$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa File: AS153520.roa (raw, json) Hash identifier: TSaXgddzjscE2/jUyA+qsejaPJrIFw1KZAKOc0f0Q7c= Subject key identifier: C0:2C:3B:4C:67:EF:71:32:69:AC:E2:DB:C1:4A:D2:64:1B:56:11:04 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 03F0398F521DE34A72A73B2FB8FDD68D1E2BADB2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa Signing time: Tue 20 Jan 2026 04:00:00 +0000 ROA not before: Tue 20 Jan 2026 03:55:00 +0000 ROA not after: Tue 19 Jan 2027 04:00:00 +0000 asID: 153520 IP address blocks: 160.250.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:f0:39:8f:52:1d:e3:4a:72:a7:3b:2f:b8:fd:d6:8d:1e:2b:ad:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 20 03:55:00 2026 GMT Not After : Jan 19 04:00:00 2027 GMT Subject: CN=C02C3B4C67EF713269ACE2DBC14AD2641B561104 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:17:99:8d:04:15:cd:6c:10:a8:50:df:73:01: 70:36:65:cc:b3:84:b9:91:06:44:42:03:c4:84:8c: a7:22:35:f8:75:4b:dc:2e:15:7b:6b:2b:57:fb:b2: 6b:06:d0:6d:f6:9e:5c:db:65:f8:1e:07:e0:bf:b3: 57:95:f9:bc:0a:3b:55:16:e7:d9:b1:f5:95:28:73: ab:30:28:d5:bd:11:0b:8e:67:b7:f2:b7:e7:66:17: d3:07:b6:e5:8f:cc:17:60:37:46:4c:46:32:c5:88: 76:e3:b1:5c:14:95:31:49:bc:11:ea:df:e8:82:66: 12:8c:4b:b0:5b:c7:06:f2:5e:61:95:5c:a9:a3:5f: b6:e6:b8:f5:5e:cb:c1:c9:ee:9d:b9:ed:fa:3c:7b: 51:18:ab:0f:cd:74:7d:4d:f3:d0:25:8b:0c:6b:d8: 67:a8:a9:12:46:e9:cb:6c:18:45:6e:32:b3:9f:62: 06:4e:62:f6:5d:a9:8a:14:43:c9:55:c9:9d:19:1b: 7f:f4:77:04:55:96:07:39:9a:a6:a2:49:d3:06:b3: 68:d5:4a:c5:61:ee:f6:79:9e:72:4f:72:30:87:5b: 6b:ab:1b:b1:c3:27:6a:8e:50:6e:bd:5d:eb:8f:e4: 0c:5e:59:87:cc:5b:2c:91:14:be:98:ee:de:79:e7: a0:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:2C:3B:4C:67:EF:71:32:69:AC:E2:DB:C1:4A:D2:64:1B:56:11:04 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153520.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.239.0/24 Signature Algorithm: sha256WithRSAEncryption 75:cc:6b:1d:e1:7e:c9:61:b8:00:60:88:59:58:54:bc:ef:01: bd:a7:29:e1:7b:45:08:31:c4:88:a7:49:85:2d:23:b9:72:83: 7e:2f:cc:df:89:6c:a7:d6:5f:b2:6b:a4:7d:87:a8:ac:ad:71: d6:60:59:7d:72:32:87:e5:3a:57:dd:78:ca:31:5f:60:47:86: 18:6c:9f:2b:ba:f6:f4:4d:9f:6d:cd:d7:bb:0d:8a:7d:da:9a: 10:65:ec:d5:85:63:23:97:67:f8:83:cb:bf:64:66:c8:bf:f0: 14:08:ac:63:bb:54:08:82:af:cd:ee:df:5c:9d:a2:76:21:65: 34:c6:e1:cd:ac:c6:e5:ce:e6:62:5b:16:5f:67:bf:1b:39:84: 8d:b4:30:d8:9e:46:70:25:e1:8c:bf:b1:f3:9b:4c:7b:bd:7b: b8:3c:3e:ea:47:5c:7c:3f:a5:f3:81:4c:35:2c:6b:f6:35:1f: 52:8f:77:f9:0c:90:02:c8:df:7c:60:a0:57:1c:b6:52:88:ae: e4:f8:7e:71:66:ed:05:f3:65:75:67:79:7f:a3:71:82:3b:99: 87:1b:c8:79:4b:09:44:76:1e:07:92:8f:95:7b:c4:d6:9a:4d: 3d:7a:ea:ba:65:91:37:d1:4b:ca:53:a3:d0:43:80:c7:26:d1: 10:ae:ea:85 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUA/A5j1Id40pypzsvuP3WjR4rrbIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEyMDAzNTUwMFoX DTI3MDExOTA0MDAwMFowMzExMC8GA1UEAxMoQzAyQzNCNEM2N0VGNzEzMjY5QUNF MkRCQzE0QUQyNjQxQjU2MTEwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOoXmY0EFc1sEKhQ33MBcDZlzLOEuZEGREIDxISMpyI1+HVL3C4Ve2srV/uy awbQbfaeXNtl+B4H4L+zV5X5vAo7VRbn2bH1lShzqzAo1b0RC45nt/K352YX0we2 5Y/MF2A3RkxGMsWIduOxXBSVMUm8Eerf6IJmEoxLsFvHBvJeYZVcqaNftua49V7L wcnunbnt+jx7URirD810fU3z0CWLDGvYZ6ipEkbpy2wYRW4ys59iBk5i9l2pihRD yVXJnRkbf/R3BFWWBzmapqJJ0wazaNVKxWHu9nmeck9yMIdba6sbscMnao5Qbr1d 64/kDF5Zh8xbLJEUvpju3nnnoJUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTALDtM Z+9xMmms4tvBStJkG1YRBDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUyMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKD67zANBgkqhkiG9w0BAQsFAAOCAQEAdcxrHeF+yWG4AGCIWVhU vO8Bvacp4XtFCDHEiKdJhS0juXKDfi/M34lsp9ZfsmukfYeorK1x1mBZfXIyh+U6 V914yjFfYEeGGGyfK7r29E2fbc3Xuw2KfdqaEGXs1YVjI5dn+IPLv2RmyL/wFAis Y7tUCIKvze7fXJ2idiFlNMbhzazG5c7mYlsWX2e/GzmEjbQw2J5GcCXhjL+x85tM e717uDw+6kdcfD+l84FMNSxr9jUfUo93+QyQAsjffGCgVxy2Uoiu5Ph+cWbtBfNl dWd5f6NxgjuZhxvIeUsJRHYeB5KPlXvE1ppNPXrqumWRN9FLylOj0EOAxybREK7q hQ== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:58 2026 by rpki-client