$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa File: AS153524.roa (raw, json) Hash identifier: NXoGt4xQ6U51hlpRAWJrMWwWBscLAcOmkBAmZht9aFw= Subject key identifier: 8E:46:5C:D6:17:85:5A:3E:45:AF:15:75:13:3E:DF:A7:03:BD:76:7B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5A90F813DFBDDC32B1209D03CDEEA8E5B7C45E9C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa Signing time: Mon 26 Jan 2026 03:00:00 +0000 ROA not before: Mon 26 Jan 2026 02:55:00 +0000 ROA not after: Mon 25 Jan 2027 03:00:00 +0000 asID: 153524 IP address blocks: 160.250.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:90:f8:13:df:bd:dc:32:b1:20:9d:03:cd:ee:a8:e5:b7:c4:5e:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 26 02:55:00 2026 GMT Not After : Jan 25 03:00:00 2027 GMT Subject: CN=8E465CD617855A3E45AF1575133EDFA703BD767B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:f7:1c:f6:42:09:15:69:62:e5:27:c1:5b:85: ad:06:03:01:b4:a8:d5:8b:8d:e3:6e:24:49:71:d5: 7e:42:5d:85:d2:68:c6:09:cb:a6:ef:b1:cd:26:b1: e3:65:45:c8:74:00:3c:5f:56:4c:41:9a:9c:17:38: 96:c9:4f:d9:db:d2:8b:75:6c:19:fb:9c:db:25:6e: d0:5d:da:d8:3c:78:81:78:e6:b7:74:69:55:df:0b: b3:d7:aa:46:1a:06:93:0d:85:c2:f5:0c:be:8b:93: f3:a2:21:71:25:ed:82:71:55:48:1b:4f:3f:26:d6: 0a:72:87:58:ec:d3:4a:db:19:6a:63:4f:d3:4d:4c: cf:00:a7:a3:ee:b5:df:bb:57:d6:f3:52:5f:9e:92: 60:72:1c:56:54:ab:2f:b8:a0:0c:79:43:f8:8d:21: 96:c6:8f:93:d1:48:8e:8b:05:b0:9a:dc:f3:8e:36: d9:f8:de:2c:92:66:e3:8f:d5:02:d6:73:f4:0f:db: 5a:50:82:fb:e6:b0:ef:05:49:6a:28:23:22:41:48: a4:c8:b7:f1:4f:a0:e5:68:56:0c:73:02:6f:26:8e: a7:3c:ad:ab:b7:98:d5:88:16:1c:a1:23:65:51:96: ae:c5:34:24:5b:59:16:95:f3:90:a4:e7:b3:45:1a: 20:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:46:5C:D6:17:85:5A:3E:45:AF:15:75:13:3E:DF:A7:03:BD:76:7B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.35.0/24 Signature Algorithm: sha256WithRSAEncryption 61:bc:28:41:a6:09:43:35:e2:64:4d:57:68:0d:dd:43:31:fb: fd:99:f8:c4:da:2b:71:9b:75:6c:0b:d2:e7:98:8f:43:ae:d5: b1:52:1f:69:84:db:0e:9f:20:68:3f:38:73:e4:12:cd:6c:16: 04:87:a4:f1:44:1d:c5:e4:26:a8:76:67:08:6d:1c:67:35:b8: a4:d8:34:47:ee:ea:1f:a3:e0:c6:12:e7:3c:8f:fa:6b:42:79: 70:59:6c:19:26:42:60:99:f4:dd:ff:1c:aa:ad:fa:bd:af:bf: db:90:eb:57:22:34:e2:a7:b9:9c:ca:e9:51:75:6b:d8:41:79: 9b:47:1b:0c:4d:fc:b4:1e:53:ca:03:27:ae:ef:45:b5:e7:45: ae:4d:b1:7c:f3:06:0a:c8:e9:a6:6a:76:71:06:e4:7c:2c:b1: fa:00:63:51:2b:71:14:75:24:63:58:87:e6:b7:e7:a0:da:da: 64:1f:ce:91:6d:23:d3:98:b9:fd:37:73:5d:84:85:c7:33:07: 3a:82:0c:0d:54:ec:2a:4d:da:1b:cb:a4:ac:a2:13:02:a0:f2: bb:84:9c:b2:6a:bc:dd:a8:35:64:3b:a6:2c:0f:ed:bd:6b:4c: 5c:f7:dc:b5:4a:9e:bc:b1:1c:8f:2e:cc:a4:7c:40:0d:6b:41: 54:33:cd:1d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWpD4E9+93DKxIJ0Dze6o5bfEXpwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEyNjAyNTUwMFoX DTI3MDEyNTAzMDAwMFowMzExMC8GA1UEAxMoOEU0NjVDRDYxNzg1NUEzRTQ1QUYx NTc1MTMzRURGQTcwM0JENzY3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM33HPZCCRVpYuUnwVuFrQYDAbSo1YuN424kSXHVfkJdhdJoxgnLpu+xzSax 42VFyHQAPF9WTEGanBc4lslP2dvSi3VsGfuc2yVu0F3a2Dx4gXjmt3RpVd8Ls9eq RhoGkw2FwvUMvouT86IhcSXtgnFVSBtPPybWCnKHWOzTStsZamNP001MzwCno+61 37tX1vNSX56SYHIcVlSrL7igDHlD+I0hlsaPk9FIjosFsJrc84422fjeLJJm44/V AtZz9A/bWlCC++aw7wVJaigjIkFIpMi38U+g5WhWDHMCbyaOpzytq7eY1YgWHKEj ZVGWrsU0JFtZFpXzkKTns0UaIGUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSORlzW F4VaPkWvFXUTPt+nA712ezAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKD6IzANBgkqhkiG9w0BAQsFAAOCAQEAYbwoQaYJQzXiZE1XaA3d QzH7/Zn4xNorcZt1bAvS55iPQ67VsVIfaYTbDp8gaD84c+QSzWwWBIek8UQdxeQm qHZnCG0cZzW4pNg0R+7qH6PgxhLnPI/6a0J5cFlsGSZCYJn03f8cqq36va+/25Dr VyI04qe5nMrpUXVr2EF5m0cbDE38tB5TygMnru9FtedFrk2xfPMGCsjppmp2cQbk fCyx+gBjUStxFHUkY1iH5rfnoNraZB/OkW0j05i5/TdzXYSFxzMHOoIMDVTsKk3a G8ukrKITAqDyu4Scsmq83ag1ZDumLA/tvWtMXPfctUqevLEcjy7MpHxADWtBVDPN HQ== -----END CERTIFICATE-----Generated at Mon Mar 2 07:55:54 2026 by rpki-client