$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153108.roa File: AS153108.roa (raw, json) Hash identifier: xNqX++dproMnHWKdWxJAZQF8xb7mo4LCCAFAzKor3qk= Subject key identifier: A9:FF:6F:B9:95:70:D7:E3:2E:60:9B:00:C7:B9:3F:65:58:19:F0:53 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 43A2B0D5D392D666D00C5925259512933FAE751F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153108.roa Signing time: Thu 08 Jan 2026 11:00:07 +0000 ROA not before: Thu 08 Jan 2026 10:55:07 +0000 ROA not after: Thu 07 Jan 2027 11:00:07 +0000 asID: 153108 IP address blocks: 160.25.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:a2:b0:d5:d3:92:d6:66:d0:0c:59:25:25:95:12:93:3f:ae:75:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:07 2026 GMT Not After : Jan 7 11:00:07 2027 GMT Subject: CN=A9FF6FB99570D7E32E609B00C7B93F655819F053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b4:53:7b:7b:9e:42:ec:54:7b:04:26:a7:60: aa:6a:8f:1e:82:82:54:ea:b2:ca:96:f9:d8:12:31: a7:62:a0:36:b8:df:35:9e:a6:58:50:39:81:b1:04: 23:68:67:17:f4:d4:37:b2:f1:ed:c7:8c:92:5e:91: d5:51:90:62:e3:cf:01:34:69:a8:b8:85:ae:87:ab: b0:26:e0:6e:88:9b:2d:8c:88:7b:f1:72:bb:98:b9: a5:7b:ee:5a:50:cb:55:09:da:25:8b:78:7c:4e:a1: e8:5b:51:45:8b:33:09:bb:4a:4d:dd:b2:b8:03:96: 70:61:50:79:e1:0a:39:79:2c:a0:a5:96:fa:81:b7: 56:69:2a:c4:8f:da:b9:43:c9:fc:a1:29:8d:2e:51: 34:1c:5b:06:71:f5:41:2b:ed:a4:66:e3:fc:30:64: 7e:96:b8:86:20:95:be:76:4f:75:a0:6a:07:92:05: 88:20:cb:68:db:4e:00:3d:f3:ac:76:64:f5:0a:12: 25:56:d7:6a:2a:37:09:68:4c:90:f9:ac:7f:8d:34: 4a:ff:a8:7c:06:ab:3e:95:a0:56:d6:63:3d:89:2e: ac:dc:14:7a:b6:09:83:23:6e:ce:4b:a1:b2:e8:f6: 75:28:1c:a9:9d:5d:5d:06:88:1a:c7:ca:f2:5d:ac: 19:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:FF:6F:B9:95:70:D7:E3:2E:60:9B:00:C7:B9:3F:65:58:19:F0:53 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153108.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.203.0/24 Signature Algorithm: sha256WithRSAEncryption 50:78:e3:21:3c:ab:4e:43:26:26:a8:7c:2e:d8:4f:22:e3:5a: bf:f8:6b:97:a0:f1:47:ed:80:31:d8:89:10:97:a6:61:38:91: 6d:30:99:c6:b7:16:50:5f:ee:b5:82:a8:35:7b:e6:80:23:e7: 33:dd:4e:2c:d2:45:21:05:62:a9:28:96:d6:ff:b5:42:ae:c6: b6:fc:bb:cd:91:1d:7f:e7:b8:8a:31:e5:6d:e3:dc:37:fb:84: 9c:12:9d:73:78:8f:37:c6:32:17:7a:18:42:5b:3a:78:53:25: b4:7d:77:39:62:69:b7:cd:03:be:f9:3e:a1:57:b0:29:43:38: 9a:45:c0:d2:d8:4a:03:38:e4:c6:b1:99:48:8b:45:d4:f0:7f: 85:0e:6f:49:f5:fd:15:67:fe:2f:56:f6:45:62:ac:68:4e:c8: 8d:ec:b6:1c:b7:d2:0d:a1:09:4c:09:a9:52:4f:3b:8b:0c:73: 18:65:8c:45:0d:c0:0e:7f:f2:f9:bb:e4:8b:c3:04:d8:1f:7c: d7:06:b9:82:66:4f:c0:0b:1c:81:ff:11:f4:44:db:1a:7b:0d: d9:53:49:54:58:d1:3a:f2:94:3e:38:f9:f1:77:35:eb:d3:b9: 8a:5c:f3:31:54:0a:a9:aa:3a:53:3e:57:06:60:d6:89:04:3d: 19:f1:0a:7b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQ6Kw1dOS1mbQDFklJZUSkz+udR8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwN1oX DTI3MDEwNzExMDAwN1owMzExMC8GA1UEAxMoQTlGRjZGQjk5NTcwRDdFMzJFNjA5 QjAwQzdCOTNGNjU1ODE5RjA1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALO0U3t7nkLsVHsEJqdgqmqPHoKCVOqyypb52BIxp2KgNrjfNZ6mWFA5gbEE I2hnF/TUN7Lx7ceMkl6R1VGQYuPPATRpqLiFroersCbgboibLYyIe/Fyu5i5pXvu WlDLVQnaJYt4fE6h6FtRRYszCbtKTd2yuAOWcGFQeeEKOXksoKWW+oG3VmkqxI/a uUPJ/KEpjS5RNBxbBnH1QSvtpGbj/DBkfpa4hiCVvnZPdaBqB5IFiCDLaNtOAD3z rHZk9QoSJVbXaio3CWhMkPmsf400Sv+ofAarPpWgVtZjPYkurNwUerYJgyNuzkuh suj2dSgcqZ1dXQaIGsfK8l2sGbMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSp/2+5 lXDX4y5gmwDHuT9lWBnwUzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzEwOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKAZyzANBgkqhkiG9w0BAQsFAAOCAQEAUHjjITyrTkMmJqh8LthP IuNav/hrl6DxR+2AMdiJEJemYTiRbTCZxrcWUF/utYKoNXvmgCPnM91OLNJFIQVi qSiW1v+1Qq7Gtvy7zZEdf+e4ijHlbePcN/uEnBKdc3iPN8YyF3oYQls6eFMltH13 OWJpt80Dvvk+oVewKUM4mkXA0thKAzjkxrGZSItF1PB/hQ5vSfX9FWf+L1b2RWKs aE7Ijey2HLfSDaEJTAmpUk87iwxzGGWMRQ3ADn/y+bvki8ME2B981wa5gmZPwAsc gf8R9ETbGnsN2VNJVFjROvKUPjj58Xc169O5ilzzMVQKqao6Uz5XBmDWiQQ9GfEK ew== -----END CERTIFICATE-----Generated at Mon Mar 2 12:59:55 2026 by rpki-client