$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24521.roa File: AS24521.roa (raw, json) Hash identifier: 8iXtcIuwV88aDpgpJEL1f8LV/NJJ3J6jopdk1pIGcZw= Subject key identifier: 4D:9F:10:B4:E6:C7:10:3A:F3:C3:B3:C0:BB:4A:9F:2B:44:66:C2:5A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6A9ACDFCFE01E4E95CDEAB33D477D30AD127DACA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24521.roa Signing time: Thu 17 Jul 2025 02:03:46 +0000 ROA not before: Thu 17 Jul 2025 01:58:46 +0000 ROA not after: Thu 16 Jul 2026 02:03:46 +0000 asID: 24521 IP address blocks: 103.147.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:11:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:9a:cd:fc:fe:01:e4:e9:5c:de:ab:33:d4:77:d3:0a:d1:27:da:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 17 01:58:46 2025 GMT Not After : Jul 16 02:03:46 2026 GMT Subject: CN=4D9F10B4E6C7103AF3C3B3C0BB4A9F2B4466C25A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:26:76:d6:e8:99:0f:2a:90:53:3e:53:e7:20: 59:f7:ca:56:9d:88:06:71:64:a4:1e:8f:e5:0d:a6: cb:8a:da:85:f5:81:02:e8:20:99:c7:2a:01:56:8a: 6d:75:7f:5c:70:b5:40:0b:e9:b3:4f:6b:6c:a8:9d: 77:1a:e9:d8:6c:6d:19:f6:bb:f6:d1:ff:7a:b3:69: da:2f:c3:e9:e5:7d:21:20:9f:e7:91:84:27:0c:44: 28:8d:4d:11:91:5e:85:ac:fb:3b:f7:23:50:70:0c: cc:cc:8c:5e:b1:59:5e:73:05:cd:58:a2:9a:8b:22: 38:0b:44:25:83:35:e8:d9:61:fd:4b:bd:85:55:94: c5:90:82:80:fb:71:e8:f4:07:25:86:2d:7b:89:5a: fa:f6:92:b3:3f:41:33:b9:d9:1b:1d:67:d1:64:ee: 91:ea:c2:2a:7e:b1:48:fa:31:83:9a:b5:ec:55:da: 81:3f:c2:5b:92:15:eb:32:fb:9a:eb:f6:2b:ee:4a: 97:0e:92:49:b9:93:c0:73:ea:91:5a:00:3f:3d:b5: 34:ba:03:f4:06:0e:24:91:f4:a8:2d:a8:77:85:ec: 06:19:61:05:af:a3:ad:29:d2:c6:05:44:fb:2b:4a: 7f:51:2c:80:e3:7b:16:79:f3:ac:f3:50:57:91:e2: a1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:9F:10:B4:E6:C7:10:3A:F3:C3:B3:C0:BB:4A:9F:2B:44:66:C2:5A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.147.254.0/24 Signature Algorithm: sha256WithRSAEncryption 80:59:e9:90:5b:08:62:99:02:4b:92:8f:9d:87:ef:c6:a7:72: 62:15:13:b7:7d:4b:2f:f2:7d:ae:c2:9c:2a:3e:d6:2e:9a:57: 9f:bc:a0:ad:4d:c7:e9:73:49:cc:aa:56:07:cd:79:31:1e:21: c6:ec:ec:79:fe:6e:8e:46:49:81:e9:ca:db:c2:33:f1:25:f5: cf:89:d7:86:45:4b:1e:84:2b:27:a7:8b:a3:2a:15:bd:b9:36: 87:d9:36:28:94:04:cd:21:c9:fe:1b:bb:31:a6:7f:01:f1:c7: c3:17:32:0a:cf:51:3c:65:6e:50:de:0e:0a:30:37:90:93:02: e1:83:29:c8:2e:d6:0f:25:34:ba:5e:7a:f7:ab:cc:df:b8:42: bc:37:b4:d8:28:e0:7c:ad:6e:12:76:df:cc:85:41:2d:57:2e: 0e:95:c2:47:0b:b8:27:ff:1f:2d:33:fe:85:7a:0c:64:26:68: a5:54:76:42:42:0b:94:e2:d4:6f:48:e8:f6:3e:2d:25:ef:75: 1d:07:a3:0f:a0:a7:05:1e:cc:d2:b9:9a:d7:9e:ef:67:c8:8a: 8c:06:72:66:6e:4a:c9:ea:7d:5b:f1:50:52:9d:c4:ca:c0:af: a4:a6:84:00:27:7e:fc:3f:e7:7a:d8:5a:33:24:a8:4d:14:ae: 79:69:26:96 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUaprN/P4B5Olc3qsz1HfTCtEn2sowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxNzAxNTg0NloX DTI2MDcxNjAyMDM0NlowMzExMC8GA1UEAxMoNEQ5RjEwQjRFNkM3MTAzQUYzQzNC M0MwQkI0QTlGMkI0NDY2QzI1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYmdtbomQ8qkFM+U+cgWffKVp2IBnFkpB6P5Q2my4rahfWBAuggmccqAVaK bXV/XHC1QAvps09rbKiddxrp2GxtGfa79tH/erNp2i/D6eV9ISCf55GEJwxEKI1N EZFehaz7O/cjUHAMzMyMXrFZXnMFzViimosiOAtEJYM16Nlh/Uu9hVWUxZCCgPtx 6PQHJYYte4la+vaSsz9BM7nZGx1n0WTukerCKn6xSPoxg5q17FXagT/CW5IV6zL7 muv2K+5Klw6SSbmTwHPqkVoAPz21NLoD9AYOJJH0qC2od4XsBhlhBa+jrSnSxgVE +ytKf1EsgON7FnnzrPNQV5HiofECAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRNnxC0 5scQOvPDs8C7Sp8rRGbCWjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0NTIxLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZ5P+MA0GCSqGSIb3DQEBCwUAA4IBAQCAWemQWwhimQJLko+dh+/G p3JiFRO3fUsv8n2uwpwqPtYumlefvKCtTcfpc0nMqlYHzXkxHiHG7Ox5/m6ORkmB 6crbwjPxJfXPideGRUsehCsnp4ujKhW9uTaH2TYolATNIcn+G7sxpn8B8cfDFzIK z1E8ZW5Q3g4KMDeQkwLhgynILtYPJTS6Xnr3q8zfuEK8N7TYKOB8rW4Sdt/MhUEt Vy4OlcJHC7gn/x8tM/6FegxkJmilVHZCQguU4tRvSOj2Pi0l73UdB6MPoKcFHszS uZrXnu9nyIqMBnJmbkrJ6n1b8VBSncTKwK+kpoQAJ378P+d62FozJKhNFK55aSaW -----END CERTIFICATE-----Generated at Mon Jul 21 00:00:17 2025 by rpki-client