4f:f2:e2:31:1c:32:28:32:db:df:77:6e: 1d:26:64:8f:71:d3:1b:72:8f:ab:ce:bb:06:b2:ba: 7f:c7:41:f3:7f:c9:72:b7:71:95:1f:ef:ed:35:1e: 8f:db:1a:47:6e:89:7e:dc:f0:5d:60:fc:83:10:c9: 0a:fb:b3:24:43:49:2c:45:20:da:b1:f0:b3:73:4b: 90:5d:9b:f8:28:6e:6c:55:64:81:bd:d7:1f:01:a7: 00:64:13:25:dc:f9:40:ef:bf:36:6d:18:38:ed:19: 63:8b:6a:77:6c:54:cc:5a:64:4d:1c:5e:0b:7c:60: 24:08:3c:04:f5:83:22:4c:1b:12:a9:85:a2:92:86: dd:8b:f0:5e:9a:6b:a3:81:68:e9:ea:4c:7c:e1:b8: 1b:eb:fd:68:cc:80:6a:8b:21:9e:12:1b:fb:40:21: 06:66:7e:62:04:34:3d:52:ae:d2:63:8f:86:0e:e3: 9e:4d:79:1d:28:c2:0d:f4:05:d3:2a:fa:b2:5e:db: cd:21:6d:09:f6:e9:f2:1d:8b:25:1a:2a:0d:79:e8: 4d:98:94:59:8c:b4:4d:57:ab:5f:8b:cc:73:cd:89: 40:80:d3:87:a8:4b:6e:56:96:fd:9a:9c:23:e4:25: e6:f3:34:62:8c:a0:1b:4b:4f:d2:00:69:34:1a:60: 33:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:B0:78:9F:F7:66:12:76:C5:6A:BF:B3:00:55:72:44:21:DF:AE:96 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.216.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:c3:7c:fb:9d:36:3c:20:95:5a:a6:a4:9c:ca:23:a6:74:3a: 85:89:7d:f6:f0:21:c0:e7:67:f4:24:9b:04:30:3c:02:60:91: 6f:ae:0d:99:7a:12:75:8e:09:dc:82:3e:f7:9f:34:2d:9f:80: 36:4c:ed:6d:08:80:f3:58:17:3d:41:39:f4:f9:e0:a5:7a:91: 73:57:8c:69:77:52:2e:2a:02:9b:42:01:80:13:c1:75:a5:a4: 6e:b1:8a:e9:92:1d:33:08:9c:ec:f3:7f:a4:04:8d:1b:21:cd: e7:a6:7c:e1:9e:58:25:39:2a:3b:4a:42:d8:b2:19:88:62:17: 56:bf:61:08:8b:3e:eb:c2:b4:a8:bf:e5:2c:69:01:0d:50:5d: 0b:a3:77:55:fe:26:80:d1:5f:c0:9f:16:6f:8f:23:7f:31:13: 96:a9:68:32:ca:e4:de:eb:d9:6e:60:56:44:a4:08:17:62:34: d6:fc:41:2b:d9:8d:02:cc:48:3d:d3:78:ae:14:c2:18:02:08: 41:4f:77:e7:61:66:a1:91:fd:f5:08:84:f7:ec:59:89:dd:8a: a3:5b:d5:95:b4:92:73:f9:32:7a:24:4a:5a:0b:96:43:a5:66: 73:e5:30:cc:98:ac:17:dc:4e:48:da:77:0b:11:1e:7d:fb:29: e0:72:83:06 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUenaCW+Yntkn2jtEyeNQcl84h4ZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwNVoX DTI3MDEwNzExMDAwNVowMzExMC8GA1UEAxMoMkNCMDc4OUZGNzY2MTI3NkM1NkFC RkIzMDA1NTcyNDQyMURGQUU5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVQT/LiMRwyKDLb33duHSZkj3HTG3KPq867BrK6f8dB83/JcrdxlR/v7TUe j9saR26JftzwXWD8gxDJCvuzJENJLEUg2rHws3NLkF2b+ChubFVkgb3XHwGnAGQT Jdz5QO+/Nm0YOO0ZY4tqd2xUzFpkTRxeC3xgJAg8BPWDIkwbEqmFopKG3YvwXppr o4Fo6epMfOG4G+v9aMyAaoshnhIb+0AhBmZ+YgQ0PVKu0mOPhg7jnk15HSjCDfQF 0yr6sl7bzSFtCfbp8h2LJRoqDXnoTZiUWYy0TVerX4vMc82JQIDTh6hLblaW/Zqc I+Ql5vM0YoygG0tP0gBpNBpgMw8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQssHif 92YSdsVqv7MAVXJEId+uljAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0P2DANBgkqhkiG9w0BAQsFAAOCAQEAH8N8+502PCCVWqaknMoj pnQ6hYl99vAhwOdn9CSbBDA8AmCRb64NmXoSdY4J3II+9580LZ+ANkztbQiA81gX PUE59PngpXqRc1eMaXdSLioCm0IBgBPBdaWkbrGK6ZIdMwic7PN/pASNGyHN56Z8 4Z5YJTkqO0pC2LIZiGIXVr9hCIs+68K0qL/lLGkBDVBdC6N3Vf4mgNFfwJ8Wb48j fzETlqloMsrk3uvZbmBWRKQIF2I01vxBK9mNAsxIPdN4rhTCGAIIQU9352FmoZH9 9QiE9+xZid2Ko1vVlbSSc/kyeiRKWguWQ6Vmc+UwzJisF9xOSNp3CxEeffsp4HKD Bg== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:59 2026 by rpki-client