$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153601.roa File: AS153601.roa (raw, json) Hash identifier: 4J9KqkXXUx+7SFhLKgdsdIAWJlkFs5xXwpoLnZmKtNw= Subject key identifier: B3:22:88:6C:C0:1C:8C:30:1D:79:46:A0:AF:64:0C:FC:F3:A8:2C:2B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2DB9CE8C1368E6B9052104C899CEC9A7A145359A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153601.roa Signing time: Tue 24 Feb 2026 04:00:00 +0000 ROA not before: Tue 24 Feb 2026 03:55:00 +0000 ROA not after: Tue 23 Feb 2027 04:00:00 +0000 asID: 153601 IP address blocks: 2001:df4:f640::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:17:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:b9:ce:8c:13:68:e6:b9:05:21:04:c8:99:ce:c9:a7:a1:45:35:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 24 03:55:00 2026 GMT Not After : Feb 23 04:00:00 2027 GMT Subject: CN=B322886CC01C8C301D7946A0AF640CFCF3A82C2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:4a:c6:88:b3:88:14:45:99:3a:a9:f7:52:34: 34:13:0d:f3:85:6d:b0:9e:eb:82:5c:a8:7f:79:5e: af:9c:43:69:03:8b:6f:4c:cc:31:2a:d8:85:63:e0: c4:80:67:5c:c2:53:fd:20:98:02:68:c3:a2:05:df: 25:7d:d4:cc:de:0e:e1:08:f5:01:12:3b:1e:7b:1f: 53:ef:b1:06:50:1b:d8:5e:8d:ba:32:d0:af:c0:f4: 94:b1:01:68:35:c2:1f:a3:97:3f:9f:01:a1:03:b5: 1e:24:a4:53:d4:54:50:5f:73:59:9d:8c:78:e4:89: d0:cf:fa:2a:35:e3:c0:b0:31:95:15:ec:77:d7:ac: 1c:38:f6:86:31:93:ab:72:68:b8:c4:52:28:98:53: 31:60:e7:ae:08:19:c8:c2:a8:59:c4:29:eb:5e:41: b8:de:77:40:9f:1e:5c:dc:54:7f:71:12:26:3d:d5: a9:28:75:a7:22:39:44:f9:36:31:35:8d:72:44:c6: 0a:76:58:87:5a:10:ab:43:8e:ab:3d:30:fd:dc:9e: 15:86:57:91:9b:17:08:d2:f3:0e:ef:e1:55:a8:cc: 1c:d1:2c:7d:65:cb:65:38:55:55:52:73:d3:01:0a: 95:f3:23:59:69:53:4c:b7:05:35:a4:b7:ba:a9:06: ab:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:22:88:6C:C0:1C:8C:30:1D:79:46:A0:AF:64:0C:FC:F3:A8:2C:2B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153601.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:f640::/48 Signature Algorithm: sha256WithRSAEncryption 8d:76:80:c1:3a:35:c9:6c:05:c3:66:15:ac:08:3c:2f:71:8a: bd:8a:52:ce:24:c0:ed:ed:4a:4d:61:31:e9:2b:46:5e:12:45: 18:29:ad:fd:e0:c3:0d:8e:e5:28:26:da:e1:1b:e8:15:37:f6: a9:e7:82:70:b8:80:cb:7a:2b:e1:07:1f:3b:bf:0a:c7:c2:59: 79:63:01:85:cd:4d:e8:e0:a7:32:96:f0:ad:73:0b:98:8e:62: 4d:f6:54:1d:62:ca:1f:7e:ff:6f:48:e6:7f:f2:07:fd:0f:6a: 85:6f:b7:07:a4:be:bb:76:55:16:97:d7:82:3c:6f:19:1f:a9: e3:f2:e6:74:5b:2f:02:1e:98:82:bb:1f:36:81:60:d6:ee:79: a6:0a:77:40:9f:56:45:b0:08:8e:f3:53:9e:ef:14:98:de:ae: 18:07:5a:79:5b:6b:7b:03:e9:37:5a:de:45:d6:f2:df:14:ea: 46:54:ad:a2:a8:d8:16:ed:f5:65:bb:8d:9c:2d:b1:d3:3c:15: 90:4d:c0:24:cc:5f:ab:32:b4:3e:1d:68:46:8e:33:bc:25:eb: d6:4f:c2:ea:fc:45:0b:b6:9a:a7:46:ef:51:79:ea:f4:07:a1: 12:82:df:bd:ba:41:48:18:63:dc:c5:ef:1d:55:a1:c5:88:97: 3c:d2:fa:a5 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIULbnOjBNo5rkFIQTImc7Jp6FFNZowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDIyNDAzNTUwMFoX DTI3MDIyMzA0MDAwMFowMzExMC8GA1UEAxMoQjMyMjg4NkNDMDFDOEMzMDFENzk0 NkEwQUY2NDBDRkNGM0E4MkMyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL1KxoiziBRFmTqp91I0NBMN84VtsJ7rglyof3ler5xDaQOLb0zMMSrYhWPg xIBnXMJT/SCYAmjDogXfJX3UzN4O4Qj1ARI7HnsfU++xBlAb2F6NujLQr8D0lLEB aDXCH6OXP58BoQO1HiSkU9RUUF9zWZ2MeOSJ0M/6KjXjwLAxlRXsd9esHDj2hjGT q3JouMRSKJhTMWDnrggZyMKoWcQp615BuN53QJ8eXNxUf3ESJj3VqSh1pyI5RPk2 MTWNckTGCnZYh1oQq0OOqz0w/dyeFYZXkZsXCNLzDu/hVajMHNEsfWXLZThVVVJz 0wEKlfMjWWlTTLcFNaS3uqkGq+sCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSzIohs wByMMB15RqCvZAz886gsKzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzYwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfT2QDANBgkqhkiG9w0BAQsFAAOCAQEAjXaAwTo1yWwFw2YV rAg8L3GKvYpSziTA7e1KTWEx6StGXhJFGCmt/eDDDY7lKCba4RvoFTf2qeeCcLiA y3or4QcfO78Kx8JZeWMBhc1N6OCnMpbwrXMLmI5iTfZUHWLKH37/b0jmf/IH/Q9q hW+3B6S+u3ZVFpfXgjxvGR+p4/LmdFsvAh6YgrsfNoFg1u55pgp3QJ9WRbAIjvNT nu8UmN6uGAdaeVtrewPpN1reRdby3xTqRlStoqjYFu31ZbuNnC2x0zwVkE3AJMxf qzK0Ph1oRo4zvCXr1k/C6vxFC7aap0bvUXnq9AehEoLfvbpBSBhj3MXvHVWhxYiX PNL6pQ== -----END CERTIFICATE-----Generated at Mon Mar 2 03:02:06 2026 by rpki-client