$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa File: AS153538.roa (raw, json) Hash identifier: sDys/FXf3g1466qnRyx68yvDoFfB05p72zSb4o/aLvY= Subject key identifier: A5:8F:E0:34:95:D3:EF:1B:CC:E7:37:D6:03:89:5B:07:46:E0:F0:12 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3B85D2DF7EC8C4ED99D8E5377EE1741F5E94215F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa Signing time: Sat 14 Feb 2026 15:00:00 +0000 ROA not before: Sat 14 Feb 2026 14:55:00 +0000 ROA not after: Sat 13 Feb 2027 15:00:00 +0000 asID: 153538 IP address blocks: 161.248.172.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:85:d2:df:7e:c8:c4:ed:99:d8:e5:37:7e:e1:74:1f:5e:94:21:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 14 14:55:00 2026 GMT Not After : Feb 13 15:00:00 2027 GMT Subject: CN=A58FE03495D3EF1BCCE737D603895B0746E0F012 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e4:68:33:dc:19:39:7e:cd:ad:24:8c:1a:05: 8e:de:b5:1f:29:a8:fd:cf:0c:93:31:24:3f:0a:cf: 54:8c:85:3b:ab:cb:13:bf:fd:67:38:06:5a:d6:71: ec:cd:73:56:39:a7:e6:31:fd:0c:be:4a:2c:da:a4: bf:cc:a7:39:d2:1f:71:d4:80:fc:80:c7:3d:d9:ba: 7f:fc:37:87:52:67:fc:7c:9f:bd:42:32:5f:08:fa: a9:67:06:20:0a:72:3c:4a:f0:d4:de:39:6f:02:72: fa:b9:76:d9:9f:25:4d:d4:3c:93:10:0c:47:33:6d: 5c:af:99:39:5c:91:71:8f:e9:e3:67:d2:b9:31:9c: ff:14:7c:c7:34:e0:fb:61:23:7b:8d:a5:46:c7:49: 49:29:a1:fd:1a:79:ab:cd:04:9d:71:88:71:34:db: ed:12:ab:f9:61:de:f5:cb:19:fc:92:70:6e:62:2e: 3d:cb:ce:2b:b4:57:8d:81:93:6d:d5:fe:8e:93:90: f7:bd:29:d2:16:9a:6b:f5:d3:90:4c:a3:1e:10:60: af:46:e4:5f:e3:72:44:0d:a8:7a:c3:d6:db:b1:76: 37:09:12:06:08:2e:3c:8d:ea:63:10:fd:30:69:71: 2b:9d:7a:4f:d6:79:0d:5f:18:95:f4:32:d9:60:af: ee:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:8F:E0:34:95:D3:EF:1B:CC:E7:37:D6:03:89:5B:07:46:E0:F0:12 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.172.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:96:2f:98:e6:f5:6e:b7:f5:2a:48:7c:86:40:fe:e4:bd:0c: 89:54:2c:af:65:1f:54:5b:27:f1:60:3c:d9:8a:af:ab:0d:13: 48:bb:64:fb:5c:fa:01:9b:8b:44:ba:c5:ba:b9:b1:f9:1c:7d: 16:0e:c7:e2:34:75:c2:9b:90:d4:75:1d:b2:14:e3:24:88:3c: 24:f6:be:27:16:89:f9:a5:d0:3b:62:69:c2:32:43:93:a9:1a: ec:21:a4:d4:12:76:1a:68:b5:c5:8d:1b:17:21:c7:0d:2e:de: d0:d5:9a:86:10:6b:86:ee:45:e6:4f:ae:61:23:55:98:d4:85: 4a:16:5e:80:f2:ec:72:e3:fe:36:ee:ea:43:e8:7d:6e:b1:29: 03:43:e5:7e:13:bc:ed:50:e4:6a:0e:e8:fe:f6:1c:be:1e:8e: 4c:b6:52:25:19:40:ba:97:ae:89:db:75:07:b6:4e:3d:b4:92: a2:25:9c:69:aa:cb:0b:0f:36:6b:e0:8a:73:76:a6:6d:2e:bd: 09:df:ef:7c:70:50:1e:63:ec:05:3c:8e:58:3b:44:5a:46:04: 24:26:72:76:74:3c:1d:19:6a:d4:63:43:2e:e2:2a:19:87:11: fd:89:6e:db:99:3b:5f:d6:04:a1:5c:f1:f2:d7:7b:33:2e:f8: bd:08:33:13 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUO4XS337IxO2Z2OU3fuF0H16UIV8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIxNDE0NTUwMFoX DTI3MDIxMzE1MDAwMFowMzExMC8GA1UEAxMoQTU4RkUwMzQ5NUQzRUYxQkNDRTcz N0Q2MDM4OTVCMDc0NkUwRjAxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMvkaDPcGTl+za0kjBoFjt61Hymo/c8MkzEkPwrPVIyFO6vLE7/9ZzgGWtZx 7M1zVjmn5jH9DL5KLNqkv8ynOdIfcdSA/IDHPdm6f/w3h1Jn/HyfvUIyXwj6qWcG IApyPErw1N45bwJy+rl22Z8lTdQ8kxAMRzNtXK+ZOVyRcY/p42fSuTGc/xR8xzTg +2Eje42lRsdJSSmh/Rp5q80EnXGIcTTb7RKr+WHe9csZ/JJwbmIuPcvOK7RXjYGT bdX+jpOQ970p0haaa/XTkEyjHhBgr0bkX+NyRA2oesPW27F2NwkSBgguPI3qYxD9 MGlxK516T9Z5DV8YlfQy2WCv7o0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSlj+A0 ldPvG8znN9YDiVsHRuDwEjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUzOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaH4rDANBgkqhkiG9w0BAQsFAAOCAQEAWpYvmOb1brf1Kkh8hkD+ 5L0MiVQsr2UfVFsn8WA82Yqvqw0TSLtk+1z6AZuLRLrFurmx+Rx9Fg7H4jR1wpuQ 1HUdshTjJIg8JPa+JxaJ+aXQO2JpwjJDk6ka7CGk1BJ2Gmi1xY0bFyHHDS7e0NWa hhBrhu5F5k+uYSNVmNSFShZegPLscuP+Nu7qQ+h9brEpA0PlfhO87VDkag7o/vYc vh6OTLZSJRlAupeuidt1B7ZOPbSSoiWcaarLCw82a+CKc3ambS69Cd/vfHBQHmPs BTyOWDtEWkYEJCZydnQ8HRlq1GNDLuIqGYcR/Ylu25k7X9YEoVzx8td7My74vQgz Ew== -----END CERTIFICATE-----Generated at Mon Mar 2 09:37:34 2026 by rpki-client