$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153140.roa File: AS153140.roa (raw, json) Hash identifier: jwWfwUBL2kkjSbbNbhpi97ToP8WAhawPByRj8qK8AgU= Subject key identifier: 91:D1:35:D4:48:64:CD:A7:0C:50:DB:FC:E9:EC:BE:C5:09:80:22:6D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 518FFC1DE630F6316EE1D49C0C3323D2BF2C1675 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153140.roa Signing time: Thu 06 Feb 2025 10:44:48 +0000 ROA not before: Thu 06 Feb 2025 10:39:48 +0000 ROA not after: Thu 05 Feb 2026 10:44:48 +0000 asID: 153140 IP address blocks: 160.187.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 24 Feb 2025 00:07:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:8f:fc:1d:e6:30:f6:31:6e:e1:d4:9c:0c:33:23:d2:bf:2c:16:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:48 2025 GMT Not After : Feb 5 10:44:48 2026 GMT Subject: CN=91D135D44864CDA70C50DBFCE9ECBEC50980226D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:08:54:d3:c9:11:7e:83:8a:c7:3b:cd:d9:c7: ec:8a:ec:0b:66:83:67:7b:de:a0:a0:92:70:3a:fc: d0:f5:35:3a:86:41:8e:4c:a5:84:04:9d:da:bc:0b: 3f:3e:02:fd:c1:e9:da:28:8e:aa:2f:e3:2a:9b:61: f0:29:56:93:88:ba:11:e5:b4:99:4d:5c:70:ed:b3: 1a:0a:1f:00:fd:c8:14:ca:99:58:31:e1:a9:2b:a7: 35:28:d1:74:bc:9b:4a:29:c4:83:5d:b8:40:87:39: ed:a0:87:74:8c:36:d8:f5:7c:5d:2d:e5:85:6c:e0: ab:12:de:ed:49:95:71:d8:32:70:4b:61:ea:81:6f: 9e:af:64:46:e6:d4:1f:51:80:b4:67:40:df:db:65: 0b:d4:18:a9:7a:ac:7e:e2:a8:1a:f2:f1:ba:0f:4e: 3e:99:77:2c:e8:09:4b:89:65:21:f8:01:31:3c:26: 11:68:e5:f2:0b:8c:e1:10:b9:aa:db:85:06:17:43: ce:42:71:9c:ff:19:56:0f:37:d4:6e:02:80:e0:a8: 46:b1:45:56:85:35:be:7b:3d:f6:b1:70:02:25:ea: af:59:49:22:35:eb:74:fe:a7:0f:31:de:37:37:47: 32:8d:1b:a6:69:ef:c3:5d:72:c9:a0:dd:1f:b5:e9: a6:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:D1:35:D4:48:64:CD:A7:0C:50:DB:FC:E9:EC:BE:C5:09:80:22:6D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153140.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.187.231.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:57:c1:f4:99:6a:07:55:67:d6:5c:c3:e3:c1:f8:48:55:6a: 01:2d:ba:43:6a:18:32:88:ea:78:77:57:bd:1b:e8:28:89:cd: a0:33:13:86:5a:02:9d:39:9c:a0:62:9e:29:e9:23:7c:c8:0b: 88:f8:f6:cf:b2:cb:ae:60:5b:3a:17:85:64:7d:32:de:10:16: 4d:8c:07:19:c7:5f:3e:5f:17:d1:7e:32:6e:0f:af:e5:e2:a7: b7:91:0b:84:8e:92:52:fe:d5:89:86:a8:26:b9:37:b6:12:ee: 0a:71:f3:b9:d1:89:94:cf:65:60:5b:a1:4e:e2:61:88:ce:b9: e1:04:13:31:97:33:59:b3:4e:25:41:10:ee:a0:d0:50:f7:cd: 86:bf:e5:61:25:88:73:ad:35:5c:c1:7a:2c:ac:1b:22:57:cb: 91:76:d8:07:a6:5c:6b:a3:64:d8:be:13:16:8a:c6:f1:b9:77: 5c:81:3c:e1:24:45:7d:83:c0:d0:57:cd:4a:c4:95:d6:fe:5c: 7e:6e:66:4f:ca:ae:d7:a4:6d:64:5a:45:b0:29:d8:19:65:75: 9a:05:ab:03:e7:ff:76:92:16:4e:7f:d4:2e:f2:33:71:3c:29: f1:0c:9d:f7:bb:7d:a6:d6:00:a8:61:a0:0f:f4:ca:3a:69:81: ec:03:c4:04 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUY/8HeYw9jFu4dScDDMj0r8sFnUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OFoX DTI2MDIwNTEwNDQ0OFowMzExMC8GA1UEAxMoOTFEMTM1RDQ0ODY0Q0RBNzBDNTBE QkZDRTlFQ0JFQzUwOTgwMjI2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0IVNPJEX6Disc7zdnH7IrsC2aDZ3veoKCScDr80PU1OoZBjkylhASd2rwL Pz4C/cHp2iiOqi/jKpth8ClWk4i6EeW0mU1ccO2zGgofAP3IFMqZWDHhqSunNSjR dLybSinEg124QIc57aCHdIw22PV8XS3lhWzgqxLe7UmVcdgycEth6oFvnq9kRubU H1GAtGdA39tlC9QYqXqsfuKoGvLxug9OPpl3LOgJS4llIfgBMTwmEWjl8guM4RC5 qtuFBhdDzkJxnP8ZVg831G4CgOCoRrFFVoU1vns99rFwAiXqr1lJIjXrdP6nDzHe NzdHMo0bpmnvw11yyaDdH7XpphcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSR0TXU SGTNpwxQ2/zp7L7FCYAibTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE0MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKC75zANBgkqhkiG9w0BAQsFAAOCAQEAG1fB9JlqB1Vn1lzD48H4 SFVqAS26Q2oYMojqeHdXvRvoKInNoDMThloCnTmcoGKeKekjfMgLiPj2z7LLrmBb OheFZH0y3hAWTYwHGcdfPl8X0X4ybg+v5eKnt5ELhI6SUv7ViYaoJrk3thLuCnHz udGJlM9lYFuhTuJhiM654QQTMZczWbNOJUEQ7qDQUPfNhr/lYSWIc601XMF6LKwb IlfLkXbYB6Zca6Nk2L4TForG8bl3XIE84SRFfYPA0FfNSsSV1v5cfm5mT8qu16Rt ZFpFsCnYGWV1mgWrA+f/dpIWTn/ULvIzcTwp8Qyd97t9ptYAqGGgD/TKOmmB7APE BA== -----END CERTIFICATE-----Generated at Sat Feb 22 21:16:49 2025 by rpki-client