$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa File: AS152827.roa (raw, json) Hash identifier: mFCOjhW/3G0VGI8yusx5dWY/lf/z4JTq+g9eqLAXyEM= Subject key identifier: 42:94:35:FF:57:28:79:A0:7B:88:43:AB:16:DF:98:7B:69:C0:D0:AE Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2ECAA68C90B648D85EF904E8462AC7CD81A0E9C2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa Signing time: Thu 08 Jan 2026 11:00:02 +0000 ROA not before: Thu 08 Jan 2026 10:55:02 +0000 ROA not after: Thu 07 Jan 2027 11:00:02 +0000 asID: 152827 IP address blocks: 160.22.242.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:ca:a6:8c:90:b6:48:d8:5e:f9:04:e8:46:2a:c7:cd:81:a0:e9:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:02 2026 GMT Not After : Jan 7 11:00:02 2027 GMT Subject: CN=429435FF572879A07B8843AB16DF987B69C0D0AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:30:81:23:99:1a:6b:bd:e2:dd:f1:90:65:6a: de:a3:47:93:02:bb:6c:36:da:83:98:40:a3:f7:4f: 7b:01:17:3e:41:51:e2:c5:ed:4f:c0:7b:95:55:83: f4:77:c6:be:16:f8:dc:19:4f:3f:48:32:e2:44:a9: 35:f2:4a:19:9e:f9:2b:d3:02:be:2d:b5:25:44:08: 38:89:29:b2:13:ed:a6:06:d4:b4:32:75:9d:6d:70: 55:41:4c:86:cf:aa:73:7f:df:cb:53:8a:2a:aa:77: 95:6f:86:a7:1a:0e:18:94:fc:9f:0a:92:66:ae:24: 38:05:41:ca:9c:03:44:4e:1b:4d:1f:21:a7:ea:24: a5:48:07:b6:68:65:18:22:5b:b8:f0:60:3d:e3:a7: 91:ea:d2:90:8a:f7:50:73:92:6d:6e:34:61:28:00: dc:f5:ba:78:97:7f:91:99:9f:07:15:78:39:1b:40: 4b:18:4b:0a:fd:ad:de:af:ab:b3:06:5c:5c:a9:0f: 8b:45:3a:7c:ba:88:5d:e4:c9:e8:d4:85:f0:8e:5a: 17:0c:04:0d:ee:de:65:71:d7:33:19:b6:a3:55:7c: 7b:b7:da:40:1a:3b:26:6b:3a:4f:d8:5c:4d:75:42: a5:dc:09:5b:80:05:d4:da:7d:27:6b:f9:d5:c0:58: 80:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:94:35:FF:57:28:79:A0:7B:88:43:AB:16:DF:98:7B:69:C0:D0:AE X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.242.0/23 Signature Algorithm: sha256WithRSAEncryption 8d:e3:e0:3f:86:dd:12:44:7c:b8:34:63:31:40:70:74:6a:32: 01:e2:6c:f1:76:25:5c:79:86:4f:d5:99:0c:9d:8b:d8:33:1d: 64:db:ac:1d:ef:bd:96:6b:b4:09:11:d9:44:0f:4e:4c:8f:42: f5:29:c7:3e:5c:3b:35:76:b0:80:e1:06:05:e2:ad:37:52:89: 9d:20:ba:01:b6:28:4e:39:6d:23:8a:58:86:be:4b:30:13:73: 8c:25:ec:b8:5e:22:ad:0a:0a:9a:88:4b:56:7d:ba:cd:ee:67: c7:2d:dc:30:d8:42:24:17:b0:44:6d:9b:ad:0e:d4:0a:74:fd: 38:4c:ff:6d:86:4f:1d:07:4b:68:03:5c:1a:67:9d:83:e7:b6: 1a:51:ed:aa:d2:25:9f:d4:e4:2e:fd:54:17:4e:1c:de:02:dc: fc:58:0d:63:80:81:bc:80:fe:19:0a:b7:26:cc:99:a3:86:70: 7f:67:ca:9a:dd:10:6d:01:a1:6f:1a:5c:a9:82:1b:fb:eb:6d: 56:7f:c3:48:64:ab:02:ee:59:6a:18:66:ae:b4:9f:bc:22:3a: ce:45:c9:e6:46:fa:32:22:d4:af:06:f7:91:91:26:20:1c:d6: c4:f4:1b:63:be:81:60:7e:98:3e:23:4d:62:a9:26:1a:6f:71: d0:94:a6:b9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULsqmjJC2SNhe+QToRirHzYGg6cIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMloX DTI3MDEwNzExMDAwMlowMzExMC8GA1UEAxMoNDI5NDM1RkY1NzI4NzlBMDdCODg0 M0FCMTZERjk4N0I2OUMwRDBBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwwgSOZGmu94t3xkGVq3qNHkwK7bDbag5hAo/dPewEXPkFR4sXtT8B7lVWD 9HfGvhb43BlPP0gy4kSpNfJKGZ75K9MCvi21JUQIOIkpshPtpgbUtDJ1nW1wVUFM hs+qc3/fy1OKKqp3lW+GpxoOGJT8nwqSZq4kOAVBypwDRE4bTR8hp+okpUgHtmhl GCJbuPBgPeOnkerSkIr3UHOSbW40YSgA3PW6eJd/kZmfBxV4ORtASxhLCv2t3q+r swZcXKkPi0U6fLqIXeTJ6NSF8I5aFwwEDe7eZXHXMxm2o1V8e7faQBo7Jms6T9hc TXVCpdwJW4AF1Np9J2v51cBYgL8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRClDX/ Vyh5oHuIQ6sW35h7acDQrjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgyNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW8jANBgkqhkiG9w0BAQsFAAOCAQEAjePgP4bdEkR8uDRjMUBw dGoyAeJs8XYlXHmGT9WZDJ2L2DMdZNusHe+9lmu0CRHZRA9OTI9C9SnHPlw7NXaw gOEGBeKtN1KJnSC6AbYoTjltI4pYhr5LMBNzjCXsuF4irQoKmohLVn26ze5nxy3c MNhCJBewRG2brQ7UCnT9OEz/bYZPHQdLaANcGmedg+e2GlHtqtIln9TkLv1UF04c 3gLc/FgNY4CBvID+GQq3JsyZo4Zwf2fKmt0QbQGhbxpcqYIb++ttVn/DSGSrAu5Z ahhmrrSfvCI6zkXJ5kb6MiLUrwb3kZEmIBzWxPQbY76BYH6YPiNNYqkmGm9x0JSm uQ== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:52 2026 by rpki-client