$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153923.roa File: AS153923.roa (raw, json) Hash identifier: PbabqOfS8rV7mWXailx3pY1yYO8pCfT1go20L3100EA= Subject key identifier: D7:8E:94:20:94:25:3A:8C:47:80:4D:93:4D:82:BE:87:32:49:92:DF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 64EC5F640C82F9C9159E29FBD33901552B911575 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153923.roa Signing time: Fri 06 Jun 2025 09:07:36 +0000 ROA not before: Fri 06 Jun 2025 09:02:36 +0000 ROA not after: Fri 05 Jun 2026 09:07:36 +0000 asID: 153923 IP address blocks: 165.99.106.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:30:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:ec:5f:64:0c:82:f9:c9:15:9e:29:fb:d3:39:01:55:2b:91:15:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 6 09:02:36 2025 GMT Not After : Jun 5 09:07:36 2026 GMT Subject: CN=D78E942094253A8C47804D934D82BE87324992DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:72:d9:63:83:82:e3:fd:14:7f:7d:d5:36:48: 2f:df:5f:a9:c7:ad:92:05:a9:50:09:92:2d:8d:c5: f7:a9:ce:bd:8a:03:7d:a5:1c:4a:db:50:60:a3:3f: a2:0e:de:98:f4:64:2a:db:cf:ba:77:3f:f0:91:d5: c1:b4:25:e9:1f:a5:ad:5c:44:6f:b7:57:37:69:36: e9:8a:4d:60:fa:1d:ec:6a:8c:bd:3e:33:e2:b1:39: a8:af:f2:93:63:e5:be:6c:41:8a:38:c1:43:5b:db: e9:4c:c2:2a:fa:e1:a7:ac:81:6c:32:a0:53:c1:b5: 57:10:50:d5:dc:cd:63:54:92:9a:e4:78:36:39:f5: 6c:ab:38:0a:cd:ff:f1:21:e6:62:07:dc:9c:87:68: 58:8b:0b:c7:8a:56:bd:58:71:1d:3f:e8:fd:bb:14: 10:54:16:71:f7:f0:d4:65:a9:74:df:8a:77:02:db: fe:cd:0e:81:cd:d1:1e:0f:1d:f2:4c:0a:ca:6d:50: 72:d8:1c:d9:fd:f6:49:5d:99:45:06:c7:e6:67:26: aa:58:56:fd:c8:0d:d2:a4:48:07:60:2d:12:78:f9: 9d:bf:2e:c5:dc:23:b2:2a:9c:71:c4:e8:28:b7:50: f0:09:4c:47:e8:9e:ff:e6:3f:2d:ea:0c:6f:4e:99: 0a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:8E:94:20:94:25:3A:8C:47:80:4D:93:4D:82:BE:87:32:49:92:DF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153923.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.106.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:f0:69:ef:36:56:48:71:6a:57:99:d3:c1:b8:cc:aa:9f:86: 32:61:d9:46:90:ca:29:c4:ab:da:87:09:b1:17:64:d9:72:22: 0a:7a:ae:c4:b4:93:f3:94:c3:0c:49:22:60:4e:94:11:1e:7d: 73:8d:58:1d:30:79:5a:61:ff:b3:b2:de:df:e8:ae:d0:94:9b: 4b:9f:df:bd:25:bc:7c:a8:52:70:59:a0:98:8f:71:85:56:14: c7:17:79:f4:ca:e9:69:8d:2e:b0:a6:ec:8d:c1:78:8b:f3:3d: a6:4f:47:64:9e:66:51:83:c4:d5:e8:88:73:5c:ae:3f:b7:42: 34:ed:eb:aa:14:cd:09:36:cd:91:83:3a:ee:6b:9e:9b:c2:ec: 11:64:a9:d6:43:92:a2:07:39:15:c3:4b:f8:3c:f1:23:81:38: a2:32:a8:cd:e8:d7:81:6d:2e:af:21:3c:09:05:77:41:f4:e2: 0a:2c:88:46:1d:cb:4c:29:4d:03:11:dd:00:07:cc:05:eb:ff: dd:dd:05:0c:97:ec:b2:c3:6c:6b:27:85:39:88:b2:83:85:e8: d6:04:62:59:c1:5c:2b:d9:05:a4:1a:5a:a1:2d:03:4e:e8:0a: 62:cf:e6:6f:8a:fd:b0:a3:5b:6f:94:99:52:e3:84:3c:96:00: 84:87:19:76 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUZOxfZAyC+ckVnin70zkBVSuRFXUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwNjA5MDIzNloX DTI2MDYwNTA5MDczNlowMzExMC8GA1UEAxMoRDc4RTk0MjA5NDI1M0E4QzQ3ODA0 RDkzNEQ4MkJFODczMjQ5OTJERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMly2WODguP9FH991TZIL99fqcetkgWpUAmSLY3F96nOvYoDfaUcSttQYKM/ og7emPRkKtvPunc/8JHVwbQl6R+lrVxEb7dXN2k26YpNYPod7GqMvT4z4rE5qK/y k2PlvmxBijjBQ1vb6UzCKvrhp6yBbDKgU8G1VxBQ1dzNY1SSmuR4Njn1bKs4Cs3/ 8SHmYgfcnIdoWIsLx4pWvVhxHT/o/bsUEFQWcffw1GWpdN+KdwLb/s0Ogc3RHg8d 8kwKym1Qctgc2f32SV2ZRQbH5mcmqlhW/cgN0qRIB2AtEnj5nb8uxdwjsiqcccTo KLdQ8AlMR+ie/+Y/LeoMb06ZCsECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTXjpQg lCU6jEeATZNNgr6HMkmS3zAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzkyMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjajANBgkqhkiG9w0BAQsFAAOCAQEAHPBp7zZWSHFqV5nTwbjM qp+GMmHZRpDKKcSr2ocJsRdk2XIiCnquxLST85TDDEkiYE6UER59c41YHTB5WmH/ s7Le3+iu0JSbS5/fvSW8fKhScFmgmI9xhVYUxxd59MrpaY0usKbsjcF4i/M9pk9H ZJ5mUYPE1eiIc1yuP7dCNO3rqhTNCTbNkYM67muem8LsEWSp1kOSogc5FcNL+Dzx I4E4ojKozejXgW0uryE8CQV3QfTiCiyIRh3LTClNAxHdAAfMBev/3d0FDJfsssNs ayeFOYiyg4Xo1gRiWcFcK9kFpBpaoS0DTugKYs/mb4r9sKNbb5SZUuOEPJYAhIcZ dg== -----END CERTIFICATE-----Generated at Sat Jun 7 20:25:09 2025 by rpki-client