$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153084.roa File: AS153084.roa (raw, json) Hash identifier: 9qb5eJYQ+3yQI41h6Cj21/QwtEnV5XrM7Eyn3K6tUT0= Subject key identifier: 20:4A:5D:02:99:02:F5:39:A7:2B:0F:4A:08:7B:E6:38:72:A5:91:C4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 116F045D82A28C55380E0D0D757D6F6E4594BCFF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153084.roa Signing time: Thu 08 Jan 2026 11:00:05 +0000 ROA not before: Thu 08 Jan 2026 10:55:05 +0000 ROA not after: Thu 07 Jan 2027 11:00:05 +0000 asID: 153084 IP address blocks: 160.25.56.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:6f:04:5d:82:a2:8c:55:38:0e:0d:0d:75:7d:6f:6e:45:94:bc:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:05 2026 GMT Not After : Jan 7 11:00:05 2027 GMT Subject: CN=204A5D029902F539A72B0F4A087BE63872A591C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:b7:78:85:6c:85:12:cd:52:24:aa:45:cb:b6: 83:23:5d:78:4e:2a:20:1c:d3:21:1b:2b:f1:27:ca: 94:e4:45:bb:56:8c:7c:67:8d:74:c3:af:39:b1:e6: 39:99:4b:30:cf:8c:99:12:0c:e2:ed:6c:57:52:c8: a9:15:87:ef:f5:4c:6c:d9:74:d3:6f:3b:6d:c8:66: b2:dc:fb:1e:fc:53:65:63:fc:fe:37:55:31:c2:c6: 49:45:13:ed:23:be:ae:85:83:fa:ae:f4:a2:ac:f2: ad:41:52:09:95:94:7b:75:a7:a5:53:20:77:09:12: 4c:b5:7b:33:f5:48:0e:04:f6:7f:0c:00:10:7c:b9: 1e:24:4f:dd:f0:41:15:40:0d:7c:ac:29:f6:67:fb: 9a:bf:97:38:6a:d4:15:df:15:b5:3a:b0:2e:37:e0: e0:1f:7a:28:fa:79:fb:2d:db:81:ea:0c:52:bd:e4: 8e:f2:18:f8:63:0b:d6:6e:77:fc:ec:46:c5:aa:e0: 48:61:21:66:54:33:67:10:ff:98:c8:e1:e3:66:3f: e6:cb:b8:38:ea:fe:a9:c6:a9:f6:6c:b6:5d:5b:28: c2:74:ad:a5:b1:12:f6:24:7a:c5:ad:9b:4c:f0:6b: 43:9f:8d:d1:f6:b8:32:a4:f8:26:43:1c:6a:64:3f: 19:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:4A:5D:02:99:02:F5:39:A7:2B:0F:4A:08:7B:E6:38:72:A5:91:C4 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153084.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.56.0/23 Signature Algorithm: sha256WithRSAEncryption 95:22:3e:49:6e:7d:5c:cd:61:28:71:15:95:00:ba:15:94:95: 0b:58:a4:79:9b:04:bf:06:4b:34:3c:50:66:df:13:f0:99:9e: 5e:1e:82:e1:50:40:46:18:23:cb:fb:57:cb:d2:8e:88:fc:48: 71:51:62:14:0e:04:2a:87:bb:f9:20:90:0d:a1:25:f1:e7:e7: fa:64:eb:7c:4a:f3:d6:45:90:9d:a4:0c:57:7b:59:5a:fb:48: 71:7e:b2:68:f9:0c:bb:43:0e:c2:f5:6a:a0:be:dd:00:cd:12: 6a:b9:a6:79:e2:a6:11:84:0a:a0:63:da:54:b1:cd:8c:c6:ac: d8:fd:ec:b7:97:2b:61:3d:fb:ce:cd:6d:ae:51:fb:4f:99:2b: 19:6e:98:2c:b5:83:02:4a:f5:a9:84:60:9b:72:63:a9:29:2d: 0c:70:0b:e2:52:b0:f8:fe:64:c5:1f:07:1c:76:44:ea:a5:ec: 79:ef:ea:91:b8:eb:33:b9:93:96:91:89:7e:ec:2f:88:f1:58: 3f:fe:2c:6d:e0:1f:44:52:23:aa:54:fb:66:ed:b1:73:3d:07: b6:52:37:83:95:28:34:46:ae:b8:36:fa:d5:fe:36:dd:58:e6: 46:4b:d2:1c:73:ed:89:93:82:ec:c7:4b:8c:48:ca:58:44:a9: 8c:02:d6:6c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUEW8EXYKijFU4Dg0NdX1vbkWUvP8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwNVoX DTI3MDEwNzExMDAwNVowMzExMC8GA1UEAxMoMjA0QTVEMDI5OTAyRjUzOUE3MkIw RjRBMDg3QkU2Mzg3MkE1OTFDNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJK3eIVshRLNUiSqRcu2gyNdeE4qIBzTIRsr8SfKlORFu1aMfGeNdMOvObHm OZlLMM+MmRIM4u1sV1LIqRWH7/VMbNl00287bchmstz7HvxTZWP8/jdVMcLGSUUT 7SO+roWD+q70oqzyrUFSCZWUe3WnpVMgdwkSTLV7M/VIDgT2fwwAEHy5HiRP3fBB FUANfKwp9mf7mr+XOGrUFd8VtTqwLjfg4B96KPp5+y3bgeoMUr3kjvIY+GML1m53 /OxGxargSGEhZlQzZxD/mMjh42Y/5su4OOr+qcap9my2XVsownStpbES9iR6xa2b TPBrQ5+N0fa4MqT4JkMcamQ/GRUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQgSl0C mQL1OacrD0oIe+Y4cqWRxDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzA4NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZODANBgkqhkiG9w0BAQsFAAOCAQEAlSI+SW59XM1hKHEVlQC6 FZSVC1ikeZsEvwZLNDxQZt8T8JmeXh6C4VBARhgjy/tXy9KOiPxIcVFiFA4EKoe7 +SCQDaEl8efn+mTrfErz1kWQnaQMV3tZWvtIcX6yaPkMu0MOwvVqoL7dAM0Sarmm eeKmEYQKoGPaVLHNjMas2P3st5crYT37zs1trlH7T5krGW6YLLWDAkr1qYRgm3Jj qSktDHAL4lKw+P5kxR8HHHZE6qXsee/qkbjrM7mTlpGJfuwviPFYP/4sbeAfRFIj qlT7Zu2xcz0HtlI3g5UoNEauuDb61f423VjmRkvSHHPtiZOC7MdLjEjKWESpjALW bA== -----END CERTIFICATE-----Generated at Mon Mar 2 07:56:05 2026 by rpki-client