$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa File: AS152827.roa (raw, json) Hash identifier: hpUxWjgevBj9+niT/+XEo6WRE29vs9CuA4YlCn1vJ8Y= Subject key identifier: E4:E5:75:CF:AC:3C:24:D4:9F:20:AF:AD:DA:49:59:F3:34:DA:BC:61 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6980406E732BBB27A4971DC5E1049C32CAB4C7C3 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa Signing time: Thu 06 Feb 2025 10:44:52 +0000 ROA not before: Thu 06 Feb 2025 10:39:52 +0000 ROA not after: Thu 05 Feb 2026 10:44:52 +0000 asID: 152827 IP address blocks: 160.22.242.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:80:40:6e:73:2b:bb:27:a4:97:1d:c5:e1:04:9c:32:ca:b4:c7:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:52 2025 GMT Not After : Feb 5 10:44:52 2026 GMT Subject: CN=E4E575CFAC3C24D49F20AFADDA4959F334DABC61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b2:78:08:08:1b:b9:7f:cb:7e:b0:58:b1:ac: ce:e8:81:64:5f:3e:04:fa:a8:ad:07:5f:02:fd:0c: 73:bb:93:4c:ee:a6:86:38:0c:0d:68:38:e4:0c:c4: 8d:92:45:5d:f5:db:6c:2d:9c:9d:04:f5:a7:df:4c: 50:1f:12:cf:30:bf:11:70:f2:cf:33:67:6a:b9:00: 2a:a9:16:44:17:24:36:9f:f3:c1:49:68:89:a9:d4: 72:97:cd:18:24:97:6d:a1:66:98:d5:10:9b:eb:5a: da:4e:e4:a1:2e:11:60:c0:71:24:66:5a:c7:7f:ab: 54:cd:17:34:5f:47:83:df:17:8b:07:7d:c2:82:3d: 1c:33:82:8f:a5:7f:3b:94:28:0e:bd:7b:64:94:c9: 9d:2a:66:31:bd:ee:d7:a6:a2:02:20:42:70:64:22: 1b:92:ac:72:46:4d:d5:af:2b:68:26:68:a9:a5:5f: 8f:06:bd:99:08:e7:50:8a:d5:e6:d0:d6:78:8f:ed: 47:4b:7a:a9:fc:f0:e0:9d:25:5c:75:0a:7c:ea:8e: fe:b8:e8:1e:3f:da:bf:7e:86:1b:0c:24:81:e0:67: bb:4b:c4:b6:26:af:fa:a5:07:23:28:21:02:12:d8: 4e:eb:91:93:a4:be:71:25:8c:70:2d:13:6d:d3:62: 89:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E5:75:CF:AC:3C:24:D4:9F:20:AF:AD:DA:49:59:F3:34:DA:BC:61 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152827.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.242.0/23 Signature Algorithm: sha256WithRSAEncryption 2d:ed:3d:95:1d:38:81:a0:ab:dc:90:3e:94:ac:dc:60:bf:16: 48:56:31:77:ce:cc:a7:2b:71:dd:8f:c4:ab:f5:12:06:95:4f: b7:80:95:d7:85:7e:be:2c:8f:4d:60:ab:f1:58:8c:ea:27:32: 38:c5:0a:55:90:3f:24:2a:23:71:b8:c8:f3:d8:62:42:36:4e: 1e:fe:15:4b:ad:db:6a:20:5c:62:08:1c:c4:a0:95:a4:f0:f2: a3:8c:da:6e:94:f2:71:ed:df:c1:ad:86:f4:7c:1c:01:f6:59: c8:d1:79:85:58:1f:61:53:20:b2:d6:66:a9:6d:6d:05:05:5d: 0e:dc:39:c9:07:bb:60:f6:c3:50:c8:d3:61:0d:0b:78:40:3c: 1a:e9:57:3d:6c:54:8f:59:f3:54:2a:43:6f:4b:8b:9c:34:76: a0:1b:04:6b:b2:e0:32:52:32:1b:fe:c2:ec:fc:81:e0:e9:9d: 3f:02:4f:f2:e4:dc:0b:67:9b:09:1d:e0:5b:71:9c:a7:e5:96: df:39:db:ee:4a:b3:45:a5:fc:43:17:82:fd:ec:38:fb:3a:8a: 61:af:6a:aa:71:53:86:21:b8:b1:4f:d6:29:75:0c:d0:6a:95: d9:5a:0c:a4:bf:f9:6f:e5:e2:fa:4e:32:22:0d:af:2f:bd:e0: 0f:54:a5:77 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUaYBAbnMruyeklx3F4QScMsq0x8MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MloX DTI2MDIwNTEwNDQ1MlowMzExMC8GA1UEAxMoRTRFNTc1Q0ZBQzNDMjRENDlGMjBB RkFEREE0OTU5RjMzNERBQkM2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMuyeAgIG7l/y36wWLGszuiBZF8+BPqorQdfAv0Mc7uTTO6mhjgMDWg45AzE jZJFXfXbbC2cnQT1p99MUB8SzzC/EXDyzzNnarkAKqkWRBckNp/zwUloianUcpfN GCSXbaFmmNUQm+ta2k7koS4RYMBxJGZax3+rVM0XNF9Hg98Xiwd9woI9HDOCj6V/ O5QoDr17ZJTJnSpmMb3u16aiAiBCcGQiG5KsckZN1a8raCZoqaVfjwa9mQjnUIrV 5tDWeI/tR0t6qfzw4J0lXHUKfOqO/rjoHj/av36GGwwkgeBnu0vEtiav+qUHIygh AhLYTuuRk6S+cSWMcC0TbdNiiaECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTk5XXP rDwk1J8gr63aSVnzNNq8YTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgyNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW8jANBgkqhkiG9w0BAQsFAAOCAQEALe09lR04gaCr3JA+lKzc YL8WSFYxd87Mpytx3Y/Eq/USBpVPt4CV14V+viyPTWCr8ViM6icyOMUKVZA/JCoj cbjI89hiQjZOHv4VS63baiBcYggcxKCVpPDyo4zabpTyce3fwa2G9HwcAfZZyNF5 hVgfYVMgstZmqW1tBQVdDtw5yQe7YPbDUMjTYQ0LeEA8GulXPWxUj1nzVCpDb0uL nDR2oBsEa7LgMlIyG/7C7PyB4OmdPwJP8uTcC2ebCR3gW3Gcp+WW3znb7kqzRaX8 QxeC/ew4+zqKYa9qqnFThiG4sU/WKXUM0GqV2VoMpL/5b+Xi+k4yIg2vL73gD1Sl dw== -----END CERTIFICATE-----Generated at Mon Apr 7 03:32:01 2025 by rpki-client