$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa File: AS153481.roa (raw, json) Hash identifier: 85LgUuRjBkpTfJaaMJNAYR/dy+bOtGZ+wj1VoN7sHXo= Subject key identifier: 7C:68:E7:D8:07:40:7C:2A:3F:AB:10:C9:FE:FE:9B:0B:F8:13:74:C6 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5D38445BDAE796F27EE451A104FB8FEDA58CA95D Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa Signing time: Thu 08 Jan 2026 11:00:07 +0000 ROA not before: Thu 08 Jan 2026 10:55:07 +0000 ROA not after: Thu 07 Jan 2027 11:00:07 +0000 asID: 153481 IP address blocks: 160.250.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:38:44:5b:da:e7:96:f2:7e:e4:51:a1:04:fb:8f:ed:a5:8c:a9:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 8 10:55:07 2026 GMT Not After : Jan 7 11:00:07 2027 GMT Subject: CN=7C68E7D807407C2A3FAB10C9FEFE9B0BF81374C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:6d:31:ca:e5:03:ff:3f:90:c0:8d:0b:5c:7f: 06:04:81:fd:05:e0:be:54:ac:7a:79:51:57:be:a4: 4e:c2:a4:53:de:75:71:f1:c1:8b:4f:02:52:93:a5: 89:ad:1a:bc:db:32:14:da:71:1e:2b:a1:6b:51:55: f7:fa:6f:94:bb:5c:de:36:8d:43:32:5f:32:11:c4: 75:84:13:a1:4f:9b:bf:35:89:29:52:ea:74:2d:8e: 97:a9:91:67:68:f7:b1:5a:26:1f:2e:39:a3:a9:f8: 77:95:8b:8a:dc:ff:2f:d1:b2:2b:68:7a:2c:64:b2: 11:0d:ba:84:92:76:7a:e9:ce:f5:37:8b:fd:75:6d: 7b:3f:f0:a6:32:0d:f2:48:5a:02:89:88:06:39:23: b3:f5:7b:8c:77:a7:f8:1f:f9:4e:05:2c:29:10:3c: dc:3c:06:18:d8:82:0b:6a:cf:17:60:86:fd:94:7a: 99:38:3c:fa:f0:03:b2:f3:14:e4:d9:d5:94:3a:fd: fe:40:92:3c:3f:1e:ca:75:af:3c:f1:70:ca:f4:4c: d1:bd:53:ca:63:81:9b:51:09:4c:4d:e8:e9:a9:0f: d7:80:b7:eb:81:be:b1:1b:6c:35:2f:e8:c6:75:b8: 9b:2c:cf:57:20:fb:a7:50:4e:bf:65:ab:17:c5:35: 25:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:68:E7:D8:07:40:7C:2A:3F:AB:10:C9:FE:FE:9B:0B:F8:13:74:C6 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153481.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.42.0/23 Signature Algorithm: sha256WithRSAEncryption 8a:f4:a0:95:68:a2:08:e8:93:65:fa:16:cc:be:e2:32:25:82: e6:77:21:09:fc:17:b9:55:77:dc:5a:87:f0:52:d1:53:d5:2e: 6b:fa:50:d9:fb:18:06:94:2f:0f:80:ae:85:fe:cb:45:b6:96: 7d:67:f9:5b:50:4f:41:9b:38:5a:5e:4e:41:6c:20:03:7e:bb: 82:86:33:58:7c:4b:33:0d:e7:35:1d:8a:a3:fc:16:f9:f6:d2: 3c:2c:2d:c7:3f:c5:08:bf:d7:49:c1:9b:8b:6e:d1:e0:a6:b7: 2d:1e:dd:fd:d9:4a:51:ab:1e:14:a1:ce:78:41:64:76:fd:ba: 09:93:3c:65:db:43:43:b5:9a:a7:3d:e8:a3:20:d6:ea:a6:73: c6:f8:a1:8f:e6:03:b7:07:ea:91:42:1d:da:aa:5a:cb:3e:10: 5f:7c:10:87:9c:2d:58:91:b6:34:11:b9:e0:90:b5:1b:f0:6f: 54:22:f2:f4:e4:b1:f0:98:8c:3b:68:53:21:37:a7:e9:d1:90: 96:f9:b5:14:1f:23:ab:56:48:e7:36:f0:27:4f:ee:af:c6:e1: 35:be:b0:aa:6f:80:b8:f3:90:ed:2c:ae:36:1c:0c:9e:c3:aa: 1a:26:09:97:c0:3c:4d:f5:53:dc:19:03:f4:be:d8:e0:93:1f: eb:92:77:7b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUXThEW9rnlvJ+5FGhBPuP7aWMqV0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEwODEwNTUwN1oX DTI3MDEwNzExMDAwN1owMzExMC8GA1UEAxMoN0M2OEU3RDgwNzQwN0MyQTNGQUIx MEM5RkVGRTlCMEJGODEzNzRDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKltMcrlA/8/kMCNC1x/BgSB/QXgvlSsenlRV76kTsKkU951cfHBi08CUpOl ia0avNsyFNpxHiuha1FV9/pvlLtc3jaNQzJfMhHEdYQToU+bvzWJKVLqdC2Ol6mR Z2j3sVomHy45o6n4d5WLitz/L9GyK2h6LGSyEQ26hJJ2eunO9TeL/XVtez/wpjIN 8khaAomIBjkjs/V7jHen+B/5TgUsKRA83DwGGNiCC2rPF2CG/ZR6mTg8+vADsvMU 5NnVlDr9/kCSPD8eynWvPPFwyvRM0b1TymOBm1EJTE3o6akP14C364G+sRtsNS/o xnW4myzPVyD7p1BOv2WrF8U1JYECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR8aOfY B0B8Kj+rEMn+/psL+BN0xjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ4MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaD6KjANBgkqhkiG9w0BAQsFAAOCAQEAivSglWiiCOiTZfoWzL7i MiWC5nchCfwXuVV33FqH8FLRU9Uua/pQ2fsYBpQvD4Cuhf7LRbaWfWf5W1BPQZs4 Wl5OQWwgA367goYzWHxLMw3nNR2Ko/wW+fbSPCwtxz/FCL/XScGbi27R4Ka3LR7d /dlKUaseFKHOeEFkdv26CZM8ZdtDQ7Wapz3ooyDW6qZzxvihj+YDtwfqkUId2qpa yz4QX3wQh5wtWJG2NBG54JC1G/BvVCLy9OSx8JiMO2hTITen6dGQlvm1FB8jq1ZI 5zbwJ0/ur8bhNb6wqm+AuPOQ7SyuNhwMnsOqGiYJl8A8TfVT3BkD9L7Y4JMf65J3 ew== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:34 2026 by rpki-client