$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153925.roa File: AS153925.roa (raw, json) Hash identifier: 5NgLiF4SxBSqLgvFXjoU3zoilqgSZT4rvqYz7cU4JF0= Subject key identifier: 45:29:3A:F8:C9:EC:6C:42:BB:51:F8:8D:29:A8:26:8A:3E:89:73:65 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 31E0D15527AC3F1E081ACC6D1F516A55EC9BD8DA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153925.roa Signing time: Thu 17 Jul 2025 02:15:39 +0000 ROA not before: Thu 17 Jul 2025 02:10:39 +0000 ROA not after: Thu 16 Jul 2026 02:15:39 +0000 asID: 153925 IP address blocks: 165.99.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:e0:d1:55:27:ac:3f:1e:08:1a:cc:6d:1f:51:6a:55:ec:9b:d8:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 17 02:10:39 2025 GMT Not After : Jul 16 02:15:39 2026 GMT Subject: CN=45293AF8C9EC6C42BB51F88D29A8268A3E897365 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:88:84:3d:2f:85:51:2d:21:1d:82:d2:53:ba: 87:77:0b:18:0a:d1:4f:e8:5a:7d:a6:93:50:0b:14: f0:d7:42:3c:a9:41:27:b2:ee:78:d2:ba:1d:a0:e5: ae:12:39:c4:f0:cb:29:26:c8:36:63:b7:0f:1f:9c: 4b:e9:bc:ca:ed:f0:6e:5c:87:d5:ad:d7:a8:59:41: aa:b3:2c:de:ef:d2:a2:d9:2b:13:b9:f3:57:01:24: 6b:eb:06:c1:5f:72:5d:a2:0a:df:f9:69:ff:08:4d: cb:ca:1d:8f:ca:1c:be:c9:78:f1:39:99:42:32:f2: 9e:93:56:4e:0c:f8:54:e3:6f:ec:34:79:09:3d:e2: 5b:8b:19:48:bb:83:a0:9f:36:15:4c:b3:ec:6b:09: ea:45:5f:a4:d6:f6:ae:ce:00:0f:63:64:48:6c:07: 9b:f8:76:16:68:fe:b0:14:76:e3:c3:ff:63:4c:b1: 49:42:6b:0a:a3:f1:63:a1:61:d1:1a:77:28:75:e7: 48:53:4b:0f:3d:3c:30:87:b6:bf:57:bd:8e:39:b1: b6:e4:75:52:39:7f:52:ec:b6:23:95:6d:a3:43:65: 90:93:2f:17:5c:5b:68:2d:63:be:87:e6:4a:75:c0: f2:65:8c:7c:00:5d:2b:3d:46:57:ed:85:89:d5:da: a0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:29:3A:F8:C9:EC:6C:42:BB:51:F8:8D:29:A8:26:8A:3E:89:73:65 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153925.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.95.0/24 Signature Algorithm: sha256WithRSAEncryption 56:bf:28:26:c0:9a:40:95:e7:83:7a:97:b1:d8:4e:f4:e3:d4: af:71:97:02:35:5e:d3:26:3c:e0:20:85:29:63:ef:eb:ad:2d: 6f:81:cb:df:97:0e:32:c4:78:d1:6f:4c:6c:74:18:c9:92:0a: 8b:35:0f:0a:35:9c:3f:37:10:28:bd:24:5e:0c:fc:89:a5:77: 1a:ce:aa:5b:c7:4b:8b:cc:bd:b6:3f:e9:9b:30:a1:70:f0:cb: 91:1c:ce:1a:8f:cd:46:c8:49:2e:8e:ad:0d:aa:1f:35:fa:38: 79:c9:7b:0c:aa:91:e3:78:41:cb:43:1a:97:5b:b4:b6:c1:fc: 32:c0:4e:c9:9f:bd:21:49:e0:cc:d6:e9:4a:40:db:8c:55:43: e1:47:3d:8b:6d:04:26:f0:1c:17:95:a2:a4:67:e6:9c:1c:5b: c5:b2:18:49:f5:e8:7a:fb:8a:f4:d3:0e:dd:1e:4a:43:39:11: 88:14:b4:b1:d7:e5:56:e1:c8:c0:9f:d9:5d:eb:7e:5c:b5:55: fb:9b:d9:db:d4:fd:ba:bb:ce:dd:f2:ca:fc:fc:e2:27:60:10: fd:f2:30:6a:43:ba:1e:5c:0c:75:48:36:30:7e:0f:75:a8:45: 63:be:64:07:b7:4d:53:1a:74:7c:1d:d7:ab:8b:23:25:e4:9e: 7a:b6:72:11 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUMeDRVSesPx4IGsxtH1FqVeyb2NowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcxNzAyMTAzOVoX DTI2MDcxNjAyMTUzOVowMzExMC8GA1UEAxMoNDUyOTNBRjhDOUVDNkM0MkJCNTFG ODhEMjlBODI2OEEzRTg5NzM2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALeIhD0vhVEtIR2C0lO6h3cLGArRT+hafaaTUAsU8NdCPKlBJ7LueNK6HaDl rhI5xPDLKSbINmO3Dx+cS+m8yu3wblyH1a3XqFlBqrMs3u/SotkrE7nzVwEka+sG wV9yXaIK3/lp/whNy8odj8ocvsl48TmZQjLynpNWTgz4VONv7DR5CT3iW4sZSLuD oJ82FUyz7GsJ6kVfpNb2rs4AD2NkSGwHm/h2Fmj+sBR248P/Y0yxSUJrCqPxY6Fh 0Rp3KHXnSFNLDz08MIe2v1e9jjmxtuR1Ujl/Uuy2I5Vto0NlkJMvF1xbaC1jvofm SnXA8mWMfABdKz1GV+2FidXaoA0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRFKTr4 yexsQrtR+I0pqCaKPolzZTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzkyNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjXzANBgkqhkiG9w0BAQsFAAOCAQEAVr8oJsCaQJXng3qXsdhO 9OPUr3GXAjVe0yY84CCFKWPv660tb4HL35cOMsR40W9MbHQYyZIKizUPCjWcPzcQ KL0kXgz8iaV3Gs6qW8dLi8y9tj/pmzChcPDLkRzOGo/NRshJLo6tDaofNfo4ecl7 DKqR43hBy0Mal1u0tsH8MsBOyZ+9IUngzNbpSkDbjFVD4Uc9i20EJvAcF5WipGfm nBxbxbIYSfXoevuK9NMO3R5KQzkRiBS0sdflVuHIwJ/ZXet+XLVV+5vZ29T9urvO 3fLK/PziJ2AQ/fIwakO6HlwMdUg2MH4PdahFY75kB7dNUxp0fB3Xq4sjJeSeerZy EQ== -----END CERTIFICATE-----Generated at Sun Jul 20 23:56:20 2025 by rpki-client