$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153986.roa File: AS153986.roa (raw, json) Hash identifier: Yb4KmTKhqszV3M6KB8mnv7buse86uR3yJV55A7PiWe8= Subject key identifier: 02:61:52:76:E9:77:CD:F2:DD:67:06:9C:A8:AA:48:F0:86:F5:7A:BF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 22055A75323002CCA803196AF34AE4B9005610D7 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153986.roa Signing time: Mon 30 Jun 2025 02:40:20 +0000 ROA not before: Mon 30 Jun 2025 02:35:20 +0000 ROA not after: Mon 29 Jun 2026 02:40:20 +0000 asID: 153986 IP address blocks: 165.99.194.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:05:5a:75:32:30:02:cc:a8:03:19:6a:f3:4a:e4:b9:00:56:10:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 30 02:35:20 2025 GMT Not After : Jun 29 02:40:20 2026 GMT Subject: CN=02615276E977CDF2DD67069CA8AA48F086F57ABF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:b5:9e:d7:99:10:c6:11:5d:9c:8a:63:15:ec: e9:db:bf:80:2d:ab:a5:79:fb:bb:37:20:ad:fc:e7: 9b:43:30:c7:9e:f2:6e:b4:03:3b:7f:4e:fe:f1:09: b6:c3:80:c3:78:9f:0b:54:f1:09:d7:45:7c:a2:24: e6:3e:82:d3:47:3c:f8:2f:53:c1:1c:54:9e:fb:d9: 97:d6:67:0e:a4:84:8b:7f:36:56:dd:a4:c8:33:40: 21:5e:31:4a:3e:0a:7f:25:78:b3:61:e2:44:83:cb: 03:ab:0f:f0:12:08:43:b8:6b:e9:9c:e9:0e:e8:79: 03:e7:d2:b0:3f:8a:45:8f:48:13:1f:8a:87:70:fc: 51:f0:c4:b7:f5:62:92:f0:aa:e6:74:72:31:16:50: 72:2d:3d:a2:19:ee:17:81:7b:25:40:e8:96:c1:3f: a8:6b:59:ef:3e:9d:35:13:22:09:5c:14:87:4c:ba: 75:21:50:09:51:e7:81:56:3e:38:09:57:9b:29:01: 7b:ed:ef:f1:5b:05:12:04:50:9f:91:58:8c:d1:88: 3e:cc:30:97:20:f0:91:cd:2a:28:dc:e1:6f:a4:38: bd:bb:4a:2f:44:b7:35:e1:7a:be:75:66:5c:0f:15: bb:54:1f:86:4b:c1:a3:4f:c8:64:69:43:e6:68:2f: 7f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:61:52:76:E9:77:CD:F2:DD:67:06:9C:A8:AA:48:F0:86:F5:7A:BF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153986.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.194.0/23 Signature Algorithm: sha256WithRSAEncryption 17:9e:1d:a6:e8:38:e4:b0:64:d1:d8:86:7b:10:23:99:6d:46: c4:e2:67:fa:37:e5:75:ca:ad:2f:7e:7a:2e:11:52:61:31:fa: 1f:d0:dd:67:fc:5c:3a:52:5e:41:78:16:12:f1:ca:25:95:91: a6:48:01:ef:59:9f:6b:60:0b:84:65:1e:44:e4:c6:3d:e7:74: 15:22:c1:1f:44:fd:ff:a2:cf:01:5b:39:80:d2:58:4d:89:db: ce:2c:c8:7a:2f:7a:63:e8:20:7e:ab:73:92:10:cf:d9:f1:59: 9f:83:78:2b:f3:e6:cf:98:6f:cb:24:a8:7e:cf:5d:3e:7f:58: 35:f8:86:6a:ab:8b:22:3d:d9:95:9e:0e:d2:16:06:8d:71:ed: c3:65:e9:28:65:c0:38:da:1a:8b:44:48:43:ff:08:59:f3:86: 70:8c:bc:51:af:5d:84:e4:a6:73:54:6b:db:36:f0:4c:f0:5d: 51:ad:4e:94:38:25:57:d5:0c:ca:64:f3:93:7e:77:8e:67:51: 95:28:99:30:1f:92:a3:e9:af:3f:60:55:dc:eb:c1:9d:8d:5e: 86:4f:09:75:f1:1f:21:fb:04:6a:16:7a:96:bb:26:e0:bc:ae: 40:3c:53:ad:b2:c8:7b:9e:ca:cc:de:64:ff:0c:ae:59:89:24: 62:5e:51:8c -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIgVadTIwAsyoAxlq80rkuQBWENcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYzMDAyMzUyMFoX DTI2MDYyOTAyNDAyMFowMzExMC8GA1UEAxMoMDI2MTUyNzZFOTc3Q0RGMkRENjcw NjlDQThBQTQ4RjA4NkY1N0FCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPK1nteZEMYRXZyKYxXs6du/gC2rpXn7uzcgrfznm0Mwx57ybrQDO39O/vEJ tsOAw3ifC1TxCddFfKIk5j6C00c8+C9TwRxUnvvZl9ZnDqSEi382Vt2kyDNAIV4x Sj4KfyV4s2HiRIPLA6sP8BIIQ7hr6ZzpDuh5A+fSsD+KRY9IEx+Kh3D8UfDEt/Vi kvCq5nRyMRZQci09ohnuF4F7JUDolsE/qGtZ7z6dNRMiCVwUh0y6dSFQCVHngVY+ OAlXmykBe+3v8VsFEgRQn5FYjNGIPswwlyDwkc0qKNzhb6Q4vbtKL0S3NeF6vnVm XA8Vu1QfhkvBo0/IZGlD5mgvf2kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQCYVJ2 6XfN8t1nBpyoqkjwhvV6vzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaVjwjANBgkqhkiG9w0BAQsFAAOCAQEAF54dpug45LBk0diGexAj mW1GxOJn+jfldcqtL356LhFSYTH6H9DdZ/xcOlJeQXgWEvHKJZWRpkgB71mfa2AL hGUeROTGPed0FSLBH0T9/6LPAVs5gNJYTYnbzizIei96Y+ggfqtzkhDP2fFZn4N4 K/Pmz5hvyySofs9dPn9YNfiGaquLIj3ZlZ4O0hYGjXHtw2XpKGXAONoai0RIQ/8I WfOGcIy8Ua9dhOSmc1Rr2zbwTPBdUa1OlDglV9UMymTzk353jmdRlSiZMB+So+mv P2BV3OvBnY1ehk8JdfEfIfsEahZ6lrsm4LyuQDxTrbLIe57KzN5k/wyuWYkkYl5R jA== -----END CERTIFICATE-----Generated at Sun Jul 20 23:56:20 2025 by rpki-client