$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa File: AS152829.roa (raw, json) Hash identifier: w2UJiJMGTG0o7oQWBqXJAz+wofD848o5BaYrtylUTNs= Subject key identifier: 47:63:3F:7C:CA:60:05:86:F4:59:FF:C0:E3:6F:A2:83:8F:98:A6:A1 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6C812B4575511B349E3B1F49834134A6EC234489 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa Signing time: Thu 06 Feb 2025 10:44:55 +0000 ROA not before: Thu 06 Feb 2025 10:39:55 +0000 ROA not after: Thu 05 Feb 2026 10:44:55 +0000 asID: 152829 IP address blocks: 160.22.208.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 22 Feb 2025 16:50:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:81:2b:45:75:51:1b:34:9e:3b:1f:49:83:41:34:a6:ec:23:44:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:55 2025 GMT Not After : Feb 5 10:44:55 2026 GMT Subject: CN=47633F7CCA600586F459FFC0E36FA2838F98A6A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:1d:84:4c:4c:67:5a:5a:dd:09:69:76:c3:1e: f6:c4:db:7a:3a:d6:98:34:81:f6:02:19:ce:3d:e4: eb:f0:b9:88:b5:ff:7a:5c:23:5c:42:c3:87:a8:2b: 32:20:8e:26:a5:a1:48:2a:35:02:1f:ba:cb:e9:10: 6c:05:6f:50:40:1e:96:45:e0:8f:12:5b:ff:2a:eb: a6:70:bf:48:6c:45:3d:98:17:02:09:45:f9:09:af: b7:a8:d9:0c:ca:f8:6d:d4:3e:c9:a0:26:52:7d:3b: 84:df:e7:4a:70:42:18:00:05:83:be:38:59:01:18: d6:c6:25:8b:21:1b:12:96:45:d3:f3:3f:40:08:a9: 86:e1:39:e7:5e:b6:2e:9f:3d:d7:7f:ab:04:a1:81: 59:1e:27:e8:63:6f:0b:af:2a:9d:6c:56:ca:9b:b6: 35:fe:ed:81:ac:6f:ea:5c:fb:e1:3b:2d:e4:2b:24: 69:af:56:0d:ee:84:62:b2:77:1c:43:c3:16:ed:60: ac:8b:66:1b:86:f4:46:0a:31:89:f1:c8:22:3b:66: e2:99:76:66:f9:9c:78:20:00:c7:62:91:e5:ab:1d: 92:ed:e1:5d:6c:a5:ae:69:f7:98:8d:86:70:c2:4d: af:a1:c1:f1:c7:5a:b0:a0:a1:40:36:de:c7:6d:54: 1e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:63:3F:7C:CA:60:05:86:F4:59:FF:C0:E3:6F:A2:83:8F:98:A6:A1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152829.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.208.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:ff:7b:81:05:75:99:59:43:e8:90:0d:a4:5f:ba:64:c6:5a: fe:b5:e9:07:e1:5c:0f:26:8e:96:1f:9a:3c:7c:f0:3d:86:b4: f4:62:e4:cc:00:53:de:7e:4e:56:44:cc:69:c0:29:6c:02:14: 05:b2:45:26:29:f0:e4:3b:97:b5:50:8c:a1:cd:1a:7b:d9:f6: bb:c6:72:70:c5:76:a1:c0:d2:6d:8f:b4:ff:2a:3d:d2:34:6c: 69:f6:4d:57:eb:61:2a:c7:84:0c:33:83:ee:24:c7:e8:34:e9: a8:8c:3d:5d:68:13:89:ff:38:49:3b:68:05:b8:da:4f:f9:6a: f4:63:95:ae:52:49:37:87:77:f9:30:98:d2:fc:45:7b:38:e2: d6:70:13:b8:e6:0e:d4:75:bd:57:07:24:21:10:8c:89:61:fa: df:e8:ec:16:d6:7b:2f:2b:31:fe:b7:ed:3a:f6:72:01:6f:a8: 53:38:33:e2:d1:27:b1:ee:ec:8a:1b:b1:c3:51:2e:1b:de:52: 3d:71:e1:9b:8a:b1:0a:31:c9:54:b9:72:07:06:5b:0b:ff:17: 6f:b3:a8:54:96:8c:63:23:ee:cb:6b:19:6d:5b:89:06:bd:e7: 1e:e6:d4:81:cf:e4:33:27:24:38:4e:b4:31:9f:38:c8:3b:5f: f6:a5:e4:3e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUbIErRXVRGzSeOx9Jg0E0puwjRIkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NVoX DTI2MDIwNTEwNDQ1NVowMzExMC8GA1UEAxMoNDc2MzNGN0NDQTYwMDU4NkY0NTlG RkMwRTM2RkEyODM4Rjk4QTZBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANsdhExMZ1pa3QlpdsMe9sTbejrWmDSB9gIZzj3k6/C5iLX/elwjXELDh6gr MiCOJqWhSCo1Ah+6y+kQbAVvUEAelkXgjxJb/yrrpnC/SGxFPZgXAglF+Qmvt6jZ DMr4bdQ+yaAmUn07hN/nSnBCGAAFg744WQEY1sYliyEbEpZF0/M/QAiphuE55162 Lp8913+rBKGBWR4n6GNvC68qnWxWypu2Nf7tgaxv6lz74Tst5Cskaa9WDe6EYrJ3 HEPDFu1grItmG4b0RgoxifHIIjtm4pl2ZvmceCAAx2KR5asdku3hXWylrmn3mI2G cMJNr6HB8cdasKChQDbex21UHtMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRHYz98 ymAFhvRZ/8Djb6KDj5imoTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgyOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW0DANBgkqhkiG9w0BAQsFAAOCAQEAb/97gQV1mVlD6JANpF+6 ZMZa/rXpB+FcDyaOlh+aPHzwPYa09GLkzABT3n5OVkTMacApbAIUBbJFJinw5DuX tVCMoc0ae9n2u8ZycMV2ocDSbY+0/yo90jRsafZNV+thKseEDDOD7iTH6DTpqIw9 XWgTif84STtoBbjaT/lq9GOVrlJJN4d3+TCY0vxFezji1nATuOYO1HW9VwckIRCM iWH63+jsFtZ7Lysx/rftOvZyAW+oUzgz4tEnse7sihuxw1EuG95SPXHhm4qxCjHJ VLlyBwZbC/8Xb7OoVJaMYyPuy2sZbVuJBr3nHubUgc/kMyckOE60MZ84yDtf9qXk Pg== -----END CERTIFICATE-----Generated at Wed Feb 19 21:59:24 2025 by rpki-client