$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153074.roa File: AS153074.roa (raw, json) Hash identifier: 0Xa9GyRz7StvuC+R7Z+Ca717RbGZebxBwciYja5Rh74= Subject key identifier: 69:A9:53:58:C2:9E:09:D9:48:F5:22:14:6E:CF:6A:78:6D:87:1B:61 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2A73EA34B330368FB38E05E2A91F506C3F891A0B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153074.roa Signing time: Thu 06 Feb 2025 10:44:57 +0000 ROA not before: Thu 06 Feb 2025 10:39:57 +0000 ROA not after: Thu 05 Feb 2026 10:44:57 +0000 asID: 153074 IP address blocks: 160.25.176.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:73:ea:34:b3:30:36:8f:b3:8e:05:e2:a9:1f:50:6c:3f:89:1a:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:57 2025 GMT Not After : Feb 5 10:44:57 2026 GMT Subject: CN=69A95358C29E09D948F522146ECF6A786D871B61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:af:32:39:38:79:00:c8:e9:9d:3c:e7:bf:e4: cb:6f:bc:70:db:56:26:0d:2d:78:c5:01:c3:bd:e7: c4:d7:e1:25:d6:0e:ad:ed:6e:51:2a:e2:00:94:4f: f0:2d:00:65:3f:cb:3c:10:0b:69:0d:ec:c4:94:96: 6f:c6:5e:a6:12:92:e1:e7:11:cc:eb:30:f4:8a:a5: 16:f3:38:63:92:bb:03:44:06:f6:52:aa:7a:86:ab: 6b:b2:89:c7:b2:85:1f:98:ab:c8:92:f7:cc:21:fd: cf:6b:87:f1:8d:ce:ab:2f:67:70:ee:26:d8:a0:68: d9:14:58:8e:3c:2a:23:03:47:a0:36:fd:29:91:33: 09:c6:e9:8f:e6:b6:76:4e:fd:49:1e:d7:bc:ae:f5: ca:ba:f2:74:31:4f:f0:28:61:25:0b:7f:c8:70:fa: 69:e5:04:85:0f:94:f5:d0:2b:bb:f2:37:f1:91:84: 0d:40:a6:d2:f9:cd:93:3a:ca:4f:ce:df:e3:40:c6: 0b:1b:44:73:44:cd:c4:76:b9:04:a3:ab:04:53:12: d7:87:68:a6:a2:ce:d5:73:64:5a:53:24:26:b3:44: 27:fc:95:01:40:34:0e:c1:f5:45:c8:af:78:e3:64: fd:c9:eb:12:ca:a7:a5:8e:6f:20:3f:06:47:55:30: de:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:A9:53:58:C2:9E:09:D9:48:F5:22:14:6E:CF:6A:78:6D:87:1B:61 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153074.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.176.0/23 Signature Algorithm: sha256WithRSAEncryption 11:d8:58:b8:1e:80:6f:75:52:a0:86:cd:08:55:cf:33:0b:7f: 5a:9d:43:86:3d:f6:5a:0a:8f:8a:32:49:ef:75:d1:1d:17:16: 9d:94:73:fe:3c:75:37:f7:bd:79:92:70:1a:28:1c:e5:b4:e7: 8d:9b:db:a5:af:c6:0a:f4:85:80:19:c6:98:3a:ae:7b:c4:99: a6:23:84:9b:00:7c:b6:c9:00:90:58:22:a2:f6:1d:67:1b:c6: 19:2b:f9:87:f0:f3:a0:4d:bc:01:98:6d:1b:a5:12:ff:f7:58: ff:c0:93:63:ae:a5:29:12:f2:7d:8d:73:ab:0c:52:6f:15:2a: c5:94:2d:fa:ae:40:24:c8:f2:97:1d:4b:b1:c7:56:f1:ee:52: 0c:84:54:33:df:91:ef:07:ff:3c:96:f5:5c:d2:78:70:8f:a7: 8f:61:36:8d:4b:55:f3:d4:b3:38:85:c6:79:c2:d0:16:46:b6: ab:f2:38:ef:a5:65:0f:5d:6c:6e:f2:fc:0f:ba:e6:7e:54:62: 11:df:df:6f:a7:1b:6e:fb:51:60:51:e2:21:ff:33:8e:3c:02: 05:1c:6f:e4:cc:bc:56:d1:43:45:ff:6d:ab:65:53:fd:b8:82: 09:9c:4a:a3:46:ae:84:d6:93:22:20:7d:0e:8c:f8:e0:ad:c1: 9f:5a:56:2e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKnPqNLMwNo+zjgXiqR9QbD+JGgswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1N1oX DTI2MDIwNTEwNDQ1N1owMzExMC8GA1UEAxMoNjlBOTUzNThDMjlFMDlEOTQ4RjUy MjE0NkVDRjZBNzg2RDg3MUI2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ2vMjk4eQDI6Z0857/ky2+8cNtWJg0teMUBw73nxNfhJdYOre1uUSriAJRP 8C0AZT/LPBALaQ3sxJSWb8ZephKS4ecRzOsw9IqlFvM4Y5K7A0QG9lKqeoara7KJ x7KFH5iryJL3zCH9z2uH8Y3Oqy9ncO4m2KBo2RRYjjwqIwNHoDb9KZEzCcbpj+a2 dk79SR7XvK71yrrydDFP8ChhJQt/yHD6aeUEhQ+U9dAru/I38ZGEDUCm0vnNkzrK T87f40DGCxtEc0TNxHa5BKOrBFMS14dopqLO1XNkWlMkJrNEJ/yVAUA0DsH1Rciv eONk/cnrEsqnpY5vID8GR1Uw3kUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRpqVNY wp4J2Uj1IhRuz2p4bYcbYTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzA3NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZsDANBgkqhkiG9w0BAQsFAAOCAQEAEdhYuB6Ab3VSoIbNCFXP Mwt/Wp1Dhj32WgqPijJJ73XRHRcWnZRz/jx1N/e9eZJwGigc5bTnjZvbpa/GCvSF gBnGmDque8SZpiOEmwB8tskAkFgiovYdZxvGGSv5h/DzoE28AZhtG6US//dY/8CT Y66lKRLyfY1zqwxSbxUqxZQt+q5AJMjylx1LscdW8e5SDIRUM9+R7wf/PJb1XNJ4 cI+nj2E2jUtV89SzOIXGecLQFka2q/I476VlD11sbvL8D7rmflRiEd/fb6cbbvtR YFHiIf8zjjwCBRxv5My8VtFDRf9tq2VT/biCCZxKo0auhNaTIiB9Doz44K3Bn1pW Lg== -----END CERTIFICATE-----Generated at Mon Apr 7 03:34:01 2025 by rpki-client