$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153126.roa File: AS153126.roa (raw, json) Hash identifier: IicAibK72lbr9GDRjBqibx93/rwGROGoPE4cBqJEuYg= Subject key identifier: 86:72:C7:81:17:88:60:4F:E9:69:54:3E:B4:58:E8:88:B1:CF:13:BD Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1F28FA13728D0C02229B19164ABD157E6C776C5C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153126.roa Signing time: Mon 21 Jul 2025 01:55:15 +0000 ROA not before: Mon 21 Jul 2025 01:50:15 +0000 ROA not after: Mon 20 Jul 2026 01:55:15 +0000 asID: 153126 IP address blocks: 160.187.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 16:46:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:28:fa:13:72:8d:0c:02:22:9b:19:16:4a:bd:15:7e:6c:77:6c:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 21 01:50:15 2025 GMT Not After : Jul 20 01:55:15 2026 GMT Subject: CN=8672C7811788604FE969543EB458E888B1CF13BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b7:73:82:9a:77:80:9f:b6:b7:51:1f:2d:2a: 59:94:3b:0a:25:c5:e7:23:15:64:90:fc:d6:68:b6: 61:18:a7:9d:3e:c0:b5:77:e7:12:56:d0:22:01:4d: 1b:2c:9c:2a:2e:20:23:a5:9b:94:31:c4:69:cb:16: 65:62:69:a5:8d:fe:4c:ec:ec:c5:7d:ee:42:ed:2d: 8a:a2:30:6a:35:0e:bd:8c:e3:3d:b5:43:5e:b1:35: dd:7b:46:3f:89:c1:4e:a2:af:1d:44:ed:61:3e:93: c8:65:bb:9b:62:8b:6c:b0:68:79:40:6d:5d:ce:f8: aa:b2:e0:e8:ff:24:98:d3:a9:fd:1a:fa:c7:36:9f: a0:f8:51:30:04:9f:63:b7:28:11:94:86:7d:30:4b: aa:d1:20:89:57:55:9d:b6:5b:ae:33:94:6e:b9:43: aa:6c:6e:34:7e:97:14:d6:f9:8f:99:8b:70:3d:49: 0b:d1:ac:ee:40:71:7a:6b:4b:4c:ad:90:d2:57:d5: a9:ff:3c:61:30:85:88:16:97:83:ae:c4:f2:2a:ec: 4c:2d:af:6a:b3:21:13:db:32:ad:5a:f5:b1:17:1f: b0:fc:43:19:76:92:67:41:94:9a:0f:6a:f4:ed:bc: 1a:9c:79:f3:88:14:60:40:30:1c:d3:23:cb:f9:a7: 36:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:72:C7:81:17:88:60:4F:E9:69:54:3E:B4:58:E8:88:B1:CF:13:BD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153126.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.187.86.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:13:51:34:64:7d:0c:c6:14:89:48:88:ad:5e:b3:b7:e8:78: fc:8f:23:98:a5:34:fa:b6:f6:3e:56:c9:b1:6c:b3:12:c7:d7: 2b:9a:88:d6:10:1e:ad:f0:4d:df:8c:de:3d:ae:7e:86:71:95: 40:5f:22:28:82:7b:ba:87:b0:3f:3d:cd:4f:00:2b:b5:ea:32: b4:cf:58:f7:c3:07:99:ec:56:71:44:f5:10:24:e4:84:00:70: 43:43:9c:1b:70:12:f8:79:18:e4:3c:c5:75:9e:cd:a7:e6:38: 73:fb:1f:90:21:e9:0c:ea:b1:ed:06:e2:7c:5e:27:05:23:7b: 4b:ee:52:fe:90:f4:00:b6:f8:2e:81:0b:fe:e4:42:8f:cc:88: d3:a6:2c:1d:f6:79:82:38:f7:73:f1:bb:2a:30:6e:38:49:48: 99:57:5e:e3:aa:0a:7a:86:e2:dd:77:13:92:bc:f3:cd:b6:5c: 6a:bb:ab:d8:f4:c5:ff:8f:0a:60:b8:6a:08:37:ed:fb:8c:73: 43:62:73:83:81:64:cd:5f:df:c8:8a:9c:fe:36:7d:76:e6:7f: f7:c5:30:8d:5c:10:3f:58:78:62:0a:df:e5:59:e7:76:49:3b: a3:4e:22:e7:f6:19:bc:44:4d:87:56:37:eb:1f:0b:26:6a:91: 32:97:a1:2d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHyj6E3KNDAIimxkWSr0Vfmx3bFwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcyMTAxNTAxNVoX DTI2MDcyMDAxNTUxNVowMzExMC8GA1UEAxMoODY3MkM3ODExNzg4NjA0RkU5Njk1 NDNFQjQ1OEU4ODhCMUNGMTNCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANy3c4Kad4CftrdRHy0qWZQ7CiXF5yMVZJD81mi2YRinnT7AtXfnElbQIgFN GyycKi4gI6WblDHEacsWZWJppY3+TOzsxX3uQu0tiqIwajUOvYzjPbVDXrE13XtG P4nBTqKvHUTtYT6TyGW7m2KLbLBoeUBtXc74qrLg6P8kmNOp/Rr6xzafoPhRMASf Y7coEZSGfTBLqtEgiVdVnbZbrjOUbrlDqmxuNH6XFNb5j5mLcD1JC9Gs7kBxemtL TK2Q0lfVqf88YTCFiBaXg67E8irsTC2varMhE9syrVr1sRcfsPxDGXaSZ0GUmg9q 9O28Gpx584gUYEAwHNMjy/mnNkkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSGcseB F4hgT+lpVD60WOiIsc8TvTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzEyNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKC7VjANBgkqhkiG9w0BAQsFAAOCAQEAGxNRNGR9DMYUiUiIrV6z t+h4/I8jmKU0+rb2PlbJsWyzEsfXK5qI1hAerfBN34zePa5+hnGVQF8iKIJ7uoew Pz3NTwArteoytM9Y98MHmexWcUT1ECTkhABwQ0OcG3AS+HkY5DzFdZ7Np+Y4c/sf kCHpDOqx7QbifF4nBSN7S+5S/pD0ALb4LoEL/uRCj8yI06YsHfZ5gjj3c/G7KjBu OElImVde46oKeobi3XcTkrzzzbZcarur2PTF/48KYLhqCDft+4xzQ2Jzg4FkzV/f yIqc/jZ9duZ/98UwjVwQP1h4Ygrf5Vnndkk7o04i5/YZvERNh1Y36x8LJmqRMpeh LQ== -----END CERTIFICATE-----Generated at Tue Jul 22 04:46:03 2025 by rpki-client