$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154145.roa File: AS154145.roa (raw, json) Hash identifier: 6//GrjcWmzi26prJVbil1B9ECoVdCmgC/dx1zCewrTw= Subject key identifier: B7:34:B6:C0:31:F2:77:50:EC:77:F7:CA:E8:52:CB:F7:2D:48:39:44 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4733A37958C91EEBC6338CEBAC4881429939DC9B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154145.roa Signing time: Fri 29 Aug 2025 08:07:09 +0000 ROA not before: Fri 29 Aug 2025 08:02:09 +0000 ROA not after: Fri 28 Aug 2026 08:07:09 +0000 asID: 154145 IP address blocks: 192.188.89.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 14:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:33:a3:79:58:c9:1e:eb:c6:33:8c:eb:ac:48:81:42:99:39:dc:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 29 08:02:09 2025 GMT Not After : Aug 28 08:07:09 2026 GMT Subject: CN=B734B6C031F27750EC77F7CAE852CBF72D483944 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:d4:a8:6c:c4:9f:21:af:c4:d3:68:b1:7c:53: b4:26:52:6c:60:62:50:af:87:52:e0:27:3d:cd:bd: 4b:fc:57:66:3f:ed:f8:06:5b:a9:e5:3e:f7:5e:cd: 29:52:3b:5b:2b:1c:9a:c9:7a:78:0a:6e:36:8e:1a: 2d:1f:cd:66:ee:09:ce:72:ad:0d:58:81:42:94:77: 02:6e:98:38:3d:54:db:cd:8c:28:5d:6f:d5:5a:64: b9:76:94:68:b4:ed:13:44:ba:f7:ca:b8:c7:d6:47: 97:6f:9f:38:0f:f1:c5:c4:5d:9b:8e:a5:69:71:21: ab:69:da:3f:75:5b:fa:b8:ea:8e:2b:58:af:e8:a3: e1:25:de:2a:6e:a4:25:13:a5:e5:93:f4:88:b3:0c: 4e:4e:ff:94:94:e4:58:4b:e0:12:af:60:97:e5:d6: 1b:29:e8:9f:79:24:77:4e:64:e7:1d:80:4d:2e:2f: eb:aa:c4:05:e2:c5:f3:76:f8:d4:64:b1:ba:a2:9a: c7:d5:e4:b1:ac:5f:34:98:a4:69:71:16:54:75:ee: e0:b9:e4:4f:03:8b:4a:08:8f:26:3a:cc:9a:a3:d3: 68:f8:ef:c1:4d:71:0c:b1:e5:f3:f8:99:50:bf:0a: 91:81:da:8f:fa:cc:34:da:3b:9f:f4:73:a9:7d:cf: 3b:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:34:B6:C0:31:F2:77:50:EC:77:F7:CA:E8:52:CB:F7:2D:48:39:44 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154145.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.188.89.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:53:8a:16:06:a8:4a:01:c0:40:f1:8b:eb:0f:1e:84:0f:f2: be:95:ad:c8:9c:cf:be:43:9d:b4:0e:d2:0e:29:33:24:ea:2d: f6:80:36:7b:e4:b5:18:17:30:21:98:38:fe:45:8a:f5:a0:ba: be:a0:4b:4f:da:84:54:3e:80:22:72:0f:c9:54:0c:6c:2b:b8: 28:d5:dc:8e:d1:7d:0c:7a:56:e5:30:4a:7a:a6:f8:40:86:57: 99:02:30:f6:b2:ad:3d:e8:f0:1c:57:54:5c:1c:30:4e:fd:9e: a1:a0:f0:67:cd:36:a5:46:9d:d9:5a:af:14:1e:f9:88:1f:b4: b6:d3:ac:aa:3c:07:11:e0:12:3b:76:d9:2c:36:fc:28:cc:21: 94:e8:2b:6b:ef:ba:48:90:b0:25:1c:17:57:fb:14:9c:68:34: 44:81:47:2b:1d:79:97:ee:04:16:7d:dc:8a:de:6c:2a:8e:7d: f0:aa:f8:e2:b2:6c:d1:a6:d0:9e:8b:60:2b:cb:f2:48:91:53: 08:de:11:5d:af:84:ae:3e:13:05:31:33:59:09:ec:ba:e6:0e: 7e:d7:0e:7e:75:6e:66:41:aa:b4:71:6d:71:5f:e1:34:23:88: ea:4f:a1:8e:ab:6d:3d:8e:76:c8:f3:0e:9c:e1:61:99:48:7f: 56:9b:cd:c7 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURzOjeVjJHuvGM4zrrEiBQpk53JswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgyOTA4MDIwOVoX DTI2MDgyODA4MDcwOVowMzExMC8GA1UEAxMoQjczNEI2QzAzMUYyNzc1MEVDNzdG N0NBRTg1MkNCRjcyRDQ4Mzk0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOHUqGzEnyGvxNNosXxTtCZSbGBiUK+HUuAnPc29S/xXZj/t+AZbqeU+917N KVI7Wyscmsl6eApuNo4aLR/NZu4JznKtDViBQpR3Am6YOD1U282MKF1v1VpkuXaU aLTtE0S698q4x9ZHl2+fOA/xxcRdm46laXEhq2naP3Vb+rjqjitYr+ij4SXeKm6k JROl5ZP0iLMMTk7/lJTkWEvgEq9gl+XWGynon3kkd05k5x2ATS4v66rEBeLF83b4 1GSxuqKax9XksaxfNJikaXEWVHXu4LnkTwOLSgiPJjrMmqPTaPjvwU1xDLHl8/iZ UL8KkYHaj/rMNNo7n/RzqX3PO8ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS3NLbA MfJ3UOx398roUsv3LUg5RDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDE0NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAMC8WTANBgkqhkiG9w0BAQsFAAOCAQEALFOKFgaoSgHAQPGL6w8e hA/yvpWtyJzPvkOdtA7SDikzJOot9oA2e+S1GBcwIZg4/kWK9aC6vqBLT9qEVD6A InIPyVQMbCu4KNXcjtF9DHpW5TBKeqb4QIZXmQIw9rKtPejwHFdUXBwwTv2eoaDw Z802pUad2VqvFB75iB+0ttOsqjwHEeASO3bZLDb8KMwhlOgra++6SJCwJRwXV/sU nGg0RIFHKx15l+4EFn3cit5sKo598Kr44rJs0abQnotgK8vySJFTCN4RXa+Erj4T BTEzWQnsuuYOftcOfnVuZkGqtHFtcV/hNCOI6k+hjqttPY52yPMOnOFhmUh/VpvN xw== -----END CERTIFICATE-----Generated at Sun Sep 7 10:11:40 2025 by rpki-client