$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137909.roa File: AS137909.roa (raw, json) Hash identifier: 3gdbRYc1bxKKNfHHZzVV8WUCY7Q4PaJQoSOy4yVdcrs= Subject key identifier: E5:AC:16:B5:FD:09:B2:4C:29:02:52:64:50:4C:78:39:2C:18:C0:AA Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0A5425B04D753F7611506AAB3DA9401C0FA4A324 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137909.roa Signing time: Wed 04 Jun 2025 02:07:34 +0000 ROA not before: Wed 04 Jun 2025 02:02:34 +0000 ROA not after: Wed 03 Jun 2026 02:07:34 +0000 asID: 137909 IP address blocks: 161.248.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 00:59:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:54:25:b0:4d:75:3f:76:11:50:6a:ab:3d:a9:40:1c:0f:a4:a3:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 4 02:02:34 2025 GMT Not After : Jun 3 02:07:34 2026 GMT Subject: CN=E5AC16B5FD09B24C29025264504C78392C18C0AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:89:59:22:be:bf:b8:47:d1:7e:40:81:4d:ca: d4:a9:3a:5a:43:5c:23:84:cf:b9:7b:2f:24:dc:05: f0:44:36:de:f3:61:11:ba:9d:10:e2:26:5c:80:3b: 13:50:fb:de:ad:78:bd:c0:9a:aa:37:4e:cb:db:92: 76:d6:99:d6:ed:24:21:4e:bb:e1:f1:30:0d:1e:ed: 25:d3:ca:1a:c4:27:d6:bb:0f:76:13:99:c6:bc:ea: 37:ac:1b:34:04:e6:ad:55:ea:0d:6e:80:0d:59:dc: 94:f3:97:67:ba:c4:6f:e9:c7:2c:61:76:a5:26:09: 8a:18:4a:0e:ab:d7:27:08:f2:ee:f4:4e:87:6e:c6: 79:02:7e:92:36:49:cc:e1:eb:c9:5e:38:3e:75:6a: e8:6d:e6:e5:83:de:2e:0c:6b:60:13:87:ab:08:37: 90:b4:e9:64:16:a1:1f:a1:52:03:fa:a2:38:e6:a5: ab:16:c2:85:b2:3e:54:51:62:62:ba:0f:2b:41:68: 93:97:99:7d:14:27:bd:42:aa:8c:f4:8c:55:90:db: bb:dc:70:7e:8b:c5:c6:9e:2d:8e:46:22:ff:92:7e: b9:cf:e3:41:b8:ab:8e:7e:df:ca:6e:85:98:71:c2: c4:8d:17:47:4c:44:87:f7:6f:8b:3d:4a:b2:21:08: 6c:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:AC:16:B5:FD:09:B2:4C:29:02:52:64:50:4C:78:39:2C:18:C0:AA X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS137909.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.171.0/24 Signature Algorithm: sha256WithRSAEncryption 53:df:33:b4:18:c9:51:a0:c6:7b:e4:3c:2f:e5:6d:7a:de:df: bc:7a:41:9e:ac:50:1e:70:d3:e6:ee:1a:40:52:c6:30:35:c9: ac:9e:c0:eb:09:9e:4e:a6:fb:2a:b1:02:2f:b0:e8:67:93:3b: 6f:b1:eb:d1:8d:14:b4:72:ca:7a:2d:92:9e:83:fc:37:bf:6b: 6d:c8:91:33:b5:c3:7d:40:d1:d0:7b:3e:f6:9e:f5:f0:de:2c: 20:ee:20:fa:db:bd:3f:85:d3:39:ec:1c:c4:91:c0:e0:94:9f: 2d:34:fd:27:fc:6f:58:8b:4b:a7:61:f0:57:b2:c9:2c:3e:76: 94:28:6d:c5:aa:53:d1:a4:ae:ad:5e:da:a9:ba:10:a6:37:ae: 14:b6:a5:ad:d2:5a:13:9f:0e:f1:63:77:bb:91:4e:d3:f5:5c: ce:53:23:97:4a:d9:16:67:47:4b:fe:e3:2f:f8:22:12:f9:09: 72:42:91:21:31:15:5a:91:7d:c8:66:1c:ed:bd:45:a8:6d:03: be:62:0c:d9:ba:f8:df:6d:cf:89:3d:fb:50:1a:9f:d4:d5:d7: 7d:5f:6d:8d:c4:0e:4f:13:06:4e:f1:ed:4a:bf:5e:4e:de:50: be:eb:c7:67:d3:42:74:c3:59:ab:75:de:87:ff:e2:ae:62:14: ca:bc:d7:6c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUClQlsE11P3YRUGqrPalAHA+koyQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwNDAyMDIzNFoX DTI2MDYwMzAyMDczNFowMzExMC8GA1UEAxMoRTVBQzE2QjVGRDA5QjI0QzI5MDI1 MjY0NTA0Qzc4MzkyQzE4QzBBQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANeJWSK+v7hH0X5AgU3K1Kk6WkNcI4TPuXsvJNwF8EQ23vNhEbqdEOImXIA7 E1D73q14vcCaqjdOy9uSdtaZ1u0kIU674fEwDR7tJdPKGsQn1rsPdhOZxrzqN6wb NATmrVXqDW6ADVnclPOXZ7rEb+nHLGF2pSYJihhKDqvXJwjy7vROh27GeQJ+kjZJ zOHryV44PnVq6G3m5YPeLgxrYBOHqwg3kLTpZBahH6FSA/qiOOalqxbChbI+VFFi YroPK0Fok5eZfRQnvUKqjPSMVZDbu9xwfovFxp4tjkYi/5J+uc/jQbirjn7fym6F mHHCxI0XR0xEh/dviz1KsiEIbNECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTlrBa1 /QmyTCkCUmRQTHg5LBjAqjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzNzkwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH4qzANBgkqhkiG9w0BAQsFAAOCAQEAU98ztBjJUaDGe+Q8L+Vt et7fvHpBnqxQHnDT5u4aQFLGMDXJrJ7A6wmeTqb7KrECL7DoZ5M7b7Hr0Y0UtHLK ei2SnoP8N79rbciRM7XDfUDR0Hs+9p718N4sIO4g+tu9P4XTOewcxJHA4JSfLTT9 J/xvWItLp2HwV7LJLD52lChtxapT0aSurV7aqboQpjeuFLalrdJaE58O8WN3u5FO 0/VczlMjl0rZFmdHS/7jL/giEvkJckKRITEVWpF9yGYc7b1FqG0DvmIM2br4323P iT37UBqf1NXXfV9tjcQOTxMGTvHtSr9eTt5QvuvHZ9NCdMNZq3Xeh//irmIUyrzX bA== -----END CERTIFICATE-----Generated at Sat Jun 7 04:00:08 2025 by rpki-client