$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152009.roa File: AS152009.roa (raw, json) Hash identifier: HhJbcShpCehUW4KuAY/N1ljOTc2C7sAfaHjDCW34tpI= Subject key identifier: 1F:D2:A2:DE:78:95:84:D0:52:D9:64:B8:86:D1:5F:15:96:AB:CC:BB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 54F3DE9D3A850E4C82AC25A84836AAB73CE0CE33 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152009.roa Signing time: Mon 07 Jul 2025 05:00:00 +0000 ROA not before: Mon 07 Jul 2025 04:55:00 +0000 ROA not after: Mon 06 Jul 2026 05:00:00 +0000 asID: 152009 IP address blocks: 103.38.106.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 06:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:f3:de:9d:3a:85:0e:4c:82:ac:25:a8:48:36:aa:b7:3c:e0:ce:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 7 04:55:00 2025 GMT Not After : Jul 6 05:00:00 2026 GMT Subject: CN=1FD2A2DE789584D052D964B886D15F1596ABCCBB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:41:fd:54:22:f4:90:2e:9a:ad:b1:7e:df:72: bb:92:6e:b9:32:97:8f:2d:22:fb:ff:e0:30:35:e4: d0:4d:e0:ad:b2:55:3a:3f:6b:2e:fa:99:8b:6a:33: 1b:60:e7:83:51:1d:69:a1:ce:60:7f:a0:54:2c:5f: 30:5b:85:c2:8d:fb:d3:ac:97:1a:f1:e3:37:f5:80: b2:79:2a:3e:01:0b:a9:27:63:0d:cc:09:39:a8:8a: 4d:bb:7a:45:12:a5:8e:eb:ce:53:95:ad:e6:f0:66: bb:cc:8a:8c:10:58:5c:22:52:bf:a8:28:b7:7f:9f: 82:30:f1:83:9d:51:c3:c8:ee:eb:3e:9e:be:4b:ca: 06:16:39:07:ef:e7:b2:cc:e2:43:1b:6f:e8:a1:1c: 3d:7b:ed:84:96:01:1d:b6:44:f4:f7:88:5c:62:36: 0d:12:1b:46:e0:a4:ed:c2:1b:50:4d:69:21:ab:c6: a9:6f:7e:4c:e7:cf:1c:ec:0a:ac:f3:f3:2e:64:7e: aa:22:b1:24:9e:5c:9a:05:a8:96:1f:eb:4a:86:ea: 9e:df:e5:94:53:bc:4f:e5:bc:1c:b1:6c:3c:66:a3: 52:49:e5:62:1f:76:0d:b7:cb:fc:08:2b:35:06:27: 3b:1d:a0:82:77:9d:e3:94:40:6e:0b:6e:f6:d1:12: ef:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:D2:A2:DE:78:95:84:D0:52:D9:64:B8:86:D1:5F:15:96:AB:CC:BB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.38.106.0/23 Signature Algorithm: sha256WithRSAEncryption 40:a5:2d:19:e9:f1:fe:74:fa:a8:90:31:b5:3d:0b:5c:30:a7: 36:84:13:f0:19:6d:26:17:df:db:32:45:82:c3:eb:59:45:6f: 34:6e:1d:f6:14:62:13:2a:1b:57:ab:da:10:e9:81:91:c9:11: e7:1a:a3:8e:4d:8e:d3:97:55:04:31:c3:a6:b9:d9:cf:88:ce: c8:98:fa:22:fd:ec:69:9d:a9:3a:51:29:7c:0d:44:63:95:02: fb:33:de:8d:6a:22:11:1a:e6:ad:a2:e7:7e:4c:71:5d:46:cd: 56:80:87:30:3a:2f:8a:70:4b:fe:55:9a:34:0d:21:9e:bf:59: 8e:b5:06:5c:16:1c:32:68:4d:de:81:c5:f8:33:8c:6e:77:c9: 7e:d5:48:c1:e5:fd:9f:9b:a9:ed:ce:24:2a:ed:11:4d:08:92: ee:4b:dc:ed:b5:61:b6:b9:11:07:04:f7:8e:9a:58:73:37:11: b8:b9:5d:49:7b:d5:3b:69:54:81:ab:1f:25:be:88:b7:e1:04: 8d:b2:d4:c6:15:28:0f:1e:3d:7e:df:c2:06:b6:69:b3:09:fa: 14:30:88:c0:42:5d:79:67:d2:f1:cf:78:54:75:49:18:6c:f7: 5a:28:65:aa:41:c4:c2:7c:38:f7:05:14:d5:50:59:d4:16:2f: cf:32:b3:8e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUVPPenTqFDkyCrCWoSDaqtzzgzjMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcwNzA0NTUwMFoX DTI2MDcwNjA1MDAwMFowMzExMC8GA1UEAxMoMUZEMkEyREU3ODk1ODREMDUyRDk2 NEI4ODZEMTVGMTU5NkFCQ0NCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN5B/VQi9JAumq2xft9yu5JuuTKXjy0i+//gMDXk0E3grbJVOj9rLvqZi2oz G2Dng1EdaaHOYH+gVCxfMFuFwo3706yXGvHjN/WAsnkqPgELqSdjDcwJOaiKTbt6 RRKljuvOU5Wt5vBmu8yKjBBYXCJSv6got3+fgjDxg51Rw8ju6z6evkvKBhY5B+/n ssziQxtv6KEcPXvthJYBHbZE9PeIXGI2DRIbRuCk7cIbUE1pIavGqW9+TOfPHOwK rPPzLmR+qiKxJJ5cmgWolh/rSobqnt/llFO8T+W8HLFsPGajUknlYh92DbfL/Agr NQYnOx2ggned45RAbgtu9tES718CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQf0qLe eJWE0FLZZLiG0V8VlqvMuzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWcmajANBgkqhkiG9w0BAQsFAAOCAQEAQKUtGenx/nT6qJAxtT0L XDCnNoQT8BltJhff2zJFgsPrWUVvNG4d9hRiEyobV6vaEOmBkckR5xqjjk2O05dV BDHDprnZz4jOyJj6Iv3saZ2pOlEpfA1EY5UC+zPejWoiERrmraLnfkxxXUbNVoCH MDovinBL/lWaNA0hnr9ZjrUGXBYcMmhN3oHF+DOMbnfJftVIweX9n5up7c4kKu0R TQiS7kvc7bVhtrkRBwT3jppYczcRuLldSXvVO2lUgasfJb6It+EEjbLUxhUoDx49 ft/CBrZpswn6FDCIwEJdeWfS8c94VHVJGGz3WihlqkHEwnw49wUU1VBZ1BYvzzKz jg== -----END CERTIFICATE-----Generated at Mon Jul 21 07:25:52 2025 by rpki-client