$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa File: AS153486.roa (raw, json) Hash identifier: na7tt2bRiBRXIl4Sa4ta1EJQXyJIWqtqoaR5m4rWssM= Subject key identifier: BC:27:08:06:7B:C8:0C:39:3F:56:BC:97:6B:8B:A0:7A:77:DC:D9:59 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1EB699F1044ECCD1BE93127D03410CDD6E9E79FF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa Signing time: Thu 26 Mar 2026 04:00:00 +0000 ROA not before: Thu 26 Mar 2026 03:55:00 +0000 ROA not after: Thu 25 Mar 2027 04:00:00 +0000 asID: 153486 IP address blocks: 160.250.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:b6:99:f1:04:4e:cc:d1:be:93:12:7d:03:41:0c:dd:6e:9e:79:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 26 03:55:00 2026 GMT Not After : Mar 25 04:00:00 2027 GMT Subject: CN=BC2708067BC80C393F56BC976B8BA07A77DCD959 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:42:4a:ef:43:23:02:3b:b9:f9:68:3e:5b:e8: f7:86:65:f9:f3:4e:21:1b:c2:b7:db:8c:dc:34:df: f6:24:0f:39:c4:bc:25:56:e0:71:73:64:ec:cd:82: 75:4a:1c:05:5b:a2:74:f2:c9:e2:f3:0d:5e:e1:31: dc:e5:11:2c:ee:eb:4f:1e:78:35:18:cb:4d:1e:54: e6:9d:b4:af:ce:10:c0:2a:50:bd:30:a0:65:1e:61: 21:43:55:27:e1:c2:b6:7c:cd:f1:74:23:b7:2a:6f: b1:2a:f6:59:98:05:ea:f6:8a:af:b7:03:4b:05:47: db:7e:af:77:d0:67:c5:ba:96:d0:64:7c:24:e2:2f: 05:50:0a:fa:4c:67:10:3d:40:52:9f:26:8b:2e:a2: e6:ef:13:31:93:be:c5:e7:ba:b2:3c:e5:da:09:4d: f0:53:cc:37:50:ed:97:70:03:66:ee:ff:84:65:b7: 07:9a:e7:ee:48:9d:d9:4d:c9:02:e8:44:ab:ea:3d: 3f:97:e4:e0:04:3b:e0:50:bf:e8:c0:59:2a:19:9a: e4:e8:e8:d0:2f:19:28:eb:02:d0:74:23:ba:b7:3f: 82:86:d5:08:22:67:13:1e:a5:12:74:9d:de:00:91: 26:65:ae:94:8b:dc:99:3e:de:ed:9b:b5:1a:c0:15: 81:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:27:08:06:7B:C8:0C:39:3F:56:BC:97:6B:8B:A0:7A:77:DC:D9:59 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153486.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.194.0/23 Signature Algorithm: sha256WithRSAEncryption 94:7a:60:c7:56:3e:c4:ff:50:65:b7:8a:01:dc:33:38:00:a3: 71:51:f3:53:3a:df:ee:11:7e:ce:e6:f5:c3:03:35:29:e8:5b: 3c:38:d0:03:db:42:25:80:d3:c0:8b:3a:11:04:9e:56:cf:40: 81:1f:c3:b9:d6:19:46:c2:09:60:f1:63:c6:52:3c:a2:ea:86: 8b:13:c8:3f:f8:bf:e1:e0:05:1d:aa:0f:a4:4a:c8:c1:17:9b: ed:ea:82:84:61:8f:92:6e:d4:61:cb:f6:7e:69:3d:e3:71:ec: 36:62:19:74:64:b3:87:ba:1f:cf:87:23:ca:cd:73:cc:6f:77: d0:e3:96:2e:0b:6c:19:97:ca:4c:8c:b1:12:52:ff:25:3b:f8: 7c:ee:a8:a0:0b:c3:38:5b:ca:99:40:f2:9b:32:a9:ff:ef:e8: c0:85:4e:96:a3:39:d1:f1:74:54:ed:da:6b:59:8b:3b:06:48: 5a:3e:37:d5:e8:14:7f:72:3f:9e:55:3e:2f:d3:36:fd:61:75: ea:3e:4f:99:6e:b6:5f:f7:09:78:43:8e:08:73:0b:52:ef:b0: 11:83:26:c0:a5:d1:98:6c:26:b9:47:6c:72:10:89:c7:5b:ec: f8:f0:7b:46:11:fc:21:b0:8b:e8:6f:9e:c8:7b:1c:31:44:86: 2e:06:85:17 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHraZ8QROzNG+kxJ9A0EM3W6eef8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMyNjAzNTUwMFoX DTI3MDMyNTA0MDAwMFowMzExMC8GA1UEAxMoQkMyNzA4MDY3QkM4MEMzOTNGNTZC Qzk3NkI4QkEwN0E3N0RDRDk1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALpCSu9DIwI7ufloPlvo94Zl+fNOIRvCt9uM3DTf9iQPOcS8JVbgcXNk7M2C dUocBVuidPLJ4vMNXuEx3OURLO7rTx54NRjLTR5U5p20r84QwCpQvTCgZR5hIUNV J+HCtnzN8XQjtypvsSr2WZgF6vaKr7cDSwVH236vd9BnxbqW0GR8JOIvBVAK+kxn ED1AUp8miy6i5u8TMZO+xee6sjzl2glN8FPMN1Dtl3ADZu7/hGW3B5rn7kid2U3J AuhEq+o9P5fk4AQ74FC/6MBZKhma5Ojo0C8ZKOsC0HQjurc/gobVCCJnEx6lEnSd 3gCRJmWulIvcmT7e7Zu1GsAVgVcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS8JwgG e8gMOT9WvJdri6B6d9zZWTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaD6wjANBgkqhkiG9w0BAQsFAAOCAQEAlHpgx1Y+xP9QZbeKAdwz OACjcVHzUzrf7hF+zub1wwM1KehbPDjQA9tCJYDTwIs6EQSeVs9AgR/DudYZRsIJ YPFjxlI8ouqGixPIP/i/4eAFHaoPpErIwReb7eqChGGPkm7UYcv2fmk943HsNmIZ dGSzh7ofz4cjys1zzG930OOWLgtsGZfKTIyxElL/JTv4fO6ooAvDOFvKmUDymzKp /+/owIVOlqM50fF0VO3aa1mLOwZIWj431egUf3I/nlU+L9M2/WF16j5PmW62X/cJ eEOOCHMLUu+wEYMmwKXRmGwmuUdschCJx1vs+PB7RhH8IbCL6G+eyHscMUSGLgaF Fw== -----END CERTIFICATE-----Generated at Thu Mar 26 10:47:11 2026 by rpki-client