$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153116.roa File: AS153116.roa (raw, json) Hash identifier: CZiwysqzIE+d9+GBs6t36arzGLviICZOBsYjXCUQoSM= Subject key identifier: 29:8E:E3:F6:B1:9A:05:A7:DE:9A:2B:EA:66:83:68:97:C3:D8:EB:AE Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6DED4F0579D174B0B3BF52F027B0A9DEEF9F3492 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153116.roa Signing time: Thu 08 Jan 2026 11:00:01 +0000 ROA not before: Thu 08 Jan 2026 10:55:01 +0000 ROA not after: Thu 07 Jan 2027 11:00:01 +0000 asID: 153116 IP address blocks: 160.25.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:ed:4f:05:79:d1:74:b0:b3:bf:52:f0:27:b0:a9:de:ef:9f:34:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:01 2026 GMT Not After : Jan 7 11:00:01 2027 GMT Subject: CN=298EE3F6B19A05A7DE9A2BEA66836897C3D8EBAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a5:b6:a6:24:9b:63:48:64:6b:16:62:63:97: 63:b2:1c:fd:f5:74:b8:d5:63:ca:55:05:10:da:4f: 81:db:47:16:dd:c3:93:6d:d9:91:d1:e4:18:a8:7e: 92:b8:e6:06:16:be:1c:20:2e:b1:e5:55:de:77:72: ee:8a:6a:a7:bb:0e:2f:8f:5c:e6:06:8a:ec:f2:93: 86:9d:54:3a:88:e8:02:c9:3c:d2:77:f6:5d:03:39: 5e:70:7d:61:ea:c4:00:27:b2:2a:18:9d:0c:5c:75: f4:62:7d:29:d2:57:e3:fd:5a:6d:27:b5:07:5b:49: 43:d9:42:12:82:1f:46:50:b3:ae:83:af:f2:50:2e: 24:44:fc:e6:ec:c2:c1:89:6d:73:1d:25:76:10:38: c7:1e:1e:c5:3e:d3:7e:1c:9a:5f:14:5e:d4:07:70: 48:d1:e1:4a:7a:2d:c3:3f:95:2f:0c:e9:73:ef:77: 62:35:ef:fc:bb:be:4d:dd:53:b9:20:bd:b4:1e:25: 66:dc:14:4b:2b:74:f7:b2:2f:5f:26:a3:a4:ed:dc: 38:f7:b0:10:dc:b6:96:3a:d9:1c:95:01:33:5e:49: 4d:84:53:9c:6b:cd:7f:e2:76:df:20:43:c3:21:36: 0b:2b:2f:00:29:50:3a:2e:47:77:3b:ce:c2:09:a6: 60:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:8E:E3:F6:B1:9A:05:A7:DE:9A:2B:EA:66:83:68:97:C3:D8:EB:AE X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153116.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.200.0/24 Signature Algorithm: sha256WithRSAEncryption 36:ab:b8:b4:e2:d0:76:2c:13:80:0f:5e:e5:e0:c5:85:d0:d5: 37:5b:24:c5:b4:8a:f3:68:09:f5:a4:f1:c4:4d:61:66:6e:98: 4d:b1:ab:75:94:db:47:15:1a:dc:cc:9c:dc:c9:c3:31:a7:2c: b2:f1:6a:35:27:fc:c8:1f:bd:9f:d9:d3:43:57:27:ae:04:60: 95:f2:06:cb:f5:78:b8:b8:b2:a6:1a:3a:6b:14:8a:23:9a:2a: 56:bd:10:70:04:f9:56:a7:45:22:c1:cf:e5:9a:11:6b:ca:9a: 6b:9a:f0:83:78:d2:09:66:f6:fa:60:e7:00:b1:4c:46:7b:49: f8:2e:9b:e2:11:f6:3a:5d:c4:71:f8:b9:92:c3:32:2a:b6:42: c1:2f:f9:16:28:1a:ba:96:86:a7:85:47:4f:b8:f2:af:b5:b0: cf:1e:a3:05:66:d9:b4:17:50:e6:5b:7d:5b:02:72:3a:0d:67: c2:99:6d:8c:be:7a:9b:1a:f3:d9:f0:f2:06:12:8c:fc:d5:23: 86:8b:cb:17:24:c3:3b:73:58:5b:68:a9:0d:82:36:c9:7d:7e: 18:5f:c5:04:42:b6:c7:b2:dd:9c:14:4e:32:ce:cf:a7:ab:29: 3c:1b:84:67:38:aa:5a:38:58:d1:cd:d7:5c:09:0f:12:6d:a0: 08:de:cb:7c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUbe1PBXnRdLCzv1LwJ7Cp3u+fNJIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwMVoX DTI3MDEwNzExMDAwMVowMzExMC8GA1UEAxMoMjk4RUUzRjZCMTlBMDVBN0RFOUEy QkVBNjY4MzY4OTdDM0Q4RUJBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANOltqYkm2NIZGsWYmOXY7Ic/fV0uNVjylUFENpPgdtHFt3Dk23ZkdHkGKh+ krjmBha+HCAuseVV3ndy7opqp7sOL49c5gaK7PKThp1UOojoAsk80nf2XQM5XnB9 YerEACeyKhidDFx19GJ9KdJX4/1abSe1B1tJQ9lCEoIfRlCzroOv8lAuJET85uzC wYltcx0ldhA4xx4exT7TfhyaXxRe1AdwSNHhSnotwz+VLwzpc+93YjXv/Lu+Td1T uSC9tB4lZtwUSyt097IvXyajpO3cOPewENy2ljrZHJUBM15JTYRTnGvNf+J23yBD wyE2CysvAClQOi5HdzvOwgmmYHECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQpjuP2 sZoFp96aK+pmg2iXw9jrrjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzExNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKAZyDANBgkqhkiG9w0BAQsFAAOCAQEANqu4tOLQdiwTgA9e5eDF hdDVN1skxbSK82gJ9aTxxE1hZm6YTbGrdZTbRxUa3Myc3MnDMacssvFqNSf8yB+9 n9nTQ1cnrgRglfIGy/V4uLiypho6axSKI5oqVr0QcAT5VqdFIsHP5ZoRa8qaa5rw g3jSCWb2+mDnALFMRntJ+C6b4hH2Ol3Ecfi5ksMyKrZCwS/5FigaupaGp4VHT7jy r7Wwzx6jBWbZtBdQ5lt9WwJyOg1nwpltjL56mxrz2fDyBhKM/NUjhovLFyTDO3NY W2ipDYI2yX1+GF/FBEK2x7LdnBROMs7Pp6spPBuEZziqWjhY0c3XXAkPEm2gCN7L fA== -----END CERTIFICATE-----Generated at Mon Mar 2 12:59:53 2026 by rpki-client