$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153639.roa File: AS153639.roa (raw, json) Hash identifier: tWhgiMtFTS5TYD7H7D+bOK908StWY5biECLfVgQIaBo= Subject key identifier: A2:F2:FE:D0:41:96:D0:92:74:05:2D:E9:B3:A4:66:09:36:9A:F8:67 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 62F13FDC0BC627D4FCA403C7EEAD33D8F9FEAC04 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153639.roa Signing time: Mon 26 May 2025 04:43:37 +0000 ROA not before: Mon 26 May 2025 04:38:37 +0000 ROA not after: Mon 25 May 2026 04:43:37 +0000 asID: 153639 IP address blocks: 161.248.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 01:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:f1:3f:dc:0b:c6:27:d4:fc:a4:03:c7:ee:ad:33:d8:f9:fe:ac:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 26 04:38:37 2025 GMT Not After : May 25 04:43:37 2026 GMT Subject: CN=A2F2FED04196D09274052DE9B3A46609369AF867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:98:c0:0f:10:ef:04:55:ca:0c:fe:d7:d4:28: ac:eb:fa:1e:2f:ab:c1:c6:5e:f2:b5:68:9d:e1:52: 2c:06:b1:18:bb:e1:01:40:50:91:7c:fb:8e:f0:45: dc:1d:25:bd:2f:a9:43:d7:7f:05:0e:76:83:9d:7c: c7:87:89:55:8a:c5:5f:6c:cf:03:a1:87:e8:89:58: 35:83:9b:af:69:a2:4f:b1:96:d6:ff:cb:cd:71:46: b7:73:ad:c9:e3:bc:21:e2:a6:be:1d:71:b9:3b:21: d7:e8:00:9e:83:59:f6:fb:ba:1f:b0:0f:7a:b7:f5: 80:e3:73:05:f1:79:ed:5d:b3:a3:35:2a:c3:5b:17: 60:92:f2:d3:51:33:cc:b8:a8:22:d9:8e:a9:60:a2: 24:1a:2e:0d:e8:ba:6d:4e:2b:1f:c1:b5:92:51:b8: e6:6e:80:90:f6:bb:ce:ec:16:99:1c:f9:c9:d6:0e: 38:c9:4e:3e:d4:1e:19:66:49:7b:b7:41:16:c8:37: 56:fa:a0:cc:c4:28:99:1d:75:e7:64:96:01:75:3c: 08:71:aa:0e:bd:e6:8f:b0:e6:55:42:21:c0:43:c8: f9:e9:bc:b2:9e:99:74:8a:20:9b:85:60:7d:d2:a5: 57:94:74:09:e8:80:b2:3c:41:6e:eb:ea:97:de:4a: 90:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:F2:FE:D0:41:96:D0:92:74:05:2D:E9:B3:A4:66:09:36:9A:F8:67 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153639.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.195.0/24 Signature Algorithm: sha256WithRSAEncryption 23:3c:a6:4c:31:12:f7:94:3c:c1:c8:68:e1:8d:99:84:7b:9c: 5e:69:39:96:e6:4f:55:5c:b0:94:cd:77:ea:01:84:fc:88:24: 8c:ae:9b:d4:d0:f9:aa:b0:6b:ff:fe:b1:6d:ff:06:fa:fb:1a: b5:c8:98:c6:ac:7a:0a:6f:43:ef:54:e2:49:9d:6b:55:4f:2e: 85:35:45:dd:26:c1:76:28:1f:ba:b2:b0:c1:eb:f9:36:43:d5: 23:28:a3:06:a2:98:6b:96:c4:75:81:2f:84:4a:b1:0b:79:ed: c0:4d:2a:38:7e:51:4b:41:69:67:1d:30:ba:14:d1:4d:e9:6c: 47:bc:c7:8d:cf:8d:af:8d:bd:49:5a:a8:6d:bb:df:f8:63:72: 30:4e:55:cd:57:c1:85:e0:a3:65:87:dc:3a:af:86:7d:87:75: eb:24:4b:01:d2:8a:06:f9:02:93:5d:e4:39:90:c7:ae:d6:8f: 3e:5c:dc:13:33:e5:81:f6:da:50:c9:ec:5e:4b:ce:f4:01:a5: 60:fc:ac:f8:53:52:b4:0e:4d:19:d3:e0:dd:43:ff:7c:64:c3: 53:9e:78:0d:a1:85:e9:3f:5b:80:e0:83:6a:d6:8e:c5:07:40: f7:a3:ef:9e:e8:13:ce:45:39:b3:31:79:b5:81:21:d5:82:5f: 1a:8d:ea:e6 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUYvE/3AvGJ9T8pAPH7q0z2Pn+rAQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUyNjA0MzgzN1oX DTI2MDUyNTA0NDMzN1owMzExMC8GA1UEAxMoQTJGMkZFRDA0MTk2RDA5Mjc0MDUy REU5QjNBNDY2MDkzNjlBRjg2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuYwA8Q7wRVygz+19QorOv6Hi+rwcZe8rVoneFSLAaxGLvhAUBQkXz7jvBF 3B0lvS+pQ9d/BQ52g518x4eJVYrFX2zPA6GH6IlYNYObr2miT7GW1v/LzXFGt3Ot yeO8IeKmvh1xuTsh1+gAnoNZ9vu6H7APerf1gONzBfF57V2zozUqw1sXYJLy01Ez zLioItmOqWCiJBouDei6bU4rH8G1klG45m6AkPa7zuwWmRz5ydYOOMlOPtQeGWZJ e7dBFsg3VvqgzMQomR1152SWAXU8CHGqDr3mj7DmVUIhwEPI+em8sp6ZdIogm4Vg fdKlV5R0CeiAsjxBbuvql95KkM8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSi8v7Q QZbQknQFLemzpGYJNpr4ZzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzYzOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH4wzANBgkqhkiG9w0BAQsFAAOCAQEAIzymTDES95Q8wcho4Y2Z hHucXmk5luZPVVywlM136gGE/IgkjK6b1ND5qrBr//6xbf8G+vsatciYxqx6Cm9D 71TiSZ1rVU8uhTVF3SbBdigfurKwwev5NkPVIyijBqKYa5bEdYEvhEqxC3ntwE0q OH5RS0FpZx0wuhTRTelsR7zHjc+Nr429SVqobbvf+GNyME5VzVfBheCjZYfcOq+G fYd16yRLAdKKBvkCk13kOZDHrtaPPlzcEzPlgfbaUMnsXkvO9AGlYPys+FNStA5N GdPg3UP/fGTDU554DaGF6T9bgOCDataOxQdA96PvnugTzkU5szF5tYEh1YJfGo3q 5g== -----END CERTIFICATE-----Generated at Fri Jun 6 04:57:38 2025 by rpki-client