$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153115.roa File: AS153115.roa (raw, json) Hash identifier: yEK91PYojWbFU1jXrOXmK8jZqvoFf2jfTc9ElKWdWmM= Subject key identifier: 78:7C:38:67:4E:66:9F:FF:7B:2E:8E:41:78:48:E0:1E:C9:87:6A:15 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 093EB8E640063FC96173FF3B7F4C83242CABBE83 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153115.roa Signing time: Wed 15 Oct 2025 02:14:08 +0000 ROA not before: Wed 15 Oct 2025 02:09:08 +0000 ROA not after: Wed 14 Oct 2026 02:14:08 +0000 asID: 153115 IP address blocks: 157.20.48.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:3e:b8:e6:40:06:3f:c9:61:73:ff:3b:7f:4c:83:24:2c:ab:be:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 15 02:09:08 2025 GMT Not After : Oct 14 02:14:08 2026 GMT Subject: CN=787C38674E669FFF7B2E8E417848E01EC9876A15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fc:70:f6:62:8b:76:3a:1e:3c:89:8e:8a:64: b7:bc:83:6b:34:7b:42:56:f8:cf:f7:ca:a5:6e:34: 9f:45:a2:6a:cd:ba:1e:e4:f1:3e:6a:86:fd:c4:df: ba:b5:f2:0a:5e:ab:d2:a2:bb:70:73:57:22:f1:65: cb:50:ae:66:c7:02:6a:ff:2d:27:ae:e9:00:91:b9: b5:d9:80:c6:7f:a6:10:d6:4c:30:c8:0c:05:d8:1c: c9:65:90:a8:8d:c6:47:68:67:49:63:72:a7:67:cf: 65:81:8b:73:35:8e:87:7c:14:c6:3f:f2:b4:eb:da: f9:6a:a0:91:a0:02:a6:80:21:94:91:a8:c8:d9:35: d2:b3:71:47:4a:04:9f:1e:b5:2b:41:b8:70:69:b9: b0:3d:5b:cc:6a:d1:dd:61:aa:0d:72:c2:19:3a:a4: c2:8c:7f:71:ca:8d:31:77:b7:25:83:21:3c:92:6e: e4:83:ac:49:b6:01:13:16:ca:91:04:d4:2b:35:5a: 57:fd:d5:e6:d1:3e:91:1b:0f:16:de:07:50:1d:f2: 8e:22:76:7d:87:08:f7:cf:8d:aa:a0:19:5e:31:3d: 00:d2:88:8a:cd:65:c3:4e:4a:da:97:b5:1a:05:36: 4b:80:ea:a8:62:06:b6:98:45:97:18:2a:7e:c6:3c: 64:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:7C:38:67:4E:66:9F:FF:7B:2E:8E:41:78:48:E0:1E:C9:87:6A:15 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153115.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.48.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:1a:d0:ac:4b:c3:64:35:82:56:e5:e7:b4:01:44:0a:61:46: 11:54:9b:c8:78:c7:c6:2a:46:57:8c:7e:1a:56:07:e9:ae:9b: 3e:e8:8c:4f:e1:ec:25:d6:a4:e8:bb:2b:2a:8a:2f:89:bc:83: e3:90:f3:42:a4:9a:7d:90:f0:bf:ca:38:e1:c2:65:a1:a9:9f: 16:4b:40:14:7b:28:11:80:77:5e:0f:9f:68:2f:e0:a2:1d:b9: 1a:7d:47:22:e8:65:f7:14:fb:c8:48:d2:e6:5c:7a:03:1b:fc: b6:cf:9d:5f:33:a3:70:a5:7f:a6:9c:ee:a4:a7:d3:dc:b9:1a: 03:a1:bf:9e:a5:b4:4e:5e:7f:28:0f:df:67:94:a8:0b:63:15: 1d:60:69:c1:c9:eb:5f:e7:f5:83:e1:21:27:3a:3a:92:36:0a: e1:46:77:46:4b:df:29:5c:19:2b:4d:65:38:0e:e8:86:0d:6f: 4b:91:58:39:8f:7d:4f:48:44:2d:a7:8b:a1:a3:ce:54:09:c8: c0:fd:02:c1:c5:89:06:51:b4:58:29:29:68:eb:ab:7d:6a:65: 89:1e:89:c6:a8:e8:89:df:4d:23:04:63:db:68:ce:7f:df:f0: 2b:6e:dc:ac:c5:61:04:b2:55:72:44:95:98:46:ce:54:60:89: 2b:af:9d:ec -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUCT645kAGP8lhc/87f0yDJCyrvoMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxNTAyMDkwOFoX DTI2MTAxNDAyMTQwOFowMzExMC8GA1UEAxMoNzg3QzM4Njc0RTY2OUZGRjdCMkU4 RTQxNzg0OEUwMUVDOTg3NkExNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMP8cPZii3Y6HjyJjopkt7yDazR7Qlb4z/fKpW40n0Wias26HuTxPmqG/cTf urXyCl6r0qK7cHNXIvFly1CuZscCav8tJ67pAJG5tdmAxn+mENZMMMgMBdgcyWWQ qI3GR2hnSWNyp2fPZYGLczWOh3wUxj/ytOva+WqgkaACpoAhlJGoyNk10rNxR0oE nx61K0G4cGm5sD1bzGrR3WGqDXLCGTqkwox/ccqNMXe3JYMhPJJu5IOsSbYBExbK kQTUKzVaV/3V5tE+kRsPFt4HUB3yjiJ2fYcI98+NqqAZXjE9ANKIis1lw05K2pe1 GgU2S4DqqGIGtphFlxgqfsY8ZFECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR4fDhn Tmaf/3sujkF4SOAeyYdqFTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzExNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UMDANBgkqhkiG9w0BAQsFAAOCAQEAfBrQrEvDZDWCVuXntAFE CmFGEVSbyHjHxipGV4x+GlYH6a6bPuiMT+HsJdak6LsrKoovibyD45DzQqSafZDw v8o44cJloamfFktAFHsoEYB3Xg+faC/goh25Gn1HIuhl9xT7yEjS5lx6Axv8ts+d XzOjcKV/ppzupKfT3LkaA6G/nqW0Tl5/KA/fZ5SoC2MVHWBpwcnrX+f1g+EhJzo6 kjYK4UZ3RkvfKVwZK01lOA7ohg1vS5FYOY99T0hELaeLoaPOVAnIwP0CwcWJBlG0 WCkpaOurfWpliR6Jxqjoid9NIwRj22jOf9/wK27crMVhBLJVckSVmEbOVGCJK6+d 7A== -----END CERTIFICATE-----Generated at Mon Oct 20 05:17:56 2025 by rpki-client