$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152782.roa File: AS152782.roa (raw, json) Hash identifier: q5iEm9Fi6KhmgqlqTq3DMHN6xeq/FpfnaAtFyAwyWuY= Subject key identifier: 57:E0:F7:2F:F4:7A:92:8C:3E:1D:3C:23:EE:10:7F:ED:48:35:19:35 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 36C06F866367792A01E0FBA120EB0C955D5B83D9 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152782.roa Signing time: Thu 08 Jan 2026 11:00:09 +0000 ROA not before: Thu 08 Jan 2026 10:55:09 +0000 ROA not after: Thu 07 Jan 2027 11:00:09 +0000 asID: 152782 IP address blocks: 160.20.138.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:c0:6f:86:63:67:79:2a:01:e0:fb:a1:20:eb:0c:95:5d:5b:83:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:09 2026 GMT Not After : Jan 7 11:00:09 2027 GMT Subject: CN=57E0F72FF47A928C3E1D3C23EE107FED48351935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:35:94:41:b7:e1:df:29:66:1a:a8:75:6f:89: 0d:94:8f:97:34:df:9f:3f:b8:74:73:86:cf:64:33: be:d1:1e:d4:82:25:00:45:c7:02:bf:8c:09:98:94: b4:4c:c6:7b:fd:f5:c7:24:dd:24:3e:f9:98:b8:ad: 97:6d:83:9f:a8:45:6f:95:d1:b8:d0:14:31:71:a0: d6:c9:42:6e:62:0b:d9:7d:4c:cf:b4:1a:f0:e6:e7: 44:91:b7:a9:a7:71:dd:57:9a:c6:9e:bf:2f:b5:c5: e5:e9:91:1b:c2:02:50:79:ee:23:af:70:ff:fe:66: 71:ac:f4:81:5a:a7:4d:94:36:e9:86:c2:17:91:11: 42:ae:6f:d3:e3:6e:ae:09:c5:62:e1:58:a1:a6:25: 1b:1d:c2:f2:41:87:82:9a:a0:52:ad:d9:15:63:8a: 5e:b5:60:d7:b2:37:f6:73:11:c2:cf:6f:c9:81:ab: e3:e8:45:7d:d5:83:18:df:e2:e5:9c:36:6c:5e:ea: ef:7f:62:7c:48:58:e5:fe:44:84:77:52:b8:e0:ac: 58:51:34:7c:cb:69:53:6f:68:fa:e0:a1:0c:31:da: 83:fb:23:3c:de:f6:da:aa:39:10:ab:57:e1:a0:1b: c8:be:a4:65:a3:a4:29:a8:8c:20:02:7a:4b:22:b9: 96:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:E0:F7:2F:F4:7A:92:8C:3E:1D:3C:23:EE:10:7F:ED:48:35:19:35 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152782.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.138.0/23 Signature Algorithm: sha256WithRSAEncryption 93:c1:1e:d3:b7:f2:ee:c2:0f:4f:86:a7:4b:08:a2:57:8c:23: e7:54:5f:a8:27:94:5c:74:75:e5:ab:0c:a1:d9:0c:05:b8:fa: 9d:3f:57:ee:3c:50:ff:cd:cb:32:41:39:91:a5:7c:37:24:00: c2:49:50:4b:da:4d:e3:d1:b8:68:c7:72:2a:64:38:5d:2b:61: c6:b2:18:7b:98:3e:2d:c8:34:ed:a7:42:d1:4c:26:41:94:62: 43:b5:4c:80:92:97:4c:89:fa:2b:c1:dd:9e:f0:0e:50:4d:e5: ed:2b:af:42:6e:3f:bd:35:e2:d2:7b:56:79:24:bc:ce:50:d1: d8:75:c6:84:bb:fc:d6:db:67:2c:23:25:61:3c:ad:b0:33:59: 4e:ec:d7:0f:47:a2:be:5b:cd:58:94:78:7c:c7:41:59:f6:a7: 67:7b:ad:1c:a1:8d:37:15:dc:93:db:8d:ec:45:50:65:c8:21: 64:07:9d:39:c1:7f:f2:86:1b:15:90:23:8e:24:b6:b7:b6:eb: dc:fb:d0:0c:a5:cf:18:16:b7:61:d3:4b:a6:82:86:20:c9:f1: 91:9c:3a:aa:1f:b6:21:01:2b:c8:f8:82:ae:fe:46:54:ef:aa: fe:aa:4b:e2:0c:d5:fd:a8:5c:38:25:cc:24:4a:60:28:94:f7: 5b:cc:40:64 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNsBvhmNneSoB4PuhIOsMlV1bg9kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOVoX DTI3MDEwNzExMDAwOVowMzExMC8GA1UEAxMoNTdFMEY3MkZGNDdBOTI4QzNFMUQz QzIzRUUxMDdGRUQ0ODM1MTkzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKo1lEG34d8pZhqodW+JDZSPlzTfnz+4dHOGz2QzvtEe1IIlAEXHAr+MCZiU tEzGe/31xyTdJD75mLitl22Dn6hFb5XRuNAUMXGg1slCbmIL2X1Mz7Qa8ObnRJG3 qadx3Veaxp6/L7XF5emRG8ICUHnuI69w//5mcaz0gVqnTZQ26YbCF5ERQq5v0+Nu rgnFYuFYoaYlGx3C8kGHgpqgUq3ZFWOKXrVg17I39nMRws9vyYGr4+hFfdWDGN/i 5Zw2bF7q739ifEhY5f5EhHdSuOCsWFE0fMtpU29o+uChDDHag/sjPN722qo5EKtX 4aAbyL6kZaOkKaiMIAJ6SyK5lj0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRX4Pcv 9HqSjD4dPCPuEH/tSDUZNTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mjc4Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAUijANBgkqhkiG9w0BAQsFAAOCAQEAk8Ee07fy7sIPT4anSwii V4wj51RfqCeUXHR15asModkMBbj6nT9X7jxQ/83LMkE5kaV8NyQAwklQS9pN49G4 aMdyKmQ4XSthxrIYe5g+Lcg07adC0UwmQZRiQ7VMgJKXTIn6K8HdnvAOUE3l7Suv Qm4/vTXi0ntWeSS8zlDR2HXGhLv81ttnLCMlYTytsDNZTuzXD0eivlvNWJR4fMdB WfanZ3utHKGNNxXck9uN7EVQZcghZAedOcF/8oYbFZAjjiS2t7br3PvQDKXPGBa3 YdNLpoKGIMnxkZw6qh+2IQEryPiCrv5GVO+q/qpL4gzV/ahcOCXMJEpgKJT3W8xA ZA== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:49 2026 by rpki-client