$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153479.roa File: AS153479.roa (raw, json) Hash identifier: OQD5LugDNMaD+zMWyOj6jxq8cNjsUPpsdOyDs100q6s= Subject key identifier: 65:E4:8D:E8:31:F3:4A:3A:26:04:4E:69:AE:FF:FD:C2:3E:77:0A:1A Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 39A80799D4AF9EE9E38CE07E23F0F38F10662499 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153479.roa Signing time: Tue 10 Mar 2026 02:17:21 +0000 ROA not before: Tue 10 Mar 2026 02:12:21 +0000 ROA not after: Tue 09 Mar 2027 02:17:21 +0000 asID: 153479 IP address blocks: 160.191.201.0/24 maxlen: 24 192.203.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 22:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:a8:07:99:d4:af:9e:e9:e3:8c:e0:7e:23:f0:f3:8f:10:66:24:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 10 02:12:21 2026 GMT Not After : Mar 9 02:17:21 2027 GMT Subject: CN=65E48DE831F34A3A26044E69AEFFFDC23E770A1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d9:d4:4b:29:06:7a:41:a5:d2:18:cc:4c:8b: 0b:66:b3:10:c4:7b:ee:41:49:e7:16:4f:c1:1d:41: 73:e2:90:30:ba:79:2d:6e:4f:27:a1:68:c3:d1:d6: 85:2c:ca:de:13:9d:01:b7:d1:ad:d8:e5:55:75:2f: a8:4f:b9:9c:93:8a:74:5f:e0:52:de:54:64:08:b3: 60:3a:84:0c:da:6c:9d:12:c4:fb:7b:d5:21:5a:1e: 21:b9:f2:7a:3d:83:73:64:62:dd:a8:40:6c:31:83: 97:fc:f3:87:10:08:69:06:f4:4f:dc:49:30:58:f1: df:75:49:53:9e:84:9c:64:ba:42:05:3b:52:55:a7: 0d:7b:71:ec:01:b0:8e:2d:06:30:76:3f:25:0c:48: e6:80:20:3e:94:9b:e6:22:f0:19:a5:39:52:1f:92: d2:b7:4d:87:ed:e0:6f:96:97:4a:cd:ce:eb:0e:87: e9:c9:7e:0b:fd:98:24:5a:a2:d1:93:59:cf:fa:d5: db:b0:2d:2b:74:e3:a9:d2:53:72:f6:3e:ef:e7:c1: 31:b3:c7:5b:aa:4b:5a:4a:87:c2:34:0f:28:23:38: c7:ac:ca:06:63:cd:2b:a5:42:dd:aa:9b:60:9d:9b: 08:f6:f6:8d:cc:fc:eb:c9:1a:c8:28:44:ba:74:80: c3:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:E4:8D:E8:31:F3:4A:3A:26:04:4E:69:AE:FF:FD:C2:3E:77:0A:1A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153479.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.201.0/24 192.203.39.0/24 Signature Algorithm: sha256WithRSAEncryption 72:46:ed:bc:1e:fc:1b:eb:36:c4:64:45:2f:0e:6c:97:aa:75: e4:e9:ac:e3:2f:a4:9c:16:8d:d2:0a:08:53:06:73:f9:30:2a: 08:b8:95:a2:8b:6b:c0:2e:8d:2f:c2:04:4b:87:34:5c:6a:72: 20:cc:32:a3:92:ff:5d:e4:c6:4c:2d:46:3c:73:b0:93:53:9b: 99:80:f3:ba:a6:f0:e9:6d:92:d2:ec:c4:36:74:d0:0f:f1:13: d9:b7:7a:79:d2:95:06:a8:92:6d:48:a0:c3:d9:8e:6c:81:59: 1f:74:7b:bd:dc:39:40:9d:42:d4:86:8a:d6:b3:4f:42:ea:c2: 51:86:e1:54:05:81:62:10:68:57:bc:d5:83:5e:2a:7e:4d:82: 05:28:d6:bc:a0:2f:67:fd:82:d3:c3:58:f1:b9:3e:ba:5c:08: 80:3e:2d:46:e5:7e:f0:fa:30:96:5e:2a:ff:cc:d8:4e:81:0e: 43:31:ad:c4:59:75:fc:58:34:32:1c:0f:63:77:24:f9:c6:e6: 4f:0d:64:ee:8b:00:96:6e:85:95:88:cf:39:3a:fb:ff:75:09: 01:5d:23:fe:28:5c:16:5c:ea:76:4b:ee:b8:98:83:fc:49:7e: 73:44:f0:5b:12:4c:84:0b:98:4c:76:70:08:a7:99:f6:b4:37: b4:82:90:74 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUOagHmdSvnunjjOB+I/DzjxBmJJkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMxMDAyMTIyMVoX DTI3MDMwOTAyMTcyMVowMzExMC8GA1UEAxMoNjVFNDhERTgzMUYzNEEzQTI2MDQ0 RTY5QUVGRkZEQzIzRTc3MEExQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjZ1EspBnpBpdIYzEyLC2azEMR77kFJ5xZPwR1Bc+KQMLp5LW5PJ6Fow9HW hSzK3hOdAbfRrdjlVXUvqE+5nJOKdF/gUt5UZAizYDqEDNpsnRLE+3vVIVoeIbny ej2Dc2Ri3ahAbDGDl/zzhxAIaQb0T9xJMFjx33VJU56EnGS6QgU7UlWnDXtx7AGw ji0GMHY/JQxI5oAgPpSb5iLwGaU5Uh+S0rdNh+3gb5aXSs3O6w6H6cl+C/2YJFqi 0ZNZz/rV27AtK3TjqdJTcvY+7+fBMbPHW6pLWkqHwjQPKCM4x6zKBmPNK6VC3aqb YJ2bCPb2jcz868kayChEunSAw5kCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBRl5I3o MfNKOiYETmmu//3CPncKGjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ3OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAKC/yQMEAMDLJzANBgkqhkiG9w0BAQsFAAOCAQEAckbtvB78G+s2 xGRFLw5sl6p15Oms4y+knBaN0goIUwZz+TAqCLiVootrwC6NL8IES4c0XGpyIMwy o5L/XeTGTC1GPHOwk1ObmYDzuqbw6W2S0uzENnTQD/ET2bd6edKVBqiSbUigw9mO bIFZH3R7vdw5QJ1C1IaK1rNPQurCUYbhVAWBYhBoV7zVg14qfk2CBSjWvKAvZ/2C 08NY8bk+ulwIgD4tRuV+8Powll4q/8zYToEOQzGtxFl1/Fg0MhwPY3ck+cbmTw1k 7osAlm6FlYjPOTr7/3UJAV0j/ihcFlzqdkvuuJiD/El+c0TwWxJMhAuYTHZwCKeZ 9rQ3tIKQdA== -----END CERTIFICATE-----Generated at Thu Mar 26 20:40:53 2026 by rpki-client