$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153554.roa File: AS153554.roa (raw, json) Hash identifier: Dlcj+lJL+w9YfBmF8YBZOtE+HeLUhNHm+zlzoUiM0Xw= Subject key identifier: 3E:19:63:8C:C6:DC:87:28:11:4C:F2:6B:D8:77:5F:76:BD:0F:7A:5B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 79ABEF9069F731070BDC5351C88D087E8997AB4F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153554.roa Signing time: Mon 02 Feb 2026 01:00:00 +0000 ROA not before: Mon 02 Feb 2026 00:55:00 +0000 ROA not after: Mon 01 Feb 2027 01:00:00 +0000 asID: 153554 IP address blocks: 161.248.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:ab:ef:90:69:f7:31:07:0b:dc:53:51:c8:8d:08:7e:89:97:ab:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 2 00:55:00 2026 GMT Not After : Feb 1 01:00:00 2027 GMT Subject: CN=3E19638CC6DC8728114CF26BD8775F76BD0F7A5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:dc:c1:26:9a:96:44:eb:96:38:b7:c0:69:79: f3:49:97:7c:eb:59:26:78:3f:72:f2:db:e9:7f:13: c2:d8:43:d1:01:fc:55:26:12:0b:9e:fc:c8:03:7c: db:b5:3f:f4:4b:f6:dc:86:39:52:b9:59:78:42:82: 67:29:14:63:39:dc:8d:17:86:30:b5:72:3b:6a:bf: 60:9d:f2:18:1e:29:0b:2c:29:ad:e9:b7:cc:b5:6c: 08:43:f3:8f:f8:6a:46:e4:42:1e:fb:01:5a:4c:98: e8:5e:a5:97:46:9f:d6:ad:f5:11:c6:2f:84:43:1b: 05:b0:15:91:90:ff:5d:33:42:ff:b7:ca:82:55:7c: bd:59:51:87:e4:97:5e:84:ca:fc:07:ef:0e:79:ce: 06:90:a2:89:49:31:96:c3:2c:38:f9:cb:f3:74:bb: ac:d7:a6:37:9f:d3:4e:20:02:85:21:66:e3:17:92: 8c:12:36:dd:33:75:d1:30:5b:db:48:c2:b8:43:b0: 74:82:18:02:ae:35:ef:a3:7c:f2:69:cf:dd:7b:ca: 30:1d:3c:8d:1b:74:8f:79:af:62:d8:3b:30:05:d9: b7:21:ac:bf:9c:36:3a:fe:53:82:c5:c0:ad:6e:8b: 6a:b8:d5:df:a5:de:3b:07:ad:9b:b1:90:49:84:f7: cc:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:19:63:8C:C6:DC:87:28:11:4C:F2:6B:D8:77:5F:76:BD:0F:7A:5B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153554.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.158.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:05:b2:3e:ee:23:6e:14:b0:a3:43:74:3a:3f:39:36:cc:0e: f1:e9:f0:38:d0:ec:b0:03:6a:a3:96:8a:95:1b:24:a9:62:2b: 1c:74:76:91:78:86:93:b5:ed:3b:01:dd:ba:ae:17:43:fb:a1: 65:cb:a7:ac:b1:50:22:c4:57:4d:5d:03:06:8b:34:40:69:1d: fc:d7:97:29:e5:01:fa:ae:77:04:02:a5:80:b0:64:ea:8e:fc: 2f:f1:73:63:84:57:d8:f8:ff:18:7e:12:98:f5:62:93:ca:88: 28:3c:e7:e0:0f:27:6b:01:e2:50:c9:5b:78:8c:0c:2e:03:fa: 37:38:f1:88:20:07:d6:b7:b7:b3:00:0a:1c:65:c4:ef:81:25: de:62:65:68:0d:74:fe:98:9d:60:b1:e0:85:84:ed:73:63:3c: fa:ed:9c:f9:8a:03:74:f8:46:a1:21:bf:7b:9d:ac:1a:90:16: 02:03:6f:39:a4:90:26:36:af:c9:2d:9f:8c:7c:7c:90:11:2a: 51:9c:c0:ab:ff:c8:f2:2b:86:45:5a:cf:27:24:6a:26:b7:da: 08:d5:3f:a2:5f:89:04:29:17:d0:2e:ba:66:10:77:a4:31:18: 7a:39:c9:2b:cb:fc:f0:5f:f4:41:f8:35:e0:ec:69:ca:68:c1: 93:6c:48:06 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUeavvkGn3MQcL3FNRyI0IfomXq08wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIwMjAwNTUwMFoX DTI3MDIwMTAxMDAwMFowMzExMC8GA1UEAxMoM0UxOTYzOENDNkRDODcyODExNENG MjZCRDg3NzVGNzZCRDBGN0E1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOncwSaalkTrlji3wGl580mXfOtZJng/cvLb6X8TwthD0QH8VSYSC578yAN8 27U/9Ev23IY5UrlZeEKCZykUYzncjReGMLVyO2q/YJ3yGB4pCywprem3zLVsCEPz j/hqRuRCHvsBWkyY6F6ll0af1q31EcYvhEMbBbAVkZD/XTNC/7fKglV8vVlRh+SX XoTK/AfvDnnOBpCiiUkxlsMsOPnL83S7rNemN5/TTiAChSFm4xeSjBI23TN10TBb 20jCuEOwdIIYAq4176N88mnP3XvKMB08jRt0j3mvYtg7MAXZtyGsv5w2Ov5TgsXA rW6LarjV36XeOwetm7GQSYT3zEECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ+GWOM xtyHKBFM8mvYd192vQ96WzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzU1NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH4njANBgkqhkiG9w0BAQsFAAOCAQEAagWyPu4jbhSwo0N0Oj85 NswO8enwONDssANqo5aKlRskqWIrHHR2kXiGk7XtOwHduq4XQ/uhZcunrLFQIsRX TV0DBos0QGkd/NeXKeUB+q53BAKlgLBk6o78L/FzY4RX2Pj/GH4SmPVik8qIKDzn 4A8nawHiUMlbeIwMLgP6NzjxiCAH1re3swAKHGXE74El3mJlaA10/pidYLHghYTt c2M8+u2c+YoDdPhGoSG/e52sGpAWAgNvOaSQJjavyS2fjHx8kBEqUZzAq//I8iuG RVrPJyRqJrfaCNU/ol+JBCkX0C66ZhB3pDEYejnJK8v88F/0Qfg14OxpymjBk2xI Bg== -----END CERTIFICATE-----Generated at Mon Mar 2 07:56:10 2026 by rpki-client