$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152402.roa File: AS152402.roa (raw, json) Hash identifier: Agd7lkAFsYti86rNASSls/YZnasmvXDj0nSQ+dUBenI= Subject key identifier: F0:80:5A:D1:02:BE:54:44:DC:0C:7D:F5:DB:D9:1A:36:33:76:81:FB Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 32AB35E3D884C689DD7928A3257991181CFD284E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152402.roa Signing time: Thu 06 Feb 2025 10:44:50 +0000 ROA not before: Thu 06 Feb 2025 10:39:50 +0000 ROA not after: Thu 05 Feb 2026 10:44:50 +0000 asID: 152402 IP address blocks: 157.20.124.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 16:50:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:ab:35:e3:d8:84:c6:89:dd:79:28:a3:25:79:91:18:1c:fd:28:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:50 2025 GMT Not After : Feb 5 10:44:50 2026 GMT Subject: CN=F0805AD102BE5444DC0C7DF5DBD91A36337681FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:5e:31:79:ce:64:d9:cd:b1:07:1d:37:bc:08: e0:b9:2d:cb:29:b2:3b:68:a5:75:e6:f6:e3:2e:89: 87:67:94:b0:c5:12:62:22:0e:e5:95:8f:74:36:6b: 6c:04:a9:76:53:12:9f:85:f7:6b:fe:43:79:19:3b: 24:25:c0:e0:7e:52:b2:af:bd:08:ef:42:d3:28:d3: bf:2e:16:0a:99:db:86:f8:36:cb:af:7e:4f:24:78: 8f:b0:a3:59:32:b9:aa:ac:32:1e:7b:4e:ed:a5:5a: 2b:d3:e9:9c:cb:82:d0:5a:05:62:f1:9e:e8:49:56: d2:3e:bd:42:97:82:94:e4:dc:5e:70:f2:08:14:0b: 26:fe:1b:b9:ed:aa:b2:bb:86:0a:72:81:f4:1b:8a: bb:0f:23:6a:a7:6e:3f:65:b5:fd:cb:bb:49:58:69: 38:f9:6a:49:16:b8:eb:85:cc:9f:4b:d5:a0:45:b7: 69:b2:03:b6:54:68:62:db:c1:bc:37:6f:eb:ca:25: 52:c5:72:fe:ed:43:99:df:8a:03:98:a9:e1:f2:64: 39:9d:f3:88:8d:ee:b7:13:fa:82:17:83:00:f1:52: e1:95:0d:d2:bd:ab:ed:e1:16:73:53:ee:64:9c:e7: bf:21:0d:2e:eb:dd:40:cc:ea:fa:8b:93:1a:17:9d: d7:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:80:5A:D1:02:BE:54:44:DC:0C:7D:F5:DB:D9:1A:36:33:76:81:FB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152402.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.124.0/23 Signature Algorithm: sha256WithRSAEncryption 1b:33:85:5c:16:91:5e:c7:be:5e:f1:b4:b4:fc:77:91:75:96: a5:b4:2a:dd:db:f5:fe:8d:49:da:82:51:64:de:a2:30:de:cb: ef:a3:4f:0b:c1:7d:af:d9:d8:05:95:d6:e6:a7:08:db:19:4c: 81:2a:6e:c4:f1:ea:63:13:f0:7a:51:5b:b6:7f:63:93:7b:75: 9e:02:2a:e0:a8:58:5c:ce:00:c2:39:ca:0e:68:b7:77:68:3f: be:11:c3:93:f2:5f:cb:f0:b2:18:21:ef:19:70:9c:5b:d4:08: 99:10:08:c5:64:23:7c:cb:bf:9e:d2:b7:7e:0e:98:da:71:7b: e1:0d:54:d9:5e:09:cb:7e:d6:b6:0e:e6:76:dd:5b:5c:4e:21: 8a:ff:4a:cb:b3:25:54:38:63:90:ce:5a:04:df:58:84:73:99: 54:80:e7:99:13:8e:a4:e4:fc:4b:37:81:e5:57:87:25:d4:07: fc:cc:06:f0:19:a0:ef:91:9f:da:17:4c:fd:cc:00:fa:40:31: 7e:5e:19:44:c4:b8:d0:bb:b8:2b:6e:03:90:81:06:0b:ba:31: 6f:33:2a:0d:c4:19:cd:0c:2b:97:cf:1c:f8:ef:96:f5:cd:c6: 5d:62:da:df:80:ea:e7:fc:62:fe:67:df:4d:93:0f:4a:ea:30: cd:01:5a:99 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUMqs149iExondeSijJXmRGBz9KE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MFoX DTI2MDIwNTEwNDQ1MFowMzExMC8GA1UEAxMoRjA4MDVBRDEwMkJFNTQ0NERDMEM3 REY1REJEOTFBMzYzMzc2ODFGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNeMXnOZNnNsQcdN7wI4LktyymyO2ildeb24y6Jh2eUsMUSYiIO5ZWPdDZr bASpdlMSn4X3a/5DeRk7JCXA4H5Ssq+9CO9C0yjTvy4WCpnbhvg2y69+TyR4j7Cj WTK5qqwyHntO7aVaK9PpnMuC0FoFYvGe6ElW0j69QpeClOTcXnDyCBQLJv4bue2q sruGCnKB9BuKuw8jaqduP2W1/cu7SVhpOPlqSRa464XMn0vVoEW3abIDtlRoYtvB vDdv68olUsVy/u1Dmd+KA5ip4fJkOZ3ziI3utxP6gheDAPFS4ZUN0r2r7eEWc1Pu ZJznvyENLuvdQMzq+ouTGhed17UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTwgFrR Ar5URNwMffXb2Ro2M3aB+zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQwMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UfDANBgkqhkiG9w0BAQsFAAOCAQEAGzOFXBaRXse+XvG0tPx3 kXWWpbQq3dv1/o1J2oJRZN6iMN7L76NPC8F9r9nYBZXW5qcI2xlMgSpuxPHqYxPw elFbtn9jk3t1ngIq4KhYXM4AwjnKDmi3d2g/vhHDk/Jfy/CyGCHvGXCcW9QImRAI xWQjfMu/ntK3fg6Y2nF74Q1U2V4Jy37Wtg7mdt1bXE4hiv9Ky7MlVDhjkM5aBN9Y hHOZVIDnmROOpOT8SzeB5VeHJdQH/MwG8Bmg75Gf2hdM/cwA+kAxfl4ZRMS40Lu4 K24DkIEGC7oxbzMqDcQZzQwrl88c+O+W9c3GXWLa34Dq5/xi/mffTZMPSuowzQFa mQ== -----END CERTIFICATE-----Generated at Wed Feb 19 22:16:03 2025 by rpki-client