$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa File: AS152390.roa (raw, json) Hash identifier: a56c9j5kAkq5+wJFKUU29u5ZZtMA7ZkRTf3H/bHWisM= Subject key identifier: 4B:04:D5:2C:D2:4C:4C:F8:9F:D5:B3:A2:EA:40:E1:49:95:40:2C:0A Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 523C49D0036C49FC90E64832DB5D198A8692487F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa Signing time: Thu 06 Feb 2025 10:44:47 +0000 ROA not before: Thu 06 Feb 2025 10:39:47 +0000 ROA not after: Thu 05 Feb 2026 10:44:47 +0000 asID: 152390 IP address blocks: 157.20.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:3c:49:d0:03:6c:49:fc:90:e6:48:32:db:5d:19:8a:86:92:48:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:47 2025 GMT Not After : Feb 5 10:44:47 2026 GMT Subject: CN=4B04D52CD24C4CF89FD5B3A2EA40E14995402C0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f6:12:88:91:bf:c1:da:fa:d7:67:65:e8:66: 72:df:52:b6:79:c8:07:55:b9:ac:7a:22:30:32:1c: 2f:dc:c0:2e:8c:32:6b:a3:1d:70:b5:d0:57:d4:a3: 2d:0e:ed:f8:33:db:fc:e1:45:99:1b:37:de:b9:f9: 03:41:df:ec:dc:5f:ed:2e:47:31:34:21:4f:49:11: 27:b0:26:af:1a:81:d6:e8:4b:15:54:bc:d2:56:d7: 14:2c:ff:5c:c3:4d:a1:11:0f:a4:3e:3a:b6:a5:2b: b6:b3:31:e5:77:0f:58:b9:2c:42:95:eb:ac:b5:2e: af:67:7e:a4:c1:a6:35:5f:c7:c7:57:49:33:8d:25: 63:75:07:31:34:64:95:80:d4:c5:7a:2c:03:8d:7b: f1:9a:c6:d5:f5:1b:4b:1f:0c:36:d1:81:13:f9:16: 5f:42:a0:2d:91:16:4e:6d:be:2f:73:20:62:80:46: ea:f9:79:d0:10:59:09:a6:48:0e:55:ce:cc:e5:c5: 5d:14:e2:1f:86:a4:8d:18:d9:01:1f:61:50:a5:3a: 20:a4:9a:59:1c:e1:94:e5:fa:84:df:02:e9:6e:24: 8b:05:3d:b6:1c:51:27:0b:8e:e6:46:d0:57:d2:75: 9a:57:60:11:52:c1:5a:eb:b9:35:83:40:a2:db:83: 68:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:04:D5:2C:D2:4C:4C:F8:9F:D5:B3:A2:EA:40:E1:49:95:40:2C:0A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152390.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.32.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:fc:d9:e5:66:46:c4:d3:51:5f:01:ab:52:4a:50:bd:c6:6a: ad:41:c0:27:5c:7f:c2:94:b2:16:9f:e1:b1:be:f2:a0:f8:3e: b9:da:71:1b:4e:fe:cf:f9:f3:1e:82:9f:df:a6:da:64:97:82: 39:eb:a1:91:73:ce:72:83:ba:33:58:1b:f4:4a:35:60:77:ac: 97:bd:70:a1:15:91:21:8e:d6:a8:91:e0:fe:48:a1:05:f8:7b: 7b:e8:47:ab:9b:b4:43:30:7a:82:21:aa:33:bb:c6:3c:92:6c: 9b:dc:3d:a9:1f:69:2d:61:ee:24:ee:0b:02:c8:f1:43:fd:6f: 77:f7:07:4f:4f:e4:d3:6f:d6:31:2b:07:f6:a4:f0:30:0d:f7: 98:23:ed:0f:8a:15:76:1b:43:b4:68:69:21:ce:72:00:30:98: 37:0f:85:30:f8:f6:e2:a0:0f:cc:8f:d9:bb:eb:67:90:15:25: 18:0c:75:82:4e:53:51:8a:1c:42:79:57:4b:d0:37:ba:29:da: e3:8d:be:26:0c:29:7c:24:29:02:30:3f:3d:08:9f:e1:5b:84: f1:ba:e5:f6:8f:3d:53:db:49:6e:1c:7b:77:9d:1a:eb:45:a0: 55:31:df:c3:44:f0:b1:0a:7c:e1:06:f8:32:51:c5:38:1f:00: d2:43:c8:c0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUjxJ0ANsSfyQ5kgy210ZioaSSH8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0N1oX DTI2MDIwNTEwNDQ0N1owMzExMC8GA1UEAxMoNEIwNEQ1MkNEMjRDNENGODlGRDVC M0EyRUE0MEUxNDk5NTQwMkMwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMP2EoiRv8Ha+tdnZehmct9StnnIB1W5rHoiMDIcL9zALowya6MdcLXQV9Sj LQ7t+DPb/OFFmRs33rn5A0Hf7Nxf7S5HMTQhT0kRJ7AmrxqB1uhLFVS80lbXFCz/ XMNNoREPpD46tqUrtrMx5XcPWLksQpXrrLUur2d+pMGmNV/Hx1dJM40lY3UHMTRk lYDUxXosA4178ZrG1fUbSx8MNtGBE/kWX0KgLZEWTm2+L3MgYoBG6vl50BBZCaZI DlXOzOXFXRTiH4akjRjZAR9hUKU6IKSaWRzhlOX6hN8C6W4kiwU9thxRJwuO5kbQ V9J1mldgEVLBWuu5NYNAotuDaOMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRLBNUs 0kxM+J/Vs6LqQOFJlUAsCjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM5MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0UIDANBgkqhkiG9w0BAQsFAAOCAQEAHfzZ5WZGxNNRXwGrUkpQ vcZqrUHAJ1x/wpSyFp/hsb7yoPg+udpxG07+z/nzHoKf36baZJeCOeuhkXPOcoO6 M1gb9Eo1YHesl71woRWRIY7WqJHg/kihBfh7e+hHq5u0QzB6giGqM7vGPJJsm9w9 qR9pLWHuJO4LAsjxQ/1vd/cHT0/k02/WMSsH9qTwMA33mCPtD4oVdhtDtGhpIc5y ADCYNw+FMPj24qAPzI/Zu+tnkBUlGAx1gk5TUYocQnlXS9A3uina442+JgwpfCQp AjA/PQif4VuE8brl9o89U9tJbhx7d50a60WgVTHfw0TwsQp84Qb4MlHFOB8A0kPI wA== -----END CERTIFICATE-----Generated at Mon Apr 7 03:31:44 2025 by rpki-client