$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153896.roa File: AS153896.roa (raw, json) Hash identifier: 36TqsZg5jeBseAwfO6SGWX8zWX7HxMz6FfN0WcSjpXc= Subject key identifier: 29:DC:03:32:25:4D:1D:AE:B9:DF:A7:7C:11:8A:8F:CC:B6:A8:D5:D0 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1F53A7B126EDF76503317F45E3C290073DCBAB91 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153896.roa Signing time: Wed 27 Aug 2025 01:16:30 +0000 ROA not before: Wed 27 Aug 2025 01:11:30 +0000 ROA not after: Wed 26 Aug 2026 01:16:30 +0000 asID: 153896 IP address blocks: 165.99.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 14:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:53:a7:b1:26:ed:f7:65:03:31:7f:45:e3:c2:90:07:3d:cb:ab:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 27 01:11:30 2025 GMT Not After : Aug 26 01:16:30 2026 GMT Subject: CN=29DC0332254D1DAEB9DFA77C118A8FCCB6A8D5D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:24:0a:b5:cd:1e:76:2e:e9:74:5b:12:e9:e6: 77:3d:41:5b:71:02:4c:db:0f:12:8d:b1:6c:4b:b8: 3b:82:cb:49:d9:10:45:20:7e:34:e0:ff:ae:df:9c: 04:ff:82:d4:82:91:2d:ac:fc:bd:9a:fd:7f:fb:ca: 09:43:7b:90:36:75:27:07:14:55:5d:ff:66:7c:cc: 6e:6a:fb:e5:22:ce:d5:67:8f:a6:13:5c:ad:0e:b1: 0b:f6:1d:5a:ec:04:9b:7c:c6:26:c0:b7:0c:84:ed: 57:2d:eb:c6:be:e5:ed:24:9d:b7:82:16:6f:ff:b8: e5:07:41:72:06:71:4d:58:05:c5:92:96:ae:75:0f: 1f:85:ed:c3:75:ec:70:1c:ca:a3:cc:e5:03:38:d3: 4c:7b:9b:e6:cf:10:b1:ee:62:a0:c4:0c:4b:5c:8b: 17:7b:87:18:37:85:40:50:c8:a4:15:d0:96:01:48: c6:7b:7c:cc:f2:e7:63:b1:c6:1e:6b:20:8a:10:55: 18:99:99:19:d4:d9:ee:4d:2c:c5:e3:87:43:c5:d3: b2:a1:3c:c0:05:b1:35:49:af:30:f3:92:11:66:92: ed:54:81:fa:20:80:91:8b:1b:81:40:b6:7c:36:ac: 58:97:a2:ed:a3:ba:6c:f4:09:8d:dc:bc:0e:11:a2: a0:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:DC:03:32:25:4D:1D:AE:B9:DF:A7:7C:11:8A:8F:CC:B6:A8:D5:D0 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153896.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.21.0/24 Signature Algorithm: sha256WithRSAEncryption 67:20:4d:f4:e2:59:1e:93:3f:28:8c:64:6c:0c:1d:26:ad:59: 1f:04:b9:f1:36:0f:0b:56:40:b7:d1:d9:7a:33:a5:b6:7c:e0: 36:ac:7d:f0:3e:80:19:b2:c5:5d:c4:29:bc:48:d1:75:33:bb: ee:8d:e2:17:ba:74:3a:83:8d:b4:b7:41:40:64:49:73:31:f8: af:7f:7d:e4:b8:c8:38:50:57:b3:d5:0d:5e:1a:84:40:3b:e6: 38:a2:ed:ee:b9:fd:91:9d:8e:0c:eb:fc:9d:2f:b8:7f:3f:a1: 33:99:2c:74:24:9d:6e:dd:d6:f9:41:7a:34:ac:ff:42:e9:d6: 4a:f5:8d:49:5e:69:42:71:cf:c2:df:d2:5d:0f:ce:c1:e4:d4: 59:0d:97:89:c1:97:26:d9:7e:5b:3c:ec:8c:4c:80:81:67:19: 95:3d:a8:9d:0d:ea:e4:e8:ac:ac:f8:e7:a3:60:07:7c:32:a1: 61:62:7b:56:a0:73:a5:7b:a1:9a:00:80:37:d0:88:5b:d2:15: fc:54:5a:fd:2c:ad:46:b2:36:1e:fb:6c:b3:82:ef:b8:d4:61: 3a:0d:ef:03:a3:57:75:62:42:33:c6:dd:c8:e5:92:6d:8e:2f: a1:75:6a:5f:07:d0:39:0c:d4:1f:e1:e1:2c:b6:ba:b7:8d:bc: 4d:23:db:ce -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUH1OnsSbt92UDMX9F48KQBz3Lq5EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgyNzAxMTEzMFoX DTI2MDgyNjAxMTYzMFowMzExMC8GA1UEAxMoMjlEQzAzMzIyNTREMURBRUI5REZB NzdDMTE4QThGQ0NCNkE4RDVEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKokCrXNHnYu6XRbEunmdz1BW3ECTNsPEo2xbEu4O4LLSdkQRSB+NOD/rt+c BP+C1IKRLaz8vZr9f/vKCUN7kDZ1JwcUVV3/ZnzMbmr75SLO1WePphNcrQ6xC/Yd WuwEm3zGJsC3DITtVy3rxr7l7SSdt4IWb/+45QdBcgZxTVgFxZKWrnUPH4Xtw3Xs cBzKo8zlAzjTTHub5s8Qse5ioMQMS1yLF3uHGDeFQFDIpBXQlgFIxnt8zPLnY7HG HmsgihBVGJmZGdTZ7k0sxeOHQ8XTsqE8wAWxNUmvMPOSEWaS7VSB+iCAkYsbgUC2 fDasWJei7aO6bPQJjdy8DhGioM0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQp3AMy JU0drrnfp3wRio/MtqjV0DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzg5Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjFTANBgkqhkiG9w0BAQsFAAOCAQEAZyBN9OJZHpM/KIxkbAwd Jq1ZHwS58TYPC1ZAt9HZejOltnzgNqx98D6AGbLFXcQpvEjRdTO77o3iF7p0OoON tLdBQGRJczH4r3995LjIOFBXs9UNXhqEQDvmOKLt7rn9kZ2ODOv8nS+4fz+hM5ks dCSdbt3W+UF6NKz/QunWSvWNSV5pQnHPwt/SXQ/OweTUWQ2XicGXJtl+WzzsjEyA gWcZlT2onQ3q5OisrPjno2AHfDKhYWJ7VqBzpXuhmgCAN9CIW9IV/FRa/SytRrI2 Hvtss4LvuNRhOg3vA6NXdWJCM8bdyOWSbY4voXVqXwfQOQzUH+HhLLa6t428TSPb zg== -----END CERTIFICATE-----Generated at Sun Sep 7 10:11:35 2025 by rpki-client