$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153091.roa File: AS153091.roa (raw, json) Hash identifier: 47vOAPioLzuYMoq4z79d1vkolY9T8jDeQBBxmoIj6/w= Subject key identifier: A9:9F:F8:69:BA:2A:71:9E:1B:E3:74:06:99:EA:55:A6:10:75:9B:04 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 33BEDC5A5AE3CD58B2FC0E0459BA824AF5C6B9F5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153091.roa Signing time: Thu 06 Feb 2025 10:44:53 +0000 ROA not before: Thu 06 Feb 2025 10:39:53 +0000 ROA not after: Thu 05 Feb 2026 10:44:53 +0000 asID: 153091 IP address blocks: 160.25.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:be:dc:5a:5a:e3:cd:58:b2:fc:0e:04:59:ba:82:4a:f5:c6:b9:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:53 2025 GMT Not After : Feb 5 10:44:53 2026 GMT Subject: CN=A99FF869BA2A719E1BE3740699EA55A610759B04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:a0:e3:96:c3:01:3e:01:12:14:d5:02:f2:04: 68:5a:67:ff:8e:e0:b5:ae:23:0f:f8:86:54:b5:87: 5f:f7:0c:27:70:be:46:78:35:3a:29:63:5d:61:1d: d0:71:55:78:05:50:f9:55:6b:48:32:df:0a:07:39: ca:1d:57:52:93:d9:aa:33:cc:e4:a3:76:b4:a8:fb: ea:90:e6:00:f4:69:4e:94:4b:25:43:ca:42:1a:a7: 06:9a:d7:52:d8:8f:80:98:ff:15:1f:65:cb:c8:8a: bc:4c:9a:6c:6b:f4:b7:ec:d9:9f:44:aa:bb:d4:b9: e4:86:bc:55:44:fe:48:7a:8a:1f:d1:a0:0a:a5:02: bc:0b:f2:a5:6e:66:ff:ce:9a:05:0b:80:b0:78:77: b5:91:d2:44:f4:77:0e:91:95:7b:87:46:e8:91:0c: 73:58:69:ef:74:b8:a1:6a:fc:36:21:9d:d8:c7:50: fb:78:3b:f2:94:34:25:57:fd:ed:f1:07:e0:39:ea: d0:19:fb:e3:3e:18:63:b1:39:12:16:30:30:63:ce: 4e:ef:83:4c:68:57:0f:44:c2:0b:f2:9d:87:c2:a0: 79:a5:40:4e:30:9f:25:17:97:6e:c3:3c:84:6e:26: 69:94:e7:a0:11:50:fe:a0:74:b4:3a:66:dd:81:fc: 21:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:9F:F8:69:BA:2A:71:9E:1B:E3:74:06:99:EA:55:A6:10:75:9B:04 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153091.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.248.0/24 Signature Algorithm: sha256WithRSAEncryption 88:6a:33:4f:32:d5:2e:3b:d7:5e:1a:4f:3a:65:f8:88:eb:53: 73:24:b9:2b:e6:05:3f:98:66:79:cd:1f:b5:fe:c3:4b:68:38: 86:b8:ec:39:c7:54:66:48:fe:3b:1a:31:44:ff:72:8c:b7:27: 9b:24:0b:27:80:00:15:f3:eb:b4:89:bb:de:2c:2c:6a:a2:26: 20:82:d6:e9:54:3e:ff:8c:c4:a8:69:9f:b1:60:22:c4:37:79: 59:d2:b1:4b:b2:e1:f6:4a:86:e4:17:b4:c2:b1:a7:b1:01:1e: 94:ce:5a:a3:35:95:1b:b2:2b:ca:f4:4f:8e:7c:cd:5c:72:68: 69:27:b6:e8:ff:04:89:03:27:87:13:c6:36:0a:50:06:8c:32: 40:20:1f:3b:4a:0e:eb:a3:bf:2c:32:df:db:25:5f:50:b5:2d: af:90:bd:75:8a:1a:ab:f3:71:ae:dd:ed:06:be:aa:23:8f:a7: 98:96:70:47:d9:ac:60:8f:1e:56:7d:29:87:84:4e:8a:50:26: ad:ec:d0:cc:9b:fa:9a:b1:24:6e:87:1b:71:76:60:a7:7e:d0: 04:e5:58:7e:09:d0:24:69:9f:c5:d9:d5:4d:11:76:18:91:d0: cb:16:ab:fb:c7:77:a9:ab:86:1c:fa:9a:6b:d3:ce:43:d9:05: da:5b:ba:96 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUM77cWlrjzViy/A4EWbqCSvXGufUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoQTk5RkY4NjlCQTJBNzE5RTFCRTM3 NDA2OTlFQTU1QTYxMDc1OUIwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOyg45bDAT4BEhTVAvIEaFpn/47gta4jD/iGVLWHX/cMJ3C+Rng1OiljXWEd 0HFVeAVQ+VVrSDLfCgc5yh1XUpPZqjPM5KN2tKj76pDmAPRpTpRLJUPKQhqnBprX UtiPgJj/FR9ly8iKvEyabGv0t+zZn0Squ9S55Ia8VUT+SHqKH9GgCqUCvAvypW5m /86aBQuAsHh3tZHSRPR3DpGVe4dG6JEMc1hp73S4oWr8NiGd2MdQ+3g78pQ0JVf9 7fEH4Dnq0Bn74z4YY7E5EhYwMGPOTu+DTGhXD0TCC/Kdh8KgeaVATjCfJReXbsM8 hG4maZTnoBFQ/qB0tDpm3YH8IaUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSpn/hp uipxnhvjdAaZ6lWmEHWbBDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzA5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKAZ+DANBgkqhkiG9w0BAQsFAAOCAQEAiGozTzLVLjvXXhpPOmX4 iOtTcyS5K+YFP5hmec0ftf7DS2g4hrjsOcdUZkj+OxoxRP9yjLcnmyQLJ4AAFfPr tIm73iwsaqImIILW6VQ+/4zEqGmfsWAixDd5WdKxS7Lh9kqG5Be0wrGnsQEelM5a ozWVG7IryvRPjnzNXHJoaSe26P8EiQMnhxPGNgpQBowyQCAfO0oO66O/LDLf2yVf ULUtr5C9dYoaq/Nxrt3tBr6qI4+nmJZwR9msYI8eVn0ph4ROilAmrezQzJv6mrEk bocbcXZgp37QBOVYfgnQJGmfxdnVTRF2GJHQyxar+8d3qauGHPqaa9POQ9kF2lu6 lg== -----END CERTIFICATE-----Generated at Mon Apr 7 03:36:51 2025 by rpki-client