$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154353.roa File: AS154353.roa (raw, json) Hash identifier: F5GLifhBNuWJ0sKUXsASRDP4B2qORUtmAZmFUiCVdSU= Subject key identifier: 90:31:84:6C:39:5A:1A:8A:1D:C0:1A:7D:5A:2B:10:2F:F4:62:5A:C3 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2092AA564E6DBD93339A51D9402227EEB47471F3 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154353.roa Signing time: Wed 28 Jan 2026 01:46:24 +0000 ROA not before: Wed 28 Jan 2026 01:41:24 +0000 ROA not after: Wed 27 Jan 2027 01:46:24 +0000 asID: 154353 IP address blocks: 138.252.114.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:92:aa:56:4e:6d:bd:93:33:9a:51:d9:40:22:27:ee:b4:74:71:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 28 01:41:24 2026 GMT Not After : Jan 27 01:46:24 2027 GMT Subject: CN=9031846C395A1A8A1DC01A7D5A2B102FF4625AC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d1:b7:b4:d2:63:3d:7c:cc:5d:84:7d:7c:c5: cb:0e:0a:e6:08:83:33:51:5b:49:05:cd:88:ef:ab: 65:85:f7:7c:f0:d5:c0:73:4d:3d:40:1e:2c:b5:eb: 18:58:03:d8:b7:d5:1a:76:6b:73:b3:26:b0:f6:a4: e4:ac:26:de:49:cc:56:01:0b:56:fc:3f:d7:c6:45: 6c:6f:5c:3b:fa:e7:cd:06:57:cb:04:e0:7f:56:a8: 4f:4f:ac:1e:c8:47:6a:bc:ac:f0:aa:02:cf:64:15: 0a:16:4a:49:33:07:d8:77:ef:4a:ed:cf:c1:c3:76: 95:a6:cf:1b:d4:d5:c1:54:0d:ad:90:4b:56:c2:9c: 80:12:51:13:31:5e:94:b0:83:47:cc:f8:6d:4d:b4: 8e:64:04:f4:7e:9f:d0:28:13:58:2a:a3:65:eb:a5: 41:b3:55:93:14:f6:3d:ad:35:0d:bb:92:9a:f7:3b: 7e:a0:08:9a:e7:34:8a:7a:53:8a:82:0c:38:bf:b8: a5:8c:1b:08:8f:98:bd:fa:c5:4f:27:e3:c3:e4:b2: ed:49:8a:3e:da:1a:47:9d:71:4b:b7:c6:81:79:6a: d1:a3:c7:6c:78:28:66:ad:bc:b6:dd:1c:2b:f4:2a: f9:65:0e:62:31:f1:f0:f8:72:1f:ad:da:b7:5b:bd: 36:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:31:84:6C:39:5A:1A:8A:1D:C0:1A:7D:5A:2B:10:2F:F4:62:5A:C3 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154353.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.114.0/24 Signature Algorithm: sha256WithRSAEncryption 46:cb:2b:25:4c:83:2d:68:32:46:45:c5:3b:7e:71:cf:f5:6c: 4b:ce:58:fc:a7:c3:55:ae:05:1b:80:fe:2d:d9:85:97:b0:83: ab:95:cf:91:20:c0:0b:aa:21:66:47:da:57:f4:a0:a4:70:34: 4f:52:9b:4d:22:39:40:2f:c1:fb:1e:f4:07:ce:63:7c:a2:fe: e4:d6:46:3a:ab:d7:41:d7:dc:1a:a7:6a:ae:83:0b:3c:69:b6: 8d:52:19:77:c5:30:47:f5:4a:ba:df:04:4e:84:03:92:89:78: 10:7d:66:4a:4b:a2:90:5e:fb:7a:24:9f:61:be:b4:aa:76:7e: 7c:b4:57:5f:ca:0e:e4:3e:a1:74:29:66:be:cc:7a:ce:77:e5: 37:fa:02:62:01:f4:48:cb:31:15:a0:51:72:d3:17:8e:12:79: 6e:85:2c:f5:93:29:c1:17:5c:2b:bc:29:79:d4:8b:67:13:68: 19:32:3a:d5:01:2c:ac:3d:06:63:1c:e2:d9:af:c7:75:f7:86: 3a:8a:0f:1c:ef:12:0f:28:07:5d:92:ab:8e:15:2a:6e:12:c5: 3c:4e:03:40:53:ec:e4:3d:ec:ea:a4:1e:73:e0:59:b1:a6:e2: 2d:ad:5f:0f:a5:09:e2:c9:b8:e5:d2:92:7e:93:e8:b9:84:85: eb:a2:9b:a5 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIJKqVk5tvZMzmlHZQCIn7rR0cfMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDEyODAxNDEyNFoX DTI3MDEyNzAxNDYyNFowMzExMC8GA1UEAxMoOTAzMTg0NkMzOTVBMUE4QTFEQzAx QTdENUEyQjEwMkZGNDYyNUFDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMvRt7TSYz18zF2EfXzFyw4K5giDM1FbSQXNiO+rZYX3fPDVwHNNPUAeLLXr GFgD2LfVGnZrc7MmsPak5Kwm3knMVgELVvw/18ZFbG9cO/rnzQZXywTgf1aoT0+s HshHarys8KoCz2QVChZKSTMH2HfvSu3PwcN2labPG9TVwVQNrZBLVsKcgBJREzFe lLCDR8z4bU20jmQE9H6f0CgTWCqjZeulQbNVkxT2Pa01DbuSmvc7fqAImuc0inpT ioIMOL+4pYwbCI+YvfrFTyfjw+Sy7UmKPtoaR51xS7fGgXlq0aPHbHgoZq28tt0c K/Qq+WUOYjHx8PhyH63at1u9NrkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSQMYRs OVoaih3AGn1aKxAv9GJawzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDM1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAIr8cjANBgkqhkiG9w0BAQsFAAOCAQEARssrJUyDLWgyRkXFO35x z/VsS85Y/KfDVa4FG4D+LdmFl7CDq5XPkSDAC6ohZkfaV/SgpHA0T1KbTSI5QC/B +x70B85jfKL+5NZGOqvXQdfcGqdqroMLPGm2jVIZd8UwR/VKut8EToQDkol4EH1m SkuikF77eiSfYb60qnZ+fLRXX8oO5D6hdClmvsx6znflN/oCYgH0SMsxFaBRctMX jhJ5boUs9ZMpwRdcK7wpedSLZxNoGTI61QEsrD0GYxzi2a/HdfeGOooPHO8SDygH XZKrjhUqbhLFPE4DQFPs5D3s6qQec+BZsabiLa1fD6UJ4sm45dKSfpPouYSF66Kb pQ== -----END CERTIFICATE-----Generated at Mon Mar 2 09:34:50 2026 by rpki-client