$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153511.roa File: AS153511.roa (raw, json) Hash identifier: +398AI1+Yc3X3N+iKCZgdc5WZXGyMwVomVFMW72lyd8= Subject key identifier: 6A:77:05:AD:BA:67:4D:96:B1:D9:E8:2D:9D:0D:B0:BC:66:2C:25:47 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7F6E26C8C9D3A2B8E32C4BEE1DC62B1F03A7FB99 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153511.roa Signing time: Tue 28 Oct 2025 06:19:40 +0000 ROA not before: Tue 28 Oct 2025 06:14:40 +0000 ROA not after: Tue 27 Oct 2026 06:19:40 +0000 asID: 153511 IP address blocks: 160.25.154.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:6e:26:c8:c9:d3:a2:b8:e3:2c:4b:ee:1d:c6:2b:1f:03:a7:fb:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 28 06:14:40 2025 GMT Not After : Oct 27 06:19:40 2026 GMT Subject: CN=6A7705ADBA674D96B1D9E82D9D0DB0BC662C2547 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:bc:43:60:1d:85:7e:fb:2a:7e:91:11:a3:fb: 67:bf:9b:01:60:69:eb:5c:c9:c5:cd:6b:96:17:09: 37:03:80:1e:d7:21:30:2c:76:3c:08:27:f8:3d:d4: af:2b:55:f0:64:61:2b:ab:ce:29:23:01:85:3d:a7: 93:69:06:cd:01:28:e2:82:6e:30:99:a7:c9:3a:8a: 89:38:5f:5b:bf:f4:b0:a2:b4:15:dd:4e:a2:d3:d9: 33:b9:a5:5b:5a:76:75:89:cd:ec:45:ce:d4:cd:76: 77:da:52:f4:ae:81:48:f2:1c:93:cf:0f:2c:39:a3: 0d:ac:85:da:4f:1f:8c:76:de:d8:fc:e1:ae:79:db: 1f:60:01:f3:df:c4:6a:2f:c8:8f:ff:91:71:e3:37: ee:6d:b8:5a:61:16:98:94:15:95:da:70:87:5d:08: df:ec:fa:49:ba:85:de:43:b5:ac:95:ab:60:b5:90: d8:1b:ac:19:9c:4b:e6:cb:65:fd:d3:45:1a:d1:91: b5:ed:e0:a6:d3:bd:db:de:44:c1:39:06:43:ab:d8: ce:c3:4a:31:ed:1f:1d:cd:f7:cf:b5:d6:5e:75:1b: ed:19:f3:53:f3:1e:bb:57:e5:90:c4:ee:04:ba:7e: 55:ab:6b:50:08:33:47:ab:b1:9c:23:fa:f2:1d:7f: db:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:77:05:AD:BA:67:4D:96:B1:D9:E8:2D:9D:0D:B0:BC:66:2C:25:47 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153511.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.154.0/23 Signature Algorithm: sha256WithRSAEncryption 8d:b9:3d:3c:da:40:4a:49:df:14:8a:53:c3:a9:1e:e4:ea:c4: f5:d1:c5:3c:2d:7d:47:57:04:fd:1a:c0:5f:33:e6:19:4c:e3: 88:c8:a7:40:1f:3b:0b:31:75:95:41:91:be:b8:b7:d6:0a:d3: f0:07:dc:fc:ec:3c:40:10:d3:68:68:7e:52:52:d5:eb:1b:08: ad:36:88:1b:48:12:87:59:55:2f:7c:12:9b:ab:da:fd:a1:b0: ec:ef:97:f4:9a:29:a7:c0:19:46:f7:e9:f1:3d:dd:41:d7:f4: 3c:57:d8:fa:87:13:39:38:c6:95:02:ef:04:8b:07:b4:af:a1: b0:9d:15:4c:cc:95:5e:47:65:6b:85:0e:b5:da:8a:59:70:9b: fc:9c:c3:b9:d7:27:04:f4:ac:25:fc:b7:3d:14:2f:dc:54:8c: 80:38:ab:5e:a4:b4:88:82:9b:4e:8d:e3:4d:d6:24:9d:58:a2: 26:c8:ab:d9:f1:7b:24:77:01:dc:31:1a:8a:83:b6:b5:6f:8a: 95:a2:60:e7:dc:0e:9e:71:db:2d:ba:7a:d6:d1:3a:0f:f8:27: e4:2b:0d:3c:87:11:5c:70:14:be:21:b1:98:9c:f8:2d:5f:20: fb:3d:ed:a9:79:57:6b:7e:c6:5a:69:99:e6:03:05:02:12:19: 12:b4:41:2e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUf24myMnTorjjLEvuHcYrHwOn+5kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAyODA2MTQ0MFoX DTI2MTAyNzA2MTk0MFowMzExMC8GA1UEAxMoNkE3NzA1QURCQTY3NEQ5NkIxRDlF ODJEOUQwREIwQkM2NjJDMjU0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ28Q2AdhX77Kn6REaP7Z7+bAWBp61zJxc1rlhcJNwOAHtchMCx2PAgn+D3U rytV8GRhK6vOKSMBhT2nk2kGzQEo4oJuMJmnyTqKiThfW7/0sKK0Fd1OotPZM7ml W1p2dYnN7EXO1M12d9pS9K6BSPIck88PLDmjDayF2k8fjHbe2PzhrnnbH2AB89/E ai/Ij/+RceM37m24WmEWmJQVldpwh10I3+z6SbqF3kO1rJWrYLWQ2BusGZxL5stl /dNFGtGRte3gptO9295EwTkGQ6vYzsNKMe0fHc33z7XWXnUb7RnzU/Meu1flkMTu BLp+VatrUAgzR6uxnCP68h1/248CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRqdwWt umdNlrHZ6C2dDbC8ZiwlRzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUxMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZmjANBgkqhkiG9w0BAQsFAAOCAQEAjbk9PNpASknfFIpTw6ke 5OrE9dHFPC19R1cE/RrAXzPmGUzjiMinQB87CzF1lUGRvri31grT8Afc/Ow8QBDT aGh+UlLV6xsIrTaIG0gSh1lVL3wSm6va/aGw7O+X9Jopp8AZRvfp8T3dQdf0PFfY +ocTOTjGlQLvBIsHtK+hsJ0VTMyVXkdla4UOtdqKWXCb/JzDudcnBPSsJfy3PRQv 3FSMgDirXqS0iIKbTo3jTdYknViiJsir2fF7JHcB3DEaioO2tW+KlaJg59wOnnHb Lbp61tE6D/gn5CsNPIcRXHAUviGxmJz4LV8g+z3tqXlXa37GWmmZ5gMFAhIZErRB Lg== -----END CERTIFICATE-----Generated at Wed Nov 5 00:35:51 2025 by rpki-client