$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa File: AS153486.roa (raw, json) Hash identifier: ZF8YU3Guj89SVbyf81wbmgfDCD96+0vMJ5MVl8nYXbI= Subject key identifier: FF:7C:93:B8:C9:49:AB:01:1C:90:9B:4A:DC:8F:95:4D:94:86:44:17 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2DAEC77956460BE329ACA125B5ACBEEAA5C53907 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa Signing time: Thu 24 Apr 2025 03:49:49 +0000 ROA not before: Thu 24 Apr 2025 03:44:49 +0000 ROA not after: Thu 23 Apr 2026 03:49:49 +0000 asID: 153486 IP address blocks: 160.250.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:ae:c7:79:56:46:0b:e3:29:ac:a1:25:b5:ac:be:ea:a5:c5:39:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 24 03:44:49 2025 GMT Not After : Apr 23 03:49:49 2026 GMT Subject: CN=FF7C93B8C949AB011C909B4ADC8F954D94864417 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:04:59:b1:a9:bd:48:fc:86:9a:18:90:89:3a: b6:c8:8e:21:9b:77:28:d4:42:a4:fc:2e:11:36:8b: 94:9b:d1:1a:2a:6b:fa:93:bb:8f:ca:53:36:06:61: 6e:b1:f4:68:ed:ac:e5:97:ad:31:d7:e2:3c:a9:48: 0d:e2:1c:5e:a3:2f:11:40:66:d9:51:f5:b3:c1:7e: b9:d4:45:ff:7e:19:54:cd:ac:46:c4:f7:66:cb:4f: f2:9c:ce:de:55:1f:19:c4:e7:d4:c2:5b:12:bf:19: 86:9a:da:de:73:e5:6f:21:96:4b:43:06:aa:c7:f6: a6:fd:91:49:56:fa:46:ce:cd:ad:82:22:5b:2e:ba: 0e:8f:40:6d:1e:fe:d3:64:22:f8:fe:c1:9f:51:36: ab:bf:37:de:08:f2:54:10:20:d0:10:93:78:8c:97: 6e:5d:a8:a0:76:46:56:cc:a0:c4:50:e7:28:0e:f3: cf:4a:06:dd:e1:cb:be:2c:8f:ff:d0:90:41:d5:99: 0b:d8:3c:87:5f:96:89:73:af:67:26:0f:aa:f9:aa: 62:ee:d8:b4:f9:14:63:29:f3:9a:69:86:2c:57:e8: eb:51:b3:53:a5:5a:48:a2:a7:bc:79:ed:44:35:5f: df:5e:18:e3:c1:5a:53:76:1b:fb:f7:52:ee:b9:60: 3d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:7C:93:B8:C9:49:AB:01:1C:90:9B:4A:DC:8F:95:4D:94:86:44:17 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.194.0/23 Signature Algorithm: sha256WithRSAEncryption 39:4c:8d:63:8e:2d:a5:68:33:c2:12:94:a7:04:28:12:89:69: 9e:b5:ca:de:6f:a2:a1:af:14:25:ed:99:c8:3a:aa:a9:16:d2: 23:9f:72:54:e7:0c:14:6d:31:32:66:bb:3c:29:71:5f:6b:6d: 10:6d:3c:aa:86:16:cf:4f:49:f0:50:91:cf:0d:6f:7c:7e:60: a3:14:ea:e9:b4:3a:48:98:b6:e5:a8:b1:1b:81:c2:b1:50:c0: 24:6b:7e:87:29:10:f3:a8:65:49:90:e1:02:02:29:4a:2f:f1: 9b:38:fb:32:81:e1:21:91:71:3e:f2:89:8d:cb:99:66:8f:d5: 4c:a8:42:55:bd:16:69:27:df:c9:cc:34:1f:91:8a:71:46:c1: d7:2e:18:b0:cc:a8:3b:01:5d:13:05:ee:b3:5b:a8:65:d6:48: ec:62:6c:95:bf:a6:60:36:d0:9e:11:11:bb:2c:ec:8b:23:8e: 29:77:de:bd:9c:2c:76:d6:78:5b:c1:94:28:5e:6e:f9:9d:e0: f2:d9:82:e0:50:7f:13:de:de:b1:28:8b:2d:19:78:48:e8:b7: 04:8c:42:10:be:fe:7c:f9:d3:7b:db:be:3c:88:a8:5f:81:05: 7c:b2:5d:ec:8e:86:80:6f:76:e1:30:5b:56:61:5a:97:a1:64: c7:35:81:a8 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULa7HeVZGC+MprKEltay+6qXFOQcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDQyNDAzNDQ0OVoX DTI2MDQyMzAzNDk0OVowMzExMC8GA1UEAxMoRkY3QzkzQjhDOTQ5QUIwMTFDOTA5 QjRBREM4Rjk1NEQ5NDg2NDQxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOsEWbGpvUj8hpoYkIk6tsiOIZt3KNRCpPwuETaLlJvRGipr+pO7j8pTNgZh brH0aO2s5ZetMdfiPKlIDeIcXqMvEUBm2VH1s8F+udRF/34ZVM2sRsT3ZstP8pzO 3lUfGcTn1MJbEr8Zhpra3nPlbyGWS0MGqsf2pv2RSVb6Rs7NrYIiWy66Do9AbR7+ 02Qi+P7Bn1E2q7833gjyVBAg0BCTeIyXbl2ooHZGVsygxFDnKA7zz0oG3eHLviyP /9CQQdWZC9g8h1+WiXOvZyYPqvmqYu7YtPkUYynzmmmGLFfo61GzU6VaSKKnvHnt RDVf314Y48FaU3Yb+/dS7rlgPQkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT/fJO4 yUmrARyQm0rcj5VNlIZEFzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaD6wjANBgkqhkiG9w0BAQsFAAOCAQEAOUyNY44tpWgzwhKUpwQo EolpnrXK3m+ioa8UJe2ZyDqqqRbSI59yVOcMFG0xMma7PClxX2ttEG08qoYWz09J 8FCRzw1vfH5goxTq6bQ6SJi25aixG4HCsVDAJGt+hykQ86hlSZDhAgIpSi/xmzj7 MoHhIZFxPvKJjcuZZo/VTKhCVb0WaSffycw0H5GKcUbB1y4YsMyoOwFdEwXus1uo ZdZI7GJslb+mYDbQnhERuyzsiyOOKXfevZwsdtZ4W8GUKF5u+Z3g8tmC4FB/E97e sSiLLRl4SOi3BIxCEL7+fPnTe9u+PIioX4EFfLJd7I6GgG924TBbVmFal6FkxzWB qA== -----END CERTIFICATE-----Generated at Tue Nov 4 18:36:45 2025 by rpki-client