$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153156.roa File: AS153156.roa (raw, json) Hash identifier: gVGHt+BSBqVd6NRImRlKcMhOKNLgkyv6dato8WfY+mE= Subject key identifier: C5:2D:BB:8F:38:BF:C5:8C:83:97:52:FA:E0:8B:B7:F3:95:39:82:BE Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 09B48392553498F601D6C65093EFA42AE627B27A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153156.roa Signing time: Thu 15 May 2025 10:10:09 +0000 ROA not before: Thu 15 May 2025 10:05:09 +0000 ROA not after: Thu 14 May 2026 10:10:09 +0000 asID: 153156 IP address blocks: 160.191.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 01:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:b4:83:92:55:34:98:f6:01:d6:c6:50:93:ef:a4:2a:e6:27:b2:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 15 10:05:09 2025 GMT Not After : May 14 10:10:09 2026 GMT Subject: CN=C52DBB8F38BFC58C839752FAE08BB7F3953982BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:a1:87:62:4c:d9:bc:f1:e8:5a:da:0f:80:87: 7e:02:16:c0:54:80:b2:df:87:ba:b2:59:37:65:cf: fe:e8:11:24:33:37:83:52:78:f8:68:aa:ba:4b:17: 42:8b:3d:a1:87:11:7e:50:ee:21:21:6d:11:f3:9f: 6a:3c:de:1e:1c:af:ee:68:05:e0:5c:f8:c3:22:83: 0d:d4:a7:c2:34:7e:61:b0:69:a5:51:23:f7:7f:e9: e1:be:14:a3:1c:6f:96:69:6a:c1:60:33:bf:c6:16: 1f:b4:3f:77:61:51:bb:77:8e:f8:ef:65:9f:25:a2: 0f:b9:55:b8:4e:39:71:4e:c5:6e:45:c1:e3:67:69: 01:09:a6:96:68:3e:76:7f:3b:b0:3e:e6:77:82:b4: 4a:b3:6b:44:4e:67:32:8d:03:36:57:db:1a:95:b7: 42:91:a4:f3:46:99:91:64:2d:01:fc:e8:56:3f:3b: 50:87:e5:97:07:b4:4f:a6:ff:dc:30:8a:b6:cf:6c: 99:f7:71:74:ea:8e:08:c3:7f:17:81:88:42:37:ad: 99:6e:0e:a7:5d:f4:60:8e:9e:9d:2c:e3:65:81:a5: 03:18:18:e5:2f:f0:da:cb:00:c2:a4:bc:99:7b:83: 37:a6:3d:aa:40:e9:ac:e9:5a:2b:31:8c:18:34:94: ae:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:2D:BB:8F:38:BF:C5:8C:83:97:52:FA:E0:8B:B7:F3:95:39:82:BE X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153156.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.63.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:14:29:73:fd:10:41:3c:3e:cf:57:c8:12:a1:9e:41:d7:d1: 3b:02:2a:a8:1e:f8:55:3e:28:40:a7:5f:fa:43:0d:c5:0b:f0: 51:79:6c:27:60:a2:8b:39:51:3c:c8:3e:a7:81:2e:67:e6:b7: de:6c:b6:72:31:16:34:8b:26:e2:eb:73:ef:7d:f4:4d:b5:66: 13:54:04:0d:90:44:a2:80:02:5a:41:c0:99:d9:91:c1:5e:a0: 53:55:1c:49:86:37:32:63:06:8d:b8:af:ba:58:a9:4c:d6:a9: 13:42:57:c6:04:bb:b2:92:51:cb:a2:de:4a:a3:f9:a4:81:a0: 57:74:5e:5f:22:ad:06:e0:ac:56:c6:4f:80:30:51:07:6a:47: 1b:2c:3f:5c:46:5a:ac:75:e0:3f:c9:56:c3:a7:f5:ab:0e:0f: 13:26:ab:e5:84:b6:e6:c8:33:d5:23:a6:8a:f8:af:01:3a:db: 9e:98:a3:a0:38:91:4b:a9:d0:e8:79:e8:c7:71:5d:36:c9:da: 6e:c9:7e:5d:97:a3:6f:4d:11:a0:48:a9:ce:85:bc:2e:8d:55: 6d:f7:11:3e:a7:e1:f6:b6:46:87:b3:7b:1d:71:90:40:49:23: fb:a0:6e:98:5d:a4:b5:45:ba:bb:d1:4a:4f:eb:0b:1d:64:8c: 09:b8:0e:5a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUCbSDklU0mPYB1sZQk++kKuYnsnowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUxNTEwMDUwOVoX DTI2MDUxNDEwMTAwOVowMzExMC8GA1UEAxMoQzUyREJCOEYzOEJGQzU4QzgzOTc1 MkZBRTA4QkI3RjM5NTM5ODJCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALChh2JM2bzx6FraD4CHfgIWwFSAst+HurJZN2XP/ugRJDM3g1J4+GiquksX Qos9oYcRflDuISFtEfOfajzeHhyv7mgF4Fz4wyKDDdSnwjR+YbBppVEj93/p4b4U oxxvlmlqwWAzv8YWH7Q/d2FRu3eO+O9lnyWiD7lVuE45cU7FbkXB42dpAQmmlmg+ dn87sD7md4K0SrNrRE5nMo0DNlfbGpW3QpGk80aZkWQtAfzoVj87UIfllwe0T6b/ 3DCKts9smfdxdOqOCMN/F4GIQjetmW4Op130YI6enSzjZYGlAxgY5S/w2ssAwqS8 mXuDN6Y9qkDprOlaKzGMGDSUrh0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTFLbuP OL/FjIOXUvrgi7fzlTmCvjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE1Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKC/PzANBgkqhkiG9w0BAQsFAAOCAQEAPxQpc/0QQTw+z1fIEqGe QdfROwIqqB74VT4oQKdf+kMNxQvwUXlsJ2CiizlRPMg+p4EuZ+a33my2cjEWNIsm 4utz7330TbVmE1QEDZBEooACWkHAmdmRwV6gU1UcSYY3MmMGjbivulipTNapE0JX xgS7spJRy6LeSqP5pIGgV3ReXyKtBuCsVsZPgDBRB2pHGyw/XEZarHXgP8lWw6f1 qw4PEyar5YS25sgz1SOmivivATrbnpijoDiRS6nQ6Hnox3FdNsnabsl+XZejb00R oEipzoW8Lo1VbfcRPqfh9rZGh7N7HXGQQEkj+6BumF2ktUW6u9FKT+sLHWSMCbgO Wg== -----END CERTIFICATE-----Generated at Fri Jun 6 04:58:30 2025 by rpki-client