$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153963.roa File: AS153963.roa (raw, json) Hash identifier: cwkdGcwvdZwPH2OuvLRyyMvaxoF7AUYnlqesQ3XgDGo= Subject key identifier: D9:02:2C:99:3C:8A:2B:C7:F4:2C:D4:67:C5:4F:DF:94:08:46:40:D0 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 45CA7CE1B4C5F358496411064902904987ACDC1E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153963.roa Signing time: Tue 24 Feb 2026 03:42:20 +0000 ROA not before: Tue 24 Feb 2026 03:37:20 +0000 ROA not after: Tue 23 Feb 2027 03:42:20 +0000 asID: 153963 IP address blocks: 165.99.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:ca:7c:e1:b4:c5:f3:58:49:64:11:06:49:02:90:49:87:ac:dc:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 24 03:37:20 2026 GMT Not After : Feb 23 03:42:20 2027 GMT Subject: CN=D9022C993C8A2BC7F42CD467C54FDF94084640D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:45:c8:de:c1:d5:cf:a2:65:e6:af:c8:d2:56: 47:32:3f:21:90:ae:f5:3b:fa:99:e0:fd:42:0d:53: f6:1a:6d:3f:3d:90:b2:31:ce:39:84:24:1b:24:f9: f1:48:ce:d3:2f:f5:22:ff:9a:9e:5e:ab:88:81:87: 30:c8:5d:c7:79:b0:62:02:86:d4:4a:da:e7:8a:3d: dc:c2:93:de:01:b0:e2:c1:15:7c:bd:a1:11:43:7f: 92:e8:47:45:1e:50:d7:ee:33:51:ab:7e:b1:c8:81: 13:a9:5a:82:14:6f:cd:0a:34:2a:e5:63:ba:de:8a: 37:bd:92:b3:90:ed:4c:d3:f4:97:11:3b:c3:5b:5d: f4:72:9a:75:d7:dc:47:bd:c9:35:fd:a3:c9:b2:92: bd:48:75:ff:5e:d5:61:4a:e0:25:eb:85:24:a4:a5: 10:e2:8c:66:bd:74:8d:29:2d:3a:01:f5:16:2e:bb: 98:ff:46:70:37:6a:f0:75:33:9a:c0:8d:57:98:9e: 31:d5:58:af:db:05:77:6d:16:04:53:69:ad:9e:88: a8:8c:de:01:c4:fd:4a:73:ad:86:ca:14:a0:22:6a: 38:29:d6:23:e0:11:2b:eb:b2:d6:06:36:35:23:1a: ad:09:e3:2e:75:75:83:8a:d9:af:7f:51:8a:cc:e7: 7d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:02:2C:99:3C:8A:2B:C7:F4:2C:D4:67:C5:4F:DF:94:08:46:40:D0 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153963.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.154.0/24 Signature Algorithm: sha256WithRSAEncryption 53:6d:9d:ce:7f:25:70:9e:63:e1:9f:fd:c9:48:ab:61:9d:00: ed:0b:21:11:38:f5:ef:5d:eb:e0:d8:5a:bd:51:4a:72:41:9e: 7c:1c:50:60:9a:83:e7:c1:83:4e:3d:b7:ad:d4:18:ac:0e:be: 11:8b:2a:38:d8:d0:fe:41:53:35:a8:d2:e6:f3:a2:be:0f:34: 7f:d0:6e:3c:9a:d2:75:05:26:81:52:18:79:30:4e:14:a2:fb: e9:9f:94:0e:97:6d:73:e6:4f:9b:85:1c:9c:50:af:43:39:40: 6b:4c:d7:d2:9d:be:26:c1:08:e4:14:79:bf:d1:96:08:50:34: 54:0e:c8:10:8c:7d:52:f4:7f:36:d3:8a:d7:4f:91:1e:5a:c2: 46:e5:e6:ab:8b:83:7d:58:7a:4d:67:24:bd:79:84:b3:b2:1b: 8f:1d:c2:ee:08:88:d0:04:e2:41:9d:c9:ad:6c:c6:3c:06:a3: 94:4c:bf:3a:4e:bf:c5:2d:56:c3:11:99:df:b9:19:25:0d:73: 09:45:7c:91:95:5e:28:75:8a:75:2a:57:0f:7c:d5:a1:b3:47: 84:4c:9e:ad:a9:c8:8b:3a:65:db:f7:0c:ed:d6:bf:e1:04:9f: 08:b4:85:fd:b4:7a:67:ba:53:83:e2:d1:07:c2:1d:f1:aa:5a: 7f:27:75:20 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURcp84bTF81hJZBEGSQKQSYes3B4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIyNDAzMzcyMFoX DTI3MDIyMzAzNDIyMFowMzExMC8GA1UEAxMoRDkwMjJDOTkzQzhBMkJDN0Y0MkNE NDY3QzU0RkRGOTQwODQ2NDBEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM9FyN7B1c+iZeavyNJWRzI/IZCu9Tv6meD9Qg1T9hptPz2QsjHOOYQkGyT5 8UjO0y/1Iv+anl6riIGHMMhdx3mwYgKG1Era54o93MKT3gGw4sEVfL2hEUN/kuhH RR5Q1+4zUat+sciBE6laghRvzQo0KuVjut6KN72Ss5DtTNP0lxE7w1td9HKaddfc R73JNf2jybKSvUh1/17VYUrgJeuFJKSlEOKMZr10jSktOgH1Fi67mP9GcDdq8HUz msCNV5ieMdVYr9sFd20WBFNprZ6IqIzeAcT9SnOthsoUoCJqOCnWI+ARK+uy1gY2 NSMarQnjLnV1g4rZr39RisznfdkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTZAiyZ PIorx/Qs1GfFT9+UCEZA0DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk2My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjmjANBgkqhkiG9w0BAQsFAAOCAQEAU22dzn8lcJ5j4Z/9yUir YZ0A7QshETj1713r4NhavVFKckGefBxQYJqD58GDTj23rdQYrA6+EYsqONjQ/kFT NajS5vOivg80f9BuPJrSdQUmgVIYeTBOFKL76Z+UDpdtc+ZPm4UcnFCvQzlAa0zX 0p2+JsEI5BR5v9GWCFA0VA7IEIx9UvR/NtOK10+RHlrCRuXmq4uDfVh6TWckvXmE s7Ibjx3C7giI0ATiQZ3JrWzGPAajlEy/Ok6/xS1WwxGZ37kZJQ1zCUV8kZVeKHWK dSpXD3zVobNHhEyeranIizpl2/cM7da/4QSfCLSF/bR6Z7pTg+LRB8Id8apafyd1 IA== -----END CERTIFICATE-----Generated at Mon Mar 2 09:35:02 2026 by rpki-client