$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa File: AS153601.roa (raw, json) Hash identifier: 0xN0mSMOGR/O6AZYdxcH90tv2cEbiJ/ObZ87ENCQ3fU= Subject key identifier: 19:60:3F:E5:F8:2A:D3:38:D1:65:5A:7A:1C:69:DD:0B:75:3B:B0:80 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3648339CDD08B24161A8D89CB97B6E647323E5C6 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa Signing time: Tue 24 Feb 2026 04:00:00 +0000 ROA not before: Tue 24 Feb 2026 03:55:00 +0000 ROA not after: Tue 23 Feb 2027 04:00:00 +0000 asID: 153601 IP address blocks: 161.248.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:48:33:9c:dd:08:b2:41:61:a8:d8:9c:b9:7b:6e:64:73:23:e5:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 24 03:55:00 2026 GMT Not After : Feb 23 04:00:00 2027 GMT Subject: CN=19603FE5F82AD338D1655A7A1C69DD0B753BB080 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:ff:d0:8c:78:87:33:29:1e:d7:70:0a:ff:a2: ad:bc:a3:67:d5:d6:dd:95:45:ff:de:b2:ac:55:f5: 21:ae:0c:3b:75:07:bb:5d:12:87:00:ae:b3:33:5d: ce:18:e7:5e:48:c3:ea:30:b3:d7:31:9b:04:bf:88: a7:ab:91:3f:98:0b:a0:c9:72:de:7a:c7:b3:3e:15: f0:be:73:50:d1:7b:93:a2:e0:52:a5:4f:70:1d:7e: e5:c3:bb:16:c2:1b:5d:73:3b:9b:d7:94:31:00:7a: 85:8f:f2:fa:6c:3b:8d:96:f5:ed:56:c2:8b:6f:70: 99:78:ce:61:92:ab:6f:ec:63:d8:5f:f1:b4:c5:f5: 28:76:19:61:26:d6:e1:77:20:f3:80:ad:77:c1:15: 48:14:a2:1b:e9:9c:ed:8a:80:67:54:a5:a3:e8:17: 12:7e:ff:b5:52:31:b8:d5:05:1c:a1:92:f2:35:f3: 39:c0:19:54:8f:05:dc:44:66:d8:02:57:d7:06:67: 73:f3:bf:f0:26:14:31:30:1a:78:d1:cf:2d:21:af: 69:ef:c0:62:8b:15:66:cc:a3:f7:cf:dd:ef:10:05: d0:a2:d2:ae:01:93:63:80:92:8e:9b:9e:f6:94:70: aa:4b:e2:2f:eb:4c:1f:28:af:21:a4:9e:73:d8:1c: 39:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:60:3F:E5:F8:2A:D3:38:D1:65:5A:7A:1C:69:DD:0B:75:3B:B0:80 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153601.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.233.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:8f:c3:46:5d:70:f8:bf:7c:c2:8c:d9:54:cc:4d:22:8c:7b: dc:c3:c2:ac:6c:b2:e0:cc:43:63:22:be:36:64:36:91:16:1d: bd:be:13:98:a0:67:12:ab:c2:4e:93:44:82:3b:44:31:cb:0d: 63:f8:85:07:5a:da:3d:65:06:f4:bf:d0:7e:df:c3:e4:96:65: 6b:7f:76:f7:b5:b2:88:21:52:0a:68:58:bd:78:0d:5e:90:19: 94:d2:63:0d:9f:f1:7d:eb:83:11:79:8b:1c:c2:6f:bb:17:5e: 35:5e:1d:57:62:31:79:43:e4:d9:a4:d8:a8:dc:48:01:b4:37: f4:a5:b8:31:7c:75:9a:c0:3d:42:5c:2e:79:a4:af:ec:2f:b4: e4:a8:2c:3a:e9:01:aa:bc:cf:f8:50:15:b1:af:38:d6:e4:4c: 9f:d0:c2:26:82:b8:3e:ea:0e:61:84:b2:5e:f4:a2:2a:9d:73: 91:46:60:b6:93:44:ae:11:ca:92:60:8b:b8:d4:44:da:68:58: 80:cc:ae:e0:f6:87:77:a9:12:e0:cb:ee:84:8a:f7:2a:a4:fe: 4a:27:fd:f3:a6:b3:04:dd:f7:0b:2a:1a:a7:2c:3c:1f:0a:c8: a0:ce:66:12:39:06:c8:30:08:35:a3:9b:3a:c4:11:a9:13:44: 76:bd:5b:70 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNkgznN0IskFhqNicuXtuZHMj5cYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIyNDAzNTUwMFoX DTI3MDIyMzA0MDAwMFowMzExMC8GA1UEAxMoMTk2MDNGRTVGODJBRDMzOEQxNjU1 QTdBMUM2OUREMEI3NTNCQjA4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJb/0Ix4hzMpHtdwCv+irbyjZ9XW3ZVF/96yrFX1Ia4MO3UHu10ShwCuszNd zhjnXkjD6jCz1zGbBL+Ip6uRP5gLoMly3nrHsz4V8L5zUNF7k6LgUqVPcB1+5cO7 FsIbXXM7m9eUMQB6hY/y+mw7jZb17VbCi29wmXjOYZKrb+xj2F/xtMX1KHYZYSbW 4Xcg84Ctd8EVSBSiG+mc7YqAZ1Slo+gXEn7/tVIxuNUFHKGS8jXzOcAZVI8F3ERm 2AJX1wZnc/O/8CYUMTAaeNHPLSGvae/AYosVZsyj98/d7xAF0KLSrgGTY4CSjpue 9pRwqkviL+tMHyivIaSec9gcOUsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQZYD/l +CrTONFlWnocad0LdTuwgDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzYwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH46TANBgkqhkiG9w0BAQsFAAOCAQEALo/DRl1w+L98wozZVMxN Iox73MPCrGyy4MxDYyK+NmQ2kRYdvb4TmKBnEqvCTpNEgjtEMcsNY/iFB1raPWUG 9L/Qft/D5JZla39297WyiCFSCmhYvXgNXpAZlNJjDZ/xfeuDEXmLHMJvuxdeNV4d V2IxeUPk2aTYqNxIAbQ39KW4MXx1msA9QlwueaSv7C+05KgsOukBqrzP+FAVsa84 1uRMn9DCJoK4PuoOYYSyXvSiKp1zkUZgtpNErhHKkmCLuNRE2mhYgMyu4PaHd6kS 4MvuhIr3KqT+Sif986azBN33Cyoapyw8HwrIoM5mEjkGyDAINaObOsQRqRNEdr1b cA== -----END CERTIFICATE-----Generated at Mon Mar 2 07:56:15 2026 by rpki-client