$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa File: AS152829.roa (raw, json) Hash identifier: HiSwtpBz/cMq6oFEFu4cXAvWs9WTLx7B0hiFxWxFoQE= Subject key identifier: 86:5C:3C:A5:79:FB:31:2F:B6:59:DF:A8:9E:52:20:4E:79:23:79:E6 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 74BEB866729DE82FD35760DD62B843041265CBAF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa Signing time: Thu 08 Jan 2026 11:00:02 +0000 ROA not before: Thu 08 Jan 2026 10:55:02 +0000 ROA not after: Thu 07 Jan 2027 11:00:02 +0000 asID: 152829 IP address blocks: 160.22.208.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:be:b8:66:72:9d:e8:2f:d3:57:60:dd:62:b8:43:04:12:65:cb:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:02 2026 GMT Not After : Jan 7 11:00:02 2027 GMT Subject: CN=865C3CA579FB312FB659DFA89E52204E792379E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3c:22:87:51:90:93:c2:14:02:f1:02:cf:96: 00:3b:17:95:bc:e4:91:d3:d5:f6:58:d6:54:f4:0e: a2:d1:19:24:c1:28:71:43:d0:f1:0e:a2:df:a1:ac: 50:93:62:3d:cb:26:3d:8e:03:73:ca:4e:a6:12:1c: dc:d0:89:08:e6:19:6a:65:c2:af:77:94:3f:a4:79: b9:8e:bc:2a:90:0e:07:72:b0:2d:39:02:5d:2b:0a: cc:38:5d:28:de:a5:1c:43:93:c5:62:2d:03:83:cd: b8:03:45:89:54:02:0b:b7:15:ad:74:73:f1:a1:fb: 0d:4b:dd:e3:ca:af:92:37:43:ff:8b:7e:ef:04:c2: 7e:f3:df:63:9e:fd:4c:09:92:74:3f:1a:d8:2c:43: 68:c3:9d:44:ea:f2:f2:6d:36:ee:09:79:12:50:e6: 03:84:a9:8d:53:16:3f:51:45:7f:2d:99:31:9f:2f: 2f:fd:ab:91:e9:f2:f1:2f:f1:98:7a:bd:1c:e5:eb: db:f8:dc:b0:6a:0e:6b:3c:1f:48:2c:41:e6:70:6b: c4:aa:53:af:6e:f1:f9:1d:e0:83:5b:e0:e9:46:97: 31:a5:43:c8:60:8b:53:f8:b8:38:0c:77:3e:98:70: a1:15:17:86:23:0c:d9:01:8a:74:8b:69:75:ed:d9: 88:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:5C:3C:A5:79:FB:31:2F:B6:59:DF:A8:9E:52:20:4E:79:23:79:E6 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.208.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:39:c4:5e:4b:64:4f:d5:87:63:ef:08:19:2b:8e:70:3b:1e: 2c:a1:2d:7a:1f:0b:e6:e7:1f:73:5a:35:aa:f6:85:f0:a0:0f: 08:aa:68:c7:fb:70:c6:87:d4:7e:06:ae:89:a4:83:91:42:30: ad:6f:ee:70:a6:42:49:1e:29:23:8d:5e:18:0f:31:e9:72:90: 1a:2f:6a:e1:85:ff:6c:8d:39:e0:e4:5e:93:77:da:32:ea:ad: c4:95:25:5f:0d:a8:50:c3:8d:2a:6d:a2:b3:14:f3:6a:18:19: 81:a1:a1:64:36:bc:30:34:5f:0d:dd:be:a6:29:d8:f6:99:e5: 77:75:b0:06:ae:06:68:6a:75:24:83:ea:87:94:3c:c0:86:ff: 04:18:59:3a:2d:2b:1b:ff:4f:f6:aa:ab:92:2a:34:19:bd:bd: e7:a1:67:25:f3:0e:2c:8b:64:14:d7:48:d7:5e:65:1b:9d:03: f5:40:1e:0f:ea:3c:d9:77:b9:35:0e:f0:79:8b:56:75:0e:43: 66:be:b2:d6:36:1b:8d:14:25:2e:7d:2e:a3:e4:5c:03:13:ed: c2:f7:c1:5c:7a:cb:d2:c2:1b:9d:ba:32:e4:32:8e:5a:f3:5e: ff:c2:d4:ac:9a:6f:6a:72:47:a7:91:9c:ec:31:a8:2b:8a:76: 4c:77:7c:53 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUdL64ZnKd6C/TV2DdYrhDBBJly68wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMloX DTI3MDEwNzExMDAwMlowMzExMC8GA1UEAxMoODY1QzNDQTU3OUZCMzEyRkI2NTlE RkE4OUU1MjIwNEU3OTIzNzlFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM48IodRkJPCFALxAs+WADsXlbzkkdPV9ljWVPQOotEZJMEocUPQ8Q6i36Gs UJNiPcsmPY4Dc8pOphIc3NCJCOYZamXCr3eUP6R5uY68KpAOB3KwLTkCXSsKzDhd KN6lHEOTxWItA4PNuANFiVQCC7cVrXRz8aH7DUvd48qvkjdD/4t+7wTCfvPfY579 TAmSdD8a2CxDaMOdROry8m027gl5ElDmA4SpjVMWP1FFfy2ZMZ8vL/2rkeny8S/x mHq9HOXr2/jcsGoOazwfSCxB5nBrxKpTr27x+R3gg1vg6UaXMaVDyGCLU/i4OAx3 PphwoRUXhiMM2QGKdItpde3ZiCMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSGXDyl efsxL7ZZ36ieUiBOeSN55jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgyOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW0DANBgkqhkiG9w0BAQsFAAOCAQEAPznEXktkT9WHY+8IGSuO cDseLKEteh8L5ucfc1o1qvaF8KAPCKpox/twxofUfgauiaSDkUIwrW/ucKZCSR4p I41eGA8x6XKQGi9q4YX/bI054ORek3faMuqtxJUlXw2oUMONKm2isxTzahgZgaGh ZDa8MDRfDd2+pinY9pnld3WwBq4GaGp1JIPqh5Q8wIb/BBhZOi0rG/9P9qqrkio0 Gb2956FnJfMOLItkFNdI115lG50D9UAeD+o82Xe5NQ7weYtWdQ5DZr6y1jYbjRQl Ln0uo+RcAxPtwvfBXHrL0sIbnboy5DKOWvNe/8LUrJpvanJHp5Gc7DGoK4p2THd8 Uw== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:56 2026 by rpki-client