$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153149.roa File: AS153149.roa (raw, json) Hash identifier: +l2DXuqmz7GAc2IQdyr4pU33ZmuRC6uNfvxs0S2MAjc= Subject key identifier: B0:3C:CE:DC:1C:AE:90:CD:28:17:C2:A0:EB:5B:5F:03:40:48:D0:65 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 51547505C29A212F3000B53CD3EBFA85C0943D75 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153149.roa Signing time: Thu 06 Feb 2025 10:44:50 +0000 ROA not before: Thu 06 Feb 2025 10:39:50 +0000 ROA not after: Thu 05 Feb 2026 10:44:50 +0000 asID: 153149 IP address blocks: 160.191.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 24 Feb 2025 00:07:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:54:75:05:c2:9a:21:2f:30:00:b5:3c:d3:eb:fa:85:c0:94:3d:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 6 10:39:50 2025 GMT Not After : Feb 5 10:44:50 2026 GMT Subject: CN=B03CCEDC1CAE90CD2817C2A0EB5B5F034048D065 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:2c:0a:ef:37:33:2f:34:7b:58:a9:9d:d0:f1: 8a:c1:18:26:6d:2d:8e:a8:e9:4b:dd:1a:94:22:8d: c5:02:70:84:f7:79:40:c4:e0:5c:4c:f8:59:cb:51: fc:07:28:51:f1:ee:ef:78:e5:a5:6a:48:0f:b1:f6: d0:a2:5e:7a:dd:0a:df:b4:be:b8:81:5e:ab:d3:7b: 33:ad:5b:ec:0d:3d:3a:02:d0:79:85:12:51:db:5d: 4e:e7:37:79:c1:9a:b2:16:56:e9:1c:cd:70:11:fe: 52:7e:46:ca:3f:dd:3a:5a:75:d8:d8:9f:a7:59:25: ea:ff:b8:58:14:de:ca:5b:b7:78:9c:0e:71:e6:01: f8:2a:34:81:c2:ce:f7:b8:04:02:6e:5a:15:92:9d: 77:ce:89:64:a7:f9:0c:02:e9:d9:43:9f:a4:06:e5: 48:60:16:23:f4:80:26:73:8d:8d:f7:d1:bc:42:a7: 79:c6:5b:56:5d:a3:cb:31:96:c4:ca:5f:35:c8:16: d3:91:ab:06:26:4e:1b:0e:75:8d:18:8a:7e:a0:05: 55:67:35:57:19:e3:35:da:7d:bc:19:43:41:55:51: 4c:ae:d8:2e:2e:c1:17:66:60:c7:91:76:57:bc:5f: 6f:4f:a5:9b:31:ec:e4:ff:80:5c:e3:41:81:17:de: 56:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:3C:CE:DC:1C:AE:90:CD:28:17:C2:A0:EB:5B:5F:03:40:48:D0:65 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153149.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.235.0/24 Signature Algorithm: sha256WithRSAEncryption 56:cf:eb:e5:54:07:50:c2:ae:fe:79:c8:f8:99:45:7d:df:a1: 3a:b6:3f:53:b1:eb:c5:f3:3b:cb:68:26:4a:90:8c:ca:20:6c: 3c:04:97:5b:37:fd:ff:94:72:fb:5b:2d:97:54:02:b5:f2:99: 42:f1:65:2f:d5:4b:a4:ab:16:55:e3:05:5a:0a:ca:94:39:29: 47:a0:f5:ba:91:f2:e6:07:d3:a1:7b:f9:ab:fa:07:7c:03:1e: dc:64:03:76:12:48:06:dd:b6:a5:1c:31:7b:59:b8:71:c5:d4: 69:04:9e:f0:a8:ec:35:b3:19:2b:b1:dc:f8:c1:5e:4d:e6:a0: 5c:ae:18:11:6c:9c:21:c5:cf:14:1c:0a:d3:a7:0b:f4:2a:65: ae:ff:23:4e:d5:05:fe:b4:9c:71:77:d6:7d:83:ed:a1:b2:c7: b9:4e:ec:cc:f0:e6:14:6f:a5:08:db:a9:84:d9:86:a0:d3:5a: 13:c6:de:1e:85:8b:76:e2:ac:d3:88:ed:5c:c8:c3:54:41:75: 40:2b:02:0c:6f:8f:f5:d1:30:ab:ae:f5:01:43:c3:3e:87:76: 10:d0:34:c1:9e:24:5f:28:3d:4f:85:10:61:7c:7c:56:05:f3: 43:06:92:95:fd:bc:7c:01:57:93:3b:bd:92:d9:50:b7:e4:62: f3:5f:4a:6f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUVR1BcKaIS8wALU80+v6hcCUPXUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MFoX DTI2MDIwNTEwNDQ1MFowMzExMC8GA1UEAxMoQjAzQ0NFREMxQ0FFOTBDRDI4MTdD MkEwRUI1QjVGMDM0MDQ4RDA2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgsCu83My80e1ipndDxisEYJm0tjqjpS90alCKNxQJwhPd5QMTgXEz4WctR /AcoUfHu73jlpWpID7H20KJeet0K37S+uIFeq9N7M61b7A09OgLQeYUSUdtdTuc3 ecGashZW6RzNcBH+Un5Gyj/dOlp12Nifp1kl6v+4WBTeylu3eJwOceYB+Co0gcLO 97gEAm5aFZKdd86JZKf5DALp2UOfpAblSGAWI/SAJnONjffRvEKnecZbVl2jyzGW xMpfNcgW05GrBiZOGw51jRiKfqAFVWc1VxnjNdp9vBlDQVVRTK7YLi7BF2Zgx5F2 V7xfb0+lmzHs5P+AXONBgRfeVg0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSwPM7c HK6QzSgXwqDrW18DQEjQZTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE0OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKC/6zANBgkqhkiG9w0BAQsFAAOCAQEAVs/r5VQHUMKu/nnI+JlF fd+hOrY/U7HrxfM7y2gmSpCMyiBsPASXWzf9/5Ry+1stl1QCtfKZQvFlL9VLpKsW VeMFWgrKlDkpR6D1upHy5gfToXv5q/oHfAMe3GQDdhJIBt22pRwxe1m4ccXUaQSe 8KjsNbMZK7Hc+MFeTeagXK4YEWycIcXPFBwK06cL9Cplrv8jTtUF/rSccXfWfYPt obLHuU7szPDmFG+lCNuphNmGoNNaE8beHoWLduKs04jtXMjDVEF1QCsCDG+P9dEw q671AUPDPod2ENA0wZ4kXyg9T4UQYXx8VgXzQwaSlf28fAFXkzu9ktlQt+Ri819K bw== -----END CERTIFICATE-----Generated at Sat Feb 22 21:26:55 2025 by rpki-client