$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147131.roa File: AS147131.roa (raw, json) Hash identifier: HYC2AMiNVWlk6mg0Rvvt7yRRv9Mbe2NavaTDLiLejXU= Subject key identifier: 42:E0:04:83:D6:39:A5:FE:0A:42:A5:9B:D4:46:EA:C2:6D:BC:FE:BF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 326281B0BBFBACA8C4545F67295F7608FFC0205F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147131.roa Signing time: Thu 03 Jul 2025 02:55:28 +0000 ROA not before: Thu 03 Jul 2025 02:50:28 +0000 ROA not after: Thu 02 Jul 2026 02:55:28 +0000 asID: 147131 IP address blocks: 165.99.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:62:81:b0:bb:fb:ac:a8:c4:54:5f:67:29:5f:76:08:ff:c0:20:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 3 02:50:28 2025 GMT Not After : Jul 2 02:55:28 2026 GMT Subject: CN=42E00483D639A5FE0A42A59BD446EAC26DBCFEBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:92:08:21:a7:ef:dc:2c:28:93:cb:f9:f0:51: 1f:3b:89:85:7e:a7:26:ce:5d:06:da:60:1f:a8:0a: dc:fa:93:de:a7:51:9b:2f:0a:9a:8d:c9:ef:49:a1: 6f:08:e1:58:cb:06:b7:26:31:c0:1a:1c:bc:f2:f8: fa:b1:e2:1d:aa:c9:b1:82:71:a3:75:09:d4:cf:c4: 20:18:e7:c2:96:b3:25:b8:c9:8f:b8:4c:21:e6:2a: 28:f2:87:51:ea:c8:3a:e1:c8:fc:bb:4f:b2:06:31: 2e:3a:f5:ee:7a:80:7b:f6:0c:a2:96:50:9f:0c:48: 09:e1:84:12:bb:08:19:a6:c7:18:5a:75:69:de:06: 56:cb:35:af:41:fc:8d:c3:a3:f8:46:4d:b6:79:0a: aa:c7:85:ae:60:ba:69:b7:93:e9:fd:3c:c9:5e:12: 49:19:2e:f2:b2:d4:e8:b7:23:16:61:e6:8a:6e:ea: 24:af:cf:a7:b4:e3:d2:41:e0:5d:82:d6:46:f1:32: 22:09:f4:6e:94:3b:a2:da:8f:a6:28:f8:a6:40:1d: 96:3e:67:74:86:da:b9:b6:61:aa:95:d2:09:9b:8b: 2b:24:45:70:14:47:b4:a5:a3:c0:91:b5:3b:aa:9c: 22:a9:06:8e:ab:57:ed:b9:e0:13:f4:43:d1:05:20: ad:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:E0:04:83:D6:39:A5:FE:0A:42:A5:9B:D4:46:EA:C2:6D:BC:FE:BF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.160.0/24 Signature Algorithm: sha256WithRSAEncryption 41:2d:57:35:ca:34:88:c5:83:89:12:f9:93:c6:90:a9:4b:63: 1b:7e:f0:48:6a:d9:90:7b:a2:86:f3:de:2e:50:1b:76:50:8b: 83:bb:ea:94:1f:2e:29:97:ef:8c:c7:a9:30:f9:dc:46:3d:72: 96:a2:76:e0:bb:8e:36:62:b7:46:9e:85:34:38:16:7f:b2:04: cc:d0:ac:72:99:35:cf:60:e3:6a:81:89:a7:af:0c:6c:09:3e: 1e:6e:2a:c5:af:a8:93:b8:f9:e0:f0:03:6c:f1:ba:83:ba:ca: 09:04:7c:5d:48:ee:60:62:1d:80:93:89:09:8f:7d:a3:9f:41: 26:6a:98:04:25:58:a4:a4:0d:c6:2f:0b:94:42:3e:71:d3:b0: 93:28:66:76:19:9d:a2:08:dd:75:a4:01:d2:87:fe:4a:0b:51: be:77:f7:bf:eb:db:18:ac:9a:7f:09:38:d9:8f:87:ac:3c:52: 3a:20:81:e7:21:42:54:b2:55:6a:70:8d:a0:b0:93:5d:6c:88: 56:aa:51:88:04:cc:b1:7a:6d:9e:2e:87:c9:3f:57:b5:b8:01: f5:85:2a:43:6f:7c:59:62:c6:a7:4c:b4:85:e2:11:37:bf:f7: 17:da:e9:07:45:3c:30:83:28:2d:a8:bf:e5:e5:c3:ea:81:fa: fe:54:8e:f5 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUMmKBsLv7rKjEVF9nKV92CP/AIF8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcwMzAyNTAyOFoX DTI2MDcwMjAyNTUyOFowMzExMC8GA1UEAxMoNDJFMDA0ODNENjM5QTVGRTBBNDJB NTlCRDQ0NkVBQzI2REJDRkVCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANuSCCGn79wsKJPL+fBRHzuJhX6nJs5dBtpgH6gK3PqT3qdRmy8Kmo3J70mh bwjhWMsGtyYxwBocvPL4+rHiHarJsYJxo3UJ1M/EIBjnwpazJbjJj7hMIeYqKPKH UerIOuHI/LtPsgYxLjr17nqAe/YMopZQnwxICeGEErsIGabHGFp1ad4GVss1r0H8 jcOj+EZNtnkKqseFrmC6abeT6f08yV4SSRku8rLU6LcjFmHmim7qJK/Pp7Tj0kHg XYLWRvEyIgn0bpQ7otqPpij4pkAdlj5ndIbaubZhqpXSCZuLKyRFcBRHtKWjwJG1 O6qcIqkGjqtX7bngE/RD0QUgrYMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRC4ASD 1jml/gpCpZvURurCbbz+vzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0NzEzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjoDANBgkqhkiG9w0BAQsFAAOCAQEAQS1XNco0iMWDiRL5k8aQ qUtjG37wSGrZkHuihvPeLlAbdlCLg7vqlB8uKZfvjMepMPncRj1ylqJ24LuONmK3 Rp6FNDgWf7IEzNCscpk1z2DjaoGJp68MbAk+Hm4qxa+ok7j54PADbPG6g7rKCQR8 XUjuYGIdgJOJCY99o59BJmqYBCVYpKQNxi8LlEI+cdOwkyhmdhmdogjddaQB0of+ SgtRvnf3v+vbGKyafwk42Y+HrDxSOiCB5yFCVLJVanCNoLCTXWyIVqpRiATMsXpt ni6HyT9XtbgB9YUqQ298WWLGp0y0heIRN7/3F9rpB0U8MIMoLai/5eXD6oH6/lSO 9Q== -----END CERTIFICATE-----Generated at Sun Jul 20 23:57:37 2025 by rpki-client