$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153936.roa File: AS153936.roa (raw, json) Hash identifier: xRaPcq4ik629401o/NcNkij7zwMBtIxbFt65loKtPUc= Subject key identifier: 4B:0F:42:31:97:37:47:2A:BA:A4:30:99:04:6D:7B:C8:0C:49:92:9B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 550C52F9FBBD33C9B17FA5444DCC4402EE3C31AB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153936.roa Signing time: Tue 08 Jul 2025 02:33:50 +0000 ROA not before: Tue 08 Jul 2025 02:28:50 +0000 ROA not after: Tue 07 Jul 2026 02:33:50 +0000 asID: 153936 IP address blocks: 165.99.162.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:0c:52:f9:fb:bd:33:c9:b1:7f:a5:44:4d:cc:44:02:ee:3c:31:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 8 02:28:50 2025 GMT Not After : Jul 7 02:33:50 2026 GMT Subject: CN=4B0F42319737472ABAA43099046D7BC80C49929B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:01:28:36:64:64:1f:fc:1f:c8:3c:ac:ec:91: 03:0b:ee:4c:94:61:0b:56:23:d9:69:9f:82:c2:07: 4d:12:f8:bd:03:93:22:2b:4e:53:88:ac:31:3f:cb: 2d:5d:a5:82:21:5e:39:84:27:f4:77:60:be:f1:8b: e1:e5:bc:59:ea:d7:3e:37:10:52:cf:b0:82:c3:fe: f5:2d:15:0a:d5:cc:f9:e7:b8:af:d7:05:d5:40:16: 5d:44:f6:a0:d6:93:37:c3:ab:0a:21:c8:0b:91:ee: 1b:49:5b:80:19:ef:5a:44:5f:d2:70:34:ac:56:47: 75:05:ed:b0:79:29:e1:5d:35:01:1f:06:59:e4:cf: 5f:90:ab:15:ce:1d:b9:cf:5c:04:1e:6a:d1:b7:ea: 85:7f:72:45:ea:e1:f1:bf:a7:33:12:d8:a1:73:17: 89:a8:f2:5c:39:2c:0f:84:1c:73:21:1b:57:89:1b: 93:d8:47:98:5b:eb:b0:56:a7:3f:82:9b:4e:96:78: c6:fa:04:b5:28:ef:ad:1d:a1:07:b3:08:0a:83:ea: f4:33:fe:28:6b:05:9e:f3:d5:d8:43:4a:cc:f8:50: 98:cc:da:df:75:b8:d0:bc:5c:b4:12:ee:dc:3e:35: 7d:81:a1:67:fc:b1:96:4b:d5:c5:e2:3f:6e:bb:19: 53:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:0F:42:31:97:37:47:2A:BA:A4:30:99:04:6D:7B:C8:0C:49:92:9B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153936.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.162.0/23 Signature Algorithm: sha256WithRSAEncryption 64:51:f0:ad:1b:8c:cf:1e:6f:39:ea:0d:6e:5c:d4:bb:81:c6: 5f:4e:1f:08:fe:87:5c:7c:44:d1:4f:c7:25:98:11:96:d2:82: 12:9c:b6:77:24:e9:45:89:49:42:01:83:c5:3d:de:3b:c3:0e: 1b:63:1d:97:bb:bb:25:52:bd:22:a2:ab:a1:09:ef:2e:0a:30: 5a:62:73:d9:a4:73:0f:c9:f0:1d:93:78:61:1e:62:5b:64:14: 44:11:12:35:39:f6:24:76:3c:f2:0d:d7:4d:3d:f4:a2:a1:fa: bd:a0:1d:35:4c:bb:78:2e:79:a3:7a:2b:73:e7:2f:54:2f:ba: 3a:14:0a:13:ba:91:fc:9a:56:d2:6f:e2:c5:fb:7e:42:60:3a: 80:42:11:7f:21:83:b5:db:10:e0:ab:3a:a4:b9:f5:e1:89:78: 10:50:cf:1b:8e:d0:af:ac:4c:37:c6:6f:da:27:a7:40:6a:c0: 1d:b9:04:b0:4f:fb:37:8f:32:3c:b4:fd:98:ef:5a:73:81:0e: ba:18:c3:70:89:5e:d2:ed:d5:2e:de:1c:5b:db:d3:e0:04:39: fd:b1:3a:87:53:2b:1d:b5:dc:2b:17:74:b0:da:78:5f:02:92: 89:ec:3c:37:cb:18:e1:2f:af:69:d5:e0:5e:eb:be:6b:f6:dd: 35:27:69:a8 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUVQxS+fu9M8mxf6VETcxEAu48MaswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcwODAyMjg1MFoX DTI2MDcwNzAyMzM1MFowMzExMC8GA1UEAxMoNEIwRjQyMzE5NzM3NDcyQUJBQTQz MDk5MDQ2RDdCQzgwQzQ5OTI5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkBKDZkZB/8H8g8rOyRAwvuTJRhC1Yj2WmfgsIHTRL4vQOTIitOU4isMT/L LV2lgiFeOYQn9HdgvvGL4eW8WerXPjcQUs+wgsP+9S0VCtXM+ee4r9cF1UAWXUT2 oNaTN8OrCiHIC5HuG0lbgBnvWkRf0nA0rFZHdQXtsHkp4V01AR8GWeTPX5CrFc4d uc9cBB5q0bfqhX9yRerh8b+nMxLYoXMXiajyXDksD4QccyEbV4kbk9hHmFvrsFan P4KbTpZ4xvoEtSjvrR2hB7MICoPq9DP+KGsFnvPV2ENKzPhQmMza33W40LxctBLu 3D41fYGhZ/yxlkvVxeI/brsZU1sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRLD0Ix lzdHKrqkMJkEbXvIDEmSmzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzkzNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaVjojANBgkqhkiG9w0BAQsFAAOCAQEAZFHwrRuMzx5vOeoNblzU u4HGX04fCP6HXHxE0U/HJZgRltKCEpy2dyTpRYlJQgGDxT3eO8MOG2Mdl7u7JVK9 IqKroQnvLgowWmJz2aRzD8nwHZN4YR5iW2QURBESNTn2JHY88g3XTT30oqH6vaAd NUy7eC55o3orc+cvVC+6OhQKE7qR/JpW0m/ixft+QmA6gEIRfyGDtdsQ4Ks6pLn1 4Yl4EFDPG47Qr6xMN8Zv2ienQGrAHbkEsE/7N48yPLT9mO9ac4EOuhjDcIle0u3V Lt4cW9vT4AQ5/bE6h1MrHbXcKxd0sNp4XwKSiew8N8sY4S+vadXgXuu+a/bdNSdp qA== -----END CERTIFICATE-----Generated at Sun Jul 20 23:56:20 2025 by rpki-client