$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153903.roa File: AS153903.roa (raw, json) Hash identifier: 0y+heJq+xJ4wqsYHNIfRfIGGGtvtbV3ujNCynsmb7yk= Subject key identifier: AF:B4:0C:15:6F:D0:60:BB:E8:EB:F4:DA:DA:E8:7B:84:FF:FE:9F:84 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 36A6769C833142B751D93C67E95BF5C0A1E387F5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153903.roa Signing time: Fri 24 Oct 2025 07:22:34 +0000 ROA not before: Fri 24 Oct 2025 07:17:34 +0000 ROA not after: Fri 23 Oct 2026 07:22:34 +0000 asID: 153903 IP address blocks: 165.99.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 10:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:a6:76:9c:83:31:42:b7:51:d9:3c:67:e9:5b:f5:c0:a1:e3:87:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 24 07:17:34 2025 GMT Not After : Oct 23 07:22:34 2026 GMT Subject: CN=AFB40C156FD060BBE8EBF4DADAE87B84FFFE9F84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:17:74:8f:63:da:a3:0f:63:0e:0e:11:fc:af: ec:7b:cc:3d:60:79:34:bf:27:23:28:c9:58:8b:76: f2:c7:70:49:68:76:36:e6:0d:dd:2d:ed:7f:91:07: a7:21:66:5f:4d:76:a8:54:25:6f:83:34:93:4e:74: ba:29:7a:eb:5a:d3:c3:85:1f:1b:ae:c3:46:4e:34: 9b:ec:5f:41:bb:36:a7:64:27:44:81:8f:f3:a0:40: b1:a6:13:74:ce:41:69:87:b6:b4:47:bc:c3:1e:45: a1:38:6f:ca:a4:7b:b7:25:51:4c:c3:de:49:bc:eb: c8:aa:5c:ae:1e:d0:94:2d:6e:26:ba:10:61:8a:93: 40:cd:b8:f1:c8:1f:27:09:a9:ec:94:cb:06:92:ac: 2d:d2:4f:51:dd:ae:98:22:a0:90:1d:6a:44:43:25: 79:a6:77:0e:da:2d:5f:ae:a1:37:d3:03:dd:7a:ef: af:77:7f:31:a4:2d:92:a5:40:1c:ad:41:93:b5:78: d2:dd:a8:9c:66:4c:e0:a8:0c:e6:20:87:69:db:ea: 70:d3:18:c3:4e:43:6d:27:ef:eb:85:76:6d:ac:d4: 52:b4:df:91:9b:2a:88:cf:9d:32:83:a1:e3:66:d3: 5d:85:47:e0:29:76:27:06:f2:28:c5:37:98:8f:55: 6b:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:B4:0C:15:6F:D0:60:BB:E8:EB:F4:DA:DA:E8:7B:84:FF:FE:9F:84 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153903.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.32.0/24 Signature Algorithm: sha256WithRSAEncryption 47:2f:80:f0:6e:d2:67:7d:9d:35:31:d7:c1:50:2a:d0:ba:21: 64:d6:d3:0b:df:e3:37:3f:f2:c5:e5:6c:1d:b9:54:c0:b3:82: bb:8d:5b:17:1a:04:70:f9:72:b8:c0:f0:97:7a:a4:41:96:14: 22:e7:84:cb:28:d5:ab:73:bd:55:1f:b2:a0:c5:0b:fe:90:03: 71:5c:79:bc:0e:c6:de:f1:aa:f5:0c:21:06:42:e3:dc:c2:97: 39:34:9a:83:0a:2d:43:b1:ad:d9:12:91:b9:57:d6:3c:db:98: 7d:7d:0f:ca:1e:55:3d:24:74:6e:ef:41:19:c2:d3:8e:1b:5d: 2b:9c:87:ff:95:90:07:46:03:c2:2a:6c:ce:39:52:06:bb:8a: e7:54:13:ab:13:88:5c:00:dc:fc:c4:6b:1b:c1:b0:30:9c:ca: 06:99:0e:a1:4e:7e:cb:5c:13:79:e5:d6:92:e4:bb:6c:43:e5: 3e:15:40:4b:ff:40:6a:7f:79:2a:1b:06:87:c7:2b:08:d8:f9: df:31:3a:49:2a:81:cd:02:b6:79:83:ab:0c:26:91:8f:9b:e5: 07:87:e5:5e:dd:f4:3d:2f:84:79:ce:24:64:b0:a6:bf:9f:0c: 08:7f:10:3c:e4:aa:1b:f4:19:e0:9d:2c:27:38:42:89:30:a4: 9d:59:dc:ea -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNqZ2nIMxQrdR2Txn6Vv1wKHjh/UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAyNDA3MTczNFoX DTI2MTAyMzA3MjIzNFowMzExMC8GA1UEAxMoQUZCNDBDMTU2RkQwNjBCQkU4RUJG NERBREFFODdCODRGRkZFOUY4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAXdI9j2qMPYw4OEfyv7HvMPWB5NL8nIyjJWIt28sdwSWh2NuYN3S3tf5EH pyFmX012qFQlb4M0k050uil661rTw4UfG67DRk40m+xfQbs2p2QnRIGP86BAsaYT dM5BaYe2tEe8wx5FoThvyqR7tyVRTMPeSbzryKpcrh7QlC1uJroQYYqTQM248cgf Jwmp7JTLBpKsLdJPUd2umCKgkB1qREMleaZ3DtotX66hN9MD3Xrvr3d/MaQtkqVA HK1Bk7V40t2onGZM4KgM5iCHadvqcNMYw05DbSfv64V2bazUUrTfkZsqiM+dMoOh 42bTXYVH4Cl2JwbyKMU3mI9Va2MCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSvtAwV b9Bgu+jr9Nra6HuE//6fhDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzkwMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjIDANBgkqhkiG9w0BAQsFAAOCAQEARy+A8G7SZ32dNTHXwVAq 0LohZNbTC9/jNz/yxeVsHblUwLOCu41bFxoEcPlyuMDwl3qkQZYUIueEyyjVq3O9 VR+yoMUL/pADcVx5vA7G3vGq9QwhBkLj3MKXOTSagwotQ7Gt2RKRuVfWPNuYfX0P yh5VPSR0bu9BGcLTjhtdK5yH/5WQB0YDwipszjlSBruK51QTqxOIXADc/MRrG8Gw MJzKBpkOoU5+y1wTeeXWkuS7bEPlPhVAS/9Aan95KhsGh8crCNj53zE6SSqBzQK2 eYOrDCaRj5vlB4flXt30PS+Eec4kZLCmv58MCH8QPOSqG/QZ4J0sJzhCiTCknVnc 6g== -----END CERTIFICATE-----Generated at Wed Nov 5 18:29:54 2025 by rpki-client