$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152401.roa File: AS152401.roa (raw, json) Hash identifier: bndkmK5bXWi9aWgbCeSEexG6PSSDRFG2LZVilqNN97E= Subject key identifier: 84:0A:EB:81:90:34:41:B5:40:0B:68:2B:14:0D:C9:F9:AC:75:04:8E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 731C49A3A236DF2DA5BE8C6CE881781784C360B0 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152401.roa Signing time: Thu 06 Feb 2025 10:44:53 +0000 ROA not before: Thu 06 Feb 2025 10:39:53 +0000 ROA not after: Thu 05 Feb 2026 10:44:53 +0000 asID: 152401 IP address blocks: 157.15.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 16:50:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:1c:49:a3:a2:36:df:2d:a5:be:8c:6c:e8:81:78:17:84:c3:60:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:53 2025 GMT Not After : Feb 5 10:44:53 2026 GMT Subject: CN=840AEB81903441B5400B682B140DC9F9AC75048E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:af:e2:ff:5b:61:0b:1f:55:0f:56:f8:34:cd: 54:c7:a3:82:26:a7:a6:c3:ad:f3:ff:65:a6:a1:8f: 67:6b:71:3a:5c:0a:ab:d3:6e:59:75:42:80:22:97: 77:4a:ee:6e:97:d0:f9:01:c8:0d:e6:4f:2e:97:14: 0e:81:c8:34:40:6f:fe:cf:18:1b:93:12:b8:30:08: 7a:59:75:7d:b8:f8:72:e1:6c:48:43:5e:7e:a8:0f: 8a:30:44:4c:96:31:eb:67:0c:cb:8f:19:f9:3f:aa: 25:10:24:f0:72:5b:75:8c:ef:89:d6:67:ef:40:80: 1e:30:85:e1:9a:b5:33:f7:4d:bb:b2:3d:e7:12:5f: 90:41:01:ed:90:84:33:0e:0b:df:ee:7a:d6:ec:d8: f1:05:07:a3:28:33:81:29:a0:1e:f2:32:0e:b1:1f: ca:24:a1:d7:19:60:79:b0:43:17:5b:79:59:ca:8e: 13:87:94:20:96:db:62:73:3d:a5:f9:c2:25:2c:27: 83:40:11:20:90:bf:fb:92:5e:f2:8f:bd:96:fe:4d: ec:4f:a3:35:8c:70:8a:2d:03:7a:68:59:a3:12:36: 76:9d:5f:33:09:0e:ce:f0:15:c7:b6:ce:a2:a3:51: 27:53:f8:c8:f7:eb:a0:71:22:20:c0:85:74:f3:57: ef:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:0A:EB:81:90:34:41:B5:40:0B:68:2B:14:0D:C9:F9:AC:75:04:8E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152401.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.118.0/24 Signature Algorithm: sha256WithRSAEncryption 54:4c:ad:da:9a:f4:a3:b9:81:a4:c2:1d:68:01:72:af:94:3f: 45:2a:d8:65:c0:98:f0:5f:7f:e6:53:03:4e:01:27:db:56:0c: ae:01:4c:1e:bf:29:fd:b6:0f:c9:5d:57:87:e1:2e:06:4b:bc: 3d:fb:b3:72:35:01:a9:b6:a3:42:8a:6d:fe:23:6c:bf:3e:86: 4b:04:7d:8c:f0:fb:eb:10:71:d6:a5:34:90:cd:e7:81:0c:a3: 22:7b:0c:ff:23:bd:93:5a:1c:70:2e:b1:82:c9:a4:7d:de:fa: 1b:dc:62:57:9f:3e:f1:f2:59:30:44:ff:f2:3e:64:80:e7:d4: c3:c1:d5:8b:ce:d3:a7:16:96:d4:47:c5:13:f6:d3:07:bd:c5: 0f:d5:c6:45:1a:2d:ee:7d:9b:4e:17:00:23:a2:23:dc:92:6b: 56:6f:3e:a7:39:1d:87:3b:29:d6:a6:a5:2f:b9:48:ed:a9:00: 12:6f:d8:d0:85:ad:09:6c:52:4d:cf:a1:b2:c8:23:f6:cd:c0: 0d:8c:f2:54:64:3b:3d:70:7e:69:81:a7:9d:ca:24:ce:1e:d8: 83:78:4f:60:a7:fa:a2:4a:3a:c4:fe:e8:80:6f:9c:48:15:07: ea:7e:7a:ca:60:53:15:88:82:62:45:21:aa:2d:66:b4:7c:c8: 24:31:6a:dc -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUcxxJo6I23y2lvoxs6IF4F4TDYLAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoODQwQUVCODE5MDM0NDFCNTQwMEI2 ODJCMTQwREM5RjlBQzc1MDQ4RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO2v4v9bYQsfVQ9W+DTNVMejgianpsOt8/9lpqGPZ2txOlwKq9NuWXVCgCKX d0rubpfQ+QHIDeZPLpcUDoHINEBv/s8YG5MSuDAIell1fbj4cuFsSENefqgPijBE TJYx62cMy48Z+T+qJRAk8HJbdYzvidZn70CAHjCF4Zq1M/dNu7I95xJfkEEB7ZCE Mw4L3+561uzY8QUHoygzgSmgHvIyDrEfyiSh1xlgebBDF1t5WcqOE4eUIJbbYnM9 pfnCJSwng0ARIJC/+5Je8o+9lv5N7E+jNYxwii0DemhZoxI2dp1fMwkOzvAVx7bO oqNRJ1P4yPfroHEiIMCFdPNX75sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSECuuB kDRBtUALaCsUDcn5rHUEjjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAJ0PdjANBgkqhkiG9w0BAQsFAAOCAQEAVEyt2pr0o7mBpMIdaAFy r5Q/RSrYZcCY8F9/5lMDTgEn21YMrgFMHr8p/bYPyV1Xh+EuBku8PfuzcjUBqbaj Qopt/iNsvz6GSwR9jPD76xBx1qU0kM3ngQyjInsM/yO9k1occC6xgsmkfd76G9xi V58+8fJZMET/8j5kgOfUw8HVi87TpxaW1EfFE/bTB73FD9XGRRot7n2bThcAI6Ij 3JJrVm8+pzkdhzsp1qalL7lI7akAEm/Y0IWtCWxSTc+hssgj9s3ADYzyVGQ7PXB+ aYGnncokzh7Yg3hPYKf6oko6xP7ogG+cSBUH6n56ymBTFYiCYkUhqi1mtHzIJDFq 3A== -----END CERTIFICATE-----Generated at Wed Feb 19 22:06:06 2025 by rpki-client