$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153893.roa File: AS153893.roa (raw, json) Hash identifier: ip/LgHQnO0ASM0l3h+mjlmkkIjMdT46HUobsS/GalmU= Subject key identifier: 03:B5:61:89:C8:07:0C:03:42:84:E8:C1:26:F8:3A:AB:9E:13:CA:49 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4A9599D12F5295AE19D67BD0E8050523E6D8D3F8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153893.roa Signing time: Mon 02 Jun 2025 02:28:24 +0000 ROA not before: Mon 02 Jun 2025 02:23:24 +0000 ROA not after: Mon 01 Jun 2026 02:28:24 +0000 asID: 153893 IP address blocks: 165.99.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 01:18:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:95:99:d1:2f:52:95:ae:19:d6:7b:d0:e8:05:05:23:e6:d8:d3:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 2 02:23:24 2025 GMT Not After : Jun 1 02:28:24 2026 GMT Subject: CN=03B56189C8070C034284E8C126F83AAB9E13CA49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bf:7e:6a:56:91:27:0f:a1:cc:02:5f:dc:59: aa:38:13:b4:7b:60:ee:7f:ba:5e:b9:f2:b1:a9:c3: ca:2a:50:d0:31:6a:f7:30:8e:08:8c:bc:fa:41:a2: f2:6d:98:d3:10:12:b3:90:dd:27:2f:e6:78:51:ea: 63:2d:b7:37:37:d6:01:24:b4:ad:73:6a:f6:55:4a: 68:05:bc:8f:d2:ff:5a:34:6f:b2:a1:03:aa:75:d7: 23:de:e1:98:b4:1d:fc:8b:40:86:e9:ab:b2:2c:58: 11:99:11:65:ea:e4:6f:f3:16:28:1b:e5:50:d8:b9: 81:4f:99:37:00:e6:b7:c4:02:c0:97:9d:25:bd:4e: 28:8c:74:01:a8:b6:fb:5a:98:8e:c9:23:bf:50:a5: ca:98:a4:e7:c8:1a:77:7b:6b:80:ba:1a:e0:c9:68: e5:c5:43:38:52:84:e9:1f:5a:e6:e7:76:52:9b:b5: cd:11:ed:c2:a9:26:b1:0d:f6:a5:ba:06:e1:39:9d: 30:f2:de:c8:1e:74:07:15:40:69:b0:43:d6:20:2a: 04:d0:1b:58:21:ca:67:bb:76:bd:d2:18:27:47:a1: d8:de:2f:f0:d5:9b:30:80:6d:ff:51:82:2f:c0:68: 82:69:1f:02:93:a2:8c:ed:4f:c7:39:50:84:a0:90: e2:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:B5:61:89:C8:07:0C:03:42:84:E8:C1:26:F8:3A:AB:9E:13:CA:49 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153893.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.56.0/24 Signature Algorithm: sha256WithRSAEncryption 02:9e:26:b9:3b:68:d9:8b:37:26:2e:ef:45:fa:f0:95:58:1f: 15:d1:bd:d3:bb:75:15:24:32:71:0b:5d:33:7e:78:c1:3d:a4: 03:cf:80:73:7e:6b:52:fa:0b:e7:97:69:0e:47:bf:cc:1a:03: 41:c9:47:bd:bc:69:ce:c5:f8:00:32:e8:9c:6d:b6:80:80:1f: 62:37:3c:bc:b5:3a:20:08:00:0f:69:c8:7e:01:bd:1d:2b:40: b6:95:7c:60:a3:1a:4c:40:63:bc:05:84:8d:6e:53:52:7d:ef: 77:fb:aa:20:c2:36:f8:9e:33:5c:96:d4:65:e6:5a:f9:ad:d6: cf:07:7b:c5:62:bf:57:9b:c6:25:58:f3:e2:43:24:ef:cf:9e: 72:12:41:79:a9:cb:53:bd:1c:fd:ee:de:93:c7:28:f0:ce:87: 98:8b:c4:51:df:40:65:6a:77:f0:ce:52:f0:38:d0:b3:bb:c3: 82:ac:1c:2d:b4:d4:cf:16:fb:cf:29:61:d0:ab:50:af:bb:39: ad:5b:1e:82:e0:4c:c3:37:65:32:b7:5e:4b:c2:17:ef:fa:ab: eb:52:99:2e:9f:73:25:20:dd:eb:45:a5:50:85:72:6e:44:61: df:dd:e7:5c:c1:07:82:aa:27:cc:92:b6:69:7d:13:1d:2f:0e: 8f:34:4b:5d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUSpWZ0S9Sla4Z1nvQ6AUFI+bY0/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwMjAyMjMyNFoX DTI2MDYwMTAyMjgyNFowMzExMC8GA1UEAxMoMDNCNTYxODlDODA3MEMwMzQyODRF OEMxMjZGODNBQUI5RTEzQ0E0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+/fmpWkScPocwCX9xZqjgTtHtg7n+6XrnysanDyipQ0DFq9zCOCIy8+kGi 8m2Y0xASs5DdJy/meFHqYy23NzfWASS0rXNq9lVKaAW8j9L/WjRvsqEDqnXXI97h mLQd/ItAhumrsixYEZkRZerkb/MWKBvlUNi5gU+ZNwDmt8QCwJedJb1OKIx0Aai2 +1qYjskjv1Clypik58gad3trgLoa4Mlo5cVDOFKE6R9a5ud2Upu1zRHtwqkmsQ32 pboG4TmdMPLeyB50BxVAabBD1iAqBNAbWCHKZ7t2vdIYJ0eh2N4v8NWbMIBt/1GC L8BogmkfApOijO1PxzlQhKCQ4jMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQDtWGJ yAcMA0KE6MEm+DqrnhPKSTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzg5My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjODANBgkqhkiG9w0BAQsFAAOCAQEAAp4muTto2Ys3Ji7vRfrw lVgfFdG907t1FSQycQtdM354wT2kA8+Ac35rUvoL55dpDke/zBoDQclHvbxpzsX4 ADLonG22gIAfYjc8vLU6IAgAD2nIfgG9HStAtpV8YKMaTEBjvAWEjW5TUn3vd/uq IMI2+J4zXJbUZeZa+a3Wzwd7xWK/V5vGJVjz4kMk78+echJBeanLU70c/e7ek8co 8M6HmIvEUd9AZWp38M5S8DjQs7vDgqwcLbTUzxb7zylh0KtQr7s5rVseguBMwzdl MrdeS8IX7/qr61KZLp9zJSDd60WlUIVybkRh393nXMEHgqonzJK2aX0THS8OjzRL XQ== -----END CERTIFICATE-----Generated at Fri Jun 6 04:57:34 2025 by rpki-client