$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153100.roa File: AS153100.roa (raw, json) Hash identifier: m20mYwlMOciuWY4waDM73culbA0Kkywf6QmPkB25pso= Subject key identifier: C7:30:29:8D:CF:66:A1:CC:DE:88:37:E3:E8:D6:5D:39:12:BC:C4:1E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1424030D5C7EC281DC2238CE3B5E56B9A3EDED92 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153100.roa Signing time: Mon 05 May 2025 03:48:38 +0000 ROA not before: Mon 05 May 2025 03:43:38 +0000 ROA not after: Mon 04 May 2026 03:48:38 +0000 asID: 153100 IP address blocks: 160.25.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 01:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:24:03:0d:5c:7e:c2:81:dc:22:38:ce:3b:5e:56:b9:a3:ed:ed:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 5 03:43:38 2025 GMT Not After : May 4 03:48:38 2026 GMT Subject: CN=C730298DCF66A1CCDE8837E3E8D65D3912BCC41E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:5d:45:a2:be:80:74:7f:7d:72:be:f5:1b:22: 0b:8f:86:c4:d7:58:9c:36:63:ba:a0:3b:33:33:14: d7:8a:a1:ad:87:5a:93:4a:9a:df:ec:26:6a:16:c0: 86:8d:88:17:84:b9:21:66:ca:fe:7a:fc:fa:25:dd: 6a:fb:ea:33:af:a9:ad:a6:91:52:4d:57:0d:c7:d1: 09:1b:19:3e:95:7b:1c:2a:a3:b9:f7:06:0e:56:b6: 52:c3:ac:28:e3:43:4d:19:f9:d7:e2:2e:cc:34:ff: 55:92:86:ba:fe:d9:c2:9c:a2:6a:d0:96:2d:73:1d: 8b:83:66:12:d8:fa:86:fc:1c:07:c5:4f:7a:38:4a: 48:21:47:08:e2:46:d3:90:47:99:0b:b5:3c:16:1b: 3b:85:3b:38:2a:8c:5e:1d:87:59:40:cd:b2:f7:13: 45:23:4d:a4:36:a6:1b:93:98:23:9a:ae:31:4f:40: f8:c0:f0:27:c7:5d:e8:82:dd:f5:f6:24:59:b0:5f: 3c:ec:27:db:ed:e1:5c:ae:ab:5c:af:aa:86:de:27: 65:ee:dc:30:48:16:0c:6c:15:e3:6d:58:93:1d:97: 63:26:5f:e2:f1:58:6b:8c:eb:c7:f4:59:b9:bb:2f: 50:41:3b:23:75:35:b9:ff:df:96:6e:b6:b5:1f:1b: ae:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:30:29:8D:CF:66:A1:CC:DE:88:37:E3:E8:D6:5D:39:12:BC:C4:1E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153100.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.201.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:68:a8:b8:ab:3f:87:0b:73:e0:61:80:e9:ad:b0:63:89:49: d4:5b:bb:cc:94:22:ba:04:25:bd:54:a0:70:ed:25:eb:77:37: 65:d9:05:e3:f8:7d:9b:a1:b6:47:26:55:cf:da:7b:9e:d0:d1: 8e:11:76:39:3b:17:f7:08:92:fa:03:b4:da:f0:bc:d4:a7:2a: 42:09:3c:b5:eb:bb:9f:64:a4:3a:c4:e7:9b:15:bb:07:b7:18: cf:9b:d8:f0:57:b2:d0:a3:37:cf:56:40:9a:d5:6d:83:52:0a: b6:93:6d:13:02:a3:38:9d:b4:47:78:b7:be:02:93:e0:e6:58: af:78:6e:3c:2e:e2:12:6f:f6:1f:7d:1d:24:86:77:25:79:93: 7c:0c:e0:06:46:78:01:50:b4:46:99:56:7f:87:63:86:13:44: b5:7c:9c:7b:ee:f5:44:b6:05:3f:66:10:01:29:16:6f:75:89: 5c:4f:c3:2c:a8:0b:a0:30:c4:7a:d0:66:52:3d:f8:de:a9:43: 71:62:e9:d7:26:a0:7a:81:88:ee:b4:92:db:44:e1:67:87:7c: 04:d7:4f:42:37:27:b2:d0:15:e8:bd:04:34:fa:4f:fb:73:92: 0e:40:54:c9:2f:1a:4c:00:56:7c:55:9a:29:0a:eb:06:0a:90: 5a:f5:a4:3f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFCQDDVx+woHcIjjOO15WuaPt7ZIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUwNTAzNDMzOFoX DTI2MDUwNDAzNDgzOFowMzExMC8GA1UEAxMoQzczMDI5OERDRjY2QTFDQ0RFODgz N0UzRThENjVEMzkxMkJDQzQxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOpdRaK+gHR/fXK+9RsiC4+GxNdYnDZjuqA7MzMU14qhrYdak0qa3+wmahbA ho2IF4S5IWbK/nr8+iXdavvqM6+praaRUk1XDcfRCRsZPpV7HCqjufcGDla2UsOs KONDTRn51+IuzDT/VZKGuv7ZwpyiatCWLXMdi4NmEtj6hvwcB8VPejhKSCFHCOJG 05BHmQu1PBYbO4U7OCqMXh2HWUDNsvcTRSNNpDamG5OYI5quMU9A+MDwJ8dd6ILd 9fYkWbBfPOwn2+3hXK6rXK+qht4nZe7cMEgWDGwV421Ykx2XYyZf4vFYa4zrx/RZ ubsvUEE7I3U1uf/flm62tR8brtUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTHMCmN z2ahzN6IN+Po1l05ErzEHjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzEwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKAZyTANBgkqhkiG9w0BAQsFAAOCAQEADWiouKs/hwtz4GGA6a2w Y4lJ1Fu7zJQiugQlvVSgcO0l63c3ZdkF4/h9m6G2RyZVz9p7ntDRjhF2OTsX9wiS +gO02vC81KcqQgk8teu7n2SkOsTnmxW7B7cYz5vY8Fey0KM3z1ZAmtVtg1IKtpNt EwKjOJ20R3i3vgKT4OZYr3huPC7iEm/2H30dJIZ3JXmTfAzgBkZ4AVC0RplWf4dj hhNEtXyce+71RLYFP2YQASkWb3WJXE/DLKgLoDDEetBmUj343qlDcWLp1yageoGI 7rSS20ThZ4d8BNdPQjcnstAV6L0ENPpP+3OSDkBUyS8aTABWfFWaKQrrBgqQWvWk Pw== -----END CERTIFICATE-----Generated at Fri Jun 6 04:57:50 2025 by rpki-client