$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154067.roa File: AS154067.roa (raw, json) Hash identifier: e6n8l5jgVcPegHJnuD5wYzLcyXQs6rTO/v7WLlLO8T0= Subject key identifier: DF:20:A5:DA:92:B0:C3:5A:E7:33:83:A0:7F:CC:54:F0:CC:B5:7F:06 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 16E9FA3CA0BAC789739C7BFB5E1940B29393C629 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154067.roa Signing time: Wed 04 Mar 2026 04:27:56 +0000 ROA not before: Wed 04 Mar 2026 04:22:56 +0000 ROA not after: Wed 03 Mar 2027 04:27:56 +0000 asID: 154067 IP address blocks: 165.101.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 08:48:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:e9:fa:3c:a0:ba:c7:89:73:9c:7b:fb:5e:19:40:b2:93:93:c6:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 4 04:22:56 2026 GMT Not After : Mar 3 04:27:56 2027 GMT Subject: CN=DF20A5DA92B0C35AE73383A07FCC54F0CCB57F06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:5d:23:5b:d4:8b:7b:48:90:6a:3d:f5:d4:75: 30:66:c1:2b:64:c7:dc:c2:84:ee:8a:1f:06:c7:ac: 98:24:26:d9:76:6f:6d:94:0d:0a:0e:d7:24:0b:90: 18:eb:14:a9:27:ed:4d:9c:84:94:04:87:0e:fd:d9: 36:68:87:92:a4:0b:6d:dd:4f:fb:d9:44:b8:ad:bd: 6e:b7:00:2d:ce:83:28:8a:1f:ad:9b:0a:59:26:8c: bb:49:44:39:b8:10:73:47:c8:39:85:8e:e6:94:dd: fa:ed:17:e4:27:c2:7b:78:72:f1:05:32:9f:66:c5: e4:c7:a6:bf:af:60:1c:35:05:25:89:c1:80:9a:bb: 8d:dd:f1:60:0e:d0:9a:60:10:fb:79:81:32:c6:ff: 75:0f:dc:c7:6e:b0:8b:41:a4:54:93:d2:3c:14:02: cd:5f:ae:97:8f:18:5a:83:33:ab:7c:2d:80:8f:88: a1:10:bd:90:09:9a:50:da:7f:16:b5:be:6b:a6:40: ab:63:f3:67:82:e4:af:f8:a2:ab:62:d4:25:c0:99: e6:5d:29:8f:ee:b2:22:d6:e5:4d:29:bd:4a:cc:8a: 9e:ed:42:75:b4:b5:b8:86:6f:cd:d0:96:fe:90:55: 35:fb:f0:14:f7:bb:42:e0:9a:2a:3c:8a:69:be:f5: 37:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:20:A5:DA:92:B0:C3:5A:E7:33:83:A0:7F:CC:54:F0:CC:B5:7F:06 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154067.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.121.0/24 Signature Algorithm: sha256WithRSAEncryption 21:3e:9b:d8:f1:b7:24:7f:a7:f2:be:66:e5:68:ed:17:6d:7d: 1a:59:5f:ae:ef:77:27:55:d2:2b:25:21:51:fa:b0:7a:91:58: e6:d0:16:1e:39:5c:59:70:0e:2f:a7:9b:14:68:44:bc:b5:44: 3a:cf:a8:5a:d6:c7:32:df:2e:e0:e1:16:2e:ed:8b:f8:6e:b2: f7:de:51:6a:af:d3:f8:5f:c8:6e:31:37:bf:36:5b:69:f0:26: bf:65:6e:7f:d1:29:f8:32:c7:b5:84:ff:57:23:0a:d8:50:73: f4:5c:db:b7:f1:8f:02:21:ae:7a:66:81:ab:c1:f3:cb:aa:01: 13:3f:e3:e7:d4:00:91:fe:55:1e:c0:55:92:26:c0:31:57:2f: 6b:db:b5:ac:a8:10:d6:01:78:32:85:40:da:d2:13:6b:47:85: ee:3e:d4:9a:ad:0e:6c:c2:58:a7:8a:02:dd:d9:fe:97:5a:bc: 59:19:af:6b:b8:33:f6:71:b8:52:6f:6b:88:56:52:d6:9a:85: 8c:87:b3:f1:51:6e:e9:a4:56:c2:f3:e5:98:b4:2d:cc:d7:a3: b2:4f:83:53:53:df:b8:1e:98:45:11:1b:09:4b:93:4b:86:35: 7a:08:75:75:3d:26:4c:bd:19:6a:df:63:0c:b5:68:7a:56:ff: 82:d4:ef:e0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFun6PKC6x4lznHv7XhlAspOTxikwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMwNDA0MjI1NloX DTI3MDMwMzA0Mjc1NlowMzExMC8GA1UEAxMoREYyMEE1REE5MkIwQzM1QUU3MzM4 M0EwN0ZDQzU0RjBDQ0I1N0YwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5dI1vUi3tIkGo99dR1MGbBK2TH3MKE7oofBsesmCQm2XZvbZQNCg7XJAuQ GOsUqSftTZyElASHDv3ZNmiHkqQLbd1P+9lEuK29brcALc6DKIofrZsKWSaMu0lE ObgQc0fIOYWO5pTd+u0X5CfCe3hy8QUyn2bF5Memv69gHDUFJYnBgJq7jd3xYA7Q mmAQ+3mBMsb/dQ/cx26wi0GkVJPSPBQCzV+ul48YWoMzq3wtgI+IoRC9kAmaUNp/ FrW+a6ZAq2PzZ4Lkr/iiq2LUJcCZ5l0pj+6yItblTSm9SsyKnu1CdbS1uIZvzdCW /pBVNfvwFPe7QuCaKjyKab71Ny8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTfIKXa krDDWuczg6B/zFTwzLV/BjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDA2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVleTANBgkqhkiG9w0BAQsFAAOCAQEAIT6b2PG3JH+n8r5m5Wjt F219Gllfru93J1XSKyUhUfqwepFY5tAWHjlcWXAOL6ebFGhEvLVEOs+oWtbHMt8u 4OEWLu2L+G6y995Raq/T+F/IbjE3vzZbafAmv2Vuf9Ep+DLHtYT/VyMK2FBz9Fzb t/GPAiGuemaBq8Hzy6oBEz/j59QAkf5VHsBVkibAMVcva9u1rKgQ1gF4MoVA2tIT a0eF7j7Umq0ObMJYp4oC3dn+l1q8WRmva7gz9nG4Um9riFZS1pqFjIez8VFu6aRW wvPlmLQtzNejsk+DU1PfuB6YRREbCUuTS4Y1egh1dT0mTL0Zat9jDLVoelb/gtTv 4A== -----END CERTIFICATE-----Generated at Sat Mar 7 16:06:50 2026 by rpki-client