$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa File: AS152839.roa (raw, json) Hash identifier: KVecmZ126ZUxgn3t86HqZM7sTQrKXKmAVVtb2qPZtmM= Subject key identifier: 32:2D:07:7A:A7:30:CF:60:86:B4:D0:DB:02:A6:89:F8:C7:16:4D:BF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7F1AC3B7C39FB064182A1EE6C9E3A27B7C57E8A4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa Signing time: Thu 08 Jan 2026 11:00:08 +0000 ROA not before: Thu 08 Jan 2026 10:55:08 +0000 ROA not after: Thu 07 Jan 2027 11:00:08 +0000 asID: 152839 IP address blocks: 160.22.240.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:1a:c3:b7:c3:9f:b0:64:18:2a:1e:e6:c9:e3:a2:7b:7c:57:e8:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:08 2026 GMT Not After : Jan 7 11:00:08 2027 GMT Subject: CN=322D077AA730CF6086B4D0DB02A689F8C7164DBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:9e:6e:ed:b4:c6:ab:4e:f0:6f:ac:cf:72:58: 3c:15:9f:81:5b:63:2d:c9:d3:9f:70:d0:d1:83:0d: 26:57:b8:9f:77:ee:fc:48:d8:82:ca:e0:f5:93:9e: 94:37:6f:b6:2c:cf:78:5d:cd:86:58:89:bc:98:ce: 64:f3:b4:ce:97:cb:68:74:0a:7e:36:a0:63:19:2a: ee:a3:c6:aa:f9:5e:45:df:c2:d9:19:dd:10:30:73: b4:d0:2e:f4:85:b5:83:34:5f:1a:64:b2:8e:29:a2: b3:56:f0:f6:a8:a4:93:51:4b:4d:9e:12:6a:cc:43: 8b:9e:ef:b4:a1:18:aa:27:11:b5:a7:26:c3:25:ee: c9:c2:51:ce:39:23:83:c2:82:6b:f3:3e:19:ca:f1: 5e:72:4e:2d:48:31:30:c4:c0:62:74:9e:dd:ac:14: 5e:97:1b:25:ea:28:8f:ae:a8:48:17:1b:53:e7:f0: 1b:3d:00:f2:7b:7a:6b:68:a0:b3:84:95:f7:af:fd: cc:f9:86:f7:ab:91:e9:78:e9:35:8a:c7:63:c3:a5: d3:b0:f3:1e:84:de:a5:10:72:30:a0:e5:3c:e5:d3: d1:5c:5e:b2:cf:aa:c8:27:c2:d2:6d:26:80:0c:54: 99:57:76:c8:f9:cd:3b:72:06:34:d9:e9:a7:27:77: ff:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:2D:07:7A:A7:30:CF:60:86:B4:D0:DB:02:A6:89:F8:C7:16:4D:BF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.240.0/23 Signature Algorithm: sha256WithRSAEncryption 96:21:76:c2:ba:2d:9f:5e:0f:da:38:cd:ca:3f:64:f8:bd:b1: 9c:56:85:4c:4a:0c:7c:82:aa:44:b1:6b:4e:e9:51:11:57:f4: f5:de:bc:8c:5a:55:26:b5:c3:0b:de:c3:04:b0:1f:ec:6d:f5: 17:de:b4:b2:13:57:00:7a:d2:7b:06:88:00:cc:22:a9:07:e6: 73:9c:a2:e1:1a:32:59:b9:35:a1:ce:3a:c7:80:3b:4e:37:ce: e1:49:db:23:55:c3:54:cf:9f:23:f6:aa:df:d2:eb:e8:32:97: 17:fa:1d:4d:47:0d:57:fc:e1:61:b7:46:b1:a1:21:e3:a5:61: 0b:c2:69:db:21:17:80:89:39:11:14:44:48:9a:2d:da:77:4c: c0:ee:f2:83:47:72:c4:97:8c:e2:5d:47:bf:a0:d6:3e:ee:38: a9:95:70:aa:7c:88:7b:e0:8e:9a:b6:80:c2:29:e3:79:e5:cf: 28:49:3d:43:ed:35:81:03:73:2c:9b:22:ff:a4:64:41:4a:af: 09:9b:3f:29:ba:2f:f5:3b:12:9c:f3:c5:8b:cc:ef:46:99:f7: 78:2d:11:fc:5d:a6:fa:6f:ee:d7:79:30:32:58:a1:b9:24:d4: 85:e2:d1:c5:99:3e:c4:fa:03:69:cd:47:f2:bf:54:17:63:1e: 4b:d6:6d:0f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUfxrDt8OfsGQYKh7myeOie3xX6KQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwOFoX DTI3MDEwNzExMDAwOFowMzExMC8GA1UEAxMoMzIyRDA3N0FBNzMwQ0Y2MDg2QjRE MERCMDJBNjg5RjhDNzE2NERCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmebu20xqtO8G+sz3JYPBWfgVtjLcnTn3DQ0YMNJle4n3fu/EjYgsrg9ZOe lDdvtizPeF3NhliJvJjOZPO0zpfLaHQKfjagYxkq7qPGqvleRd/C2RndEDBztNAu 9IW1gzRfGmSyjimis1bw9qikk1FLTZ4SasxDi57vtKEYqicRtacmwyXuycJRzjkj g8KCa/M+GcrxXnJOLUgxMMTAYnSe3awUXpcbJeooj66oSBcbU+fwGz0A8nt6a2ig s4SV96/9zPmG96uR6XjpNYrHY8Ol07DzHoTepRByMKDlPOXT0Vxess+qyCfC0m0m gAxUmVd2yPnNO3IGNNnppyd3/7kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQyLQd6 pzDPYIa00NsCpon4xxZNvzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgzOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW8DANBgkqhkiG9w0BAQsFAAOCAQEAliF2wrotn14P2jjNyj9k +L2xnFaFTEoMfIKqRLFrTulREVf09d68jFpVJrXDC97DBLAf7G31F960shNXAHrS ewaIAMwiqQfmc5yi4RoyWbk1oc46x4A7TjfO4UnbI1XDVM+fI/aq39Lr6DKXF/od TUcNV/zhYbdGsaEh46VhC8Jp2yEXgIk5ERRESJot2ndMwO7yg0dyxJeM4l1Hv6DW Pu44qZVwqnyIe+COmraAwinjeeXPKEk9Q+01gQNzLJsi/6RkQUqvCZs/Kbov9TsS nPPFi8zvRpn3eC0R/F2m+m/u13kwMlihuSTUheLRxZk+xPoDac1H8r9UF2MeS9Zt Dw== -----END CERTIFICATE-----Generated at Mon Mar 2 12:59:54 2026 by rpki-client