$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa File: AS149920.roa (raw, json) Hash identifier: wK3xDz3dz5p0dXrXqMJuaais4WugvjpgnmcAL/LKjOQ= Subject key identifier: 65:35:DF:A2:B5:06:38:6A:98:57:6A:60:91:E5:D1:6D:1A:A6:CD:C3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 332308B7E64021F900E38F92CEADCC62A57CEF3D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa Signing time: Fri 23 May 2025 07:00:00 +0000 ROA not before: Fri 23 May 2025 06:55:00 +0000 ROA not after: Fri 22 May 2026 07:00:00 +0000 asID: 149920 IP address blocks: 103.161.1.0/24 maxlen: 24 2001:df1:3940::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:23:08:b7:e6:40:21:f9:00:e3:8f:92:ce:ad:cc:62:a5:7c:ef:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 23 06:55:00 2025 GMT Not After : May 22 07:00:00 2026 GMT Subject: CN=6535DFA2B506386A98576A6091E5D16D1AA6CDC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ad:28:d6:f1:07:0b:ff:36:ec:57:53:8c:8b: a0:fd:7d:fd:3c:80:25:98:fa:83:68:99:34:fa:44: f0:5e:44:24:89:44:d2:62:3f:44:b9:ab:59:a0:5b: a1:9d:36:28:10:0d:f6:84:e1:51:df:be:01:33:ac: 95:29:06:64:e0:fb:28:58:2b:a6:b9:1a:31:c4:81: 93:f9:bc:d8:15:8c:67:26:37:76:9b:13:8b:c2:b4: 24:5e:86:b4:c9:82:a7:83:ba:fd:d3:eb:f4:e8:60: 4c:77:7f:de:49:19:a4:c7:94:32:35:0c:9b:e6:84: a2:28:d0:c8:b8:eb:c2:c1:52:30:c4:95:26:dd:d6: b6:2e:e6:3b:bd:3f:ad:37:12:38:58:3a:26:34:ce: 6e:9e:b7:97:7e:ff:72:b9:40:2b:34:3c:09:33:51: 38:84:b7:0f:e3:f5:d8:82:29:3d:b9:c5:d3:75:dd: 63:99:f6:aa:5c:84:5c:41:56:22:82:3e:2b:82:2d: 45:dd:d5:7c:3b:7d:52:13:39:e3:25:2f:07:25:3c: b3:b2:72:75:a6:66:fc:d9:82:ba:97:48:4a:e4:a2: 15:da:be:ca:c1:e8:e5:cc:7c:fe:97:ac:15:5b:17: 3c:ba:e5:d1:12:8f:1f:77:83:22:d5:f4:1d:ad:cb: 29:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:35:DF:A2:B5:06:38:6A:98:57:6A:60:91:E5:D1:6D:1A:A6:CD:C3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149920.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.1.0/24 IPv6: 2001:df1:3940::/48 Signature Algorithm: sha256WithRSAEncryption 62:55:43:f9:c3:8d:5e:33:ca:a2:57:6b:1c:c3:16:55:3a:44: e1:31:43:58:30:86:5c:9b:33:52:b3:4c:9f:41:79:55:9b:31: a9:f5:fa:b2:03:bb:9c:48:b2:07:98:24:d6:b4:2b:e5:4a:4c: 69:d9:59:ad:e2:7d:de:58:80:fa:4c:ca:45:6f:50:b4:ac:15: eb:a1:6d:71:24:42:06:6f:c7:ec:27:0e:14:35:a4:47:8b:4e: 51:f6:15:a1:c9:5c:ac:f4:18:20:85:e5:41:a1:b0:4a:59:3d: 18:fc:9c:00:65:71:0f:d3:fd:67:6c:ca:9e:56:e8:48:2f:5e: 1e:7d:b7:09:89:00:00:70:94:72:c8:b2:19:4e:96:e9:ab:9f: 06:f2:c6:48:fd:10:ac:d9:fb:5c:00:df:86:c0:66:3f:82:12: 97:57:e8:82:3a:24:13:49:55:e8:be:9f:e2:24:49:b9:82:91: 82:ad:21:f5:04:78:e5:e8:4e:bf:7a:50:c7:d9:6d:f9:ab:ed: c7:98:c4:c0:f3:20:17:13:f2:77:5e:2b:c9:bb:0a:12:4d:d5: 99:a7:fd:8f:89:c0:99:e0:4f:d2:58:f2:56:66:b5:49:2a:2b: 6e:db:b1:af:de:d5:dc:7a:d0:b0:dd:87:27:3d:88:51:15:ab: 20:ee:0b:41 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUMyMIt+ZAIfkA44+Szq3MYqV87z0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyMzA2NTUwMFoX DTI2MDUyMjA3MDAwMFowMzExMC8GA1UEAxMoNjUzNURGQTJCNTA2Mzg2QTk4NTc2 QTYwOTFFNUQxNkQxQUE2Q0RDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALetKNbxBwv/NuxXU4yLoP19/TyAJZj6g2iZNPpE8F5EJIlE0mI/RLmrWaBb oZ02KBAN9oThUd++ATOslSkGZOD7KFgrprkaMcSBk/m82BWMZyY3dpsTi8K0JF6G tMmCp4O6/dPr9OhgTHd/3kkZpMeUMjUMm+aEoijQyLjrwsFSMMSVJt3Wti7mO70/ rTcSOFg6JjTObp63l37/crlAKzQ8CTNROIS3D+P12IIpPbnF03XdY5n2qlyEXEFW IoI+K4ItRd3VfDt9UhM54yUvByU8s7JydaZm/NmCupdISuSiFdq+ysHo5cx8/pes FVsXPLrl0RKPH3eDItX0Ha3LKWsCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRlNd+i tQY4aphXamCR5dFtGqbNwzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkyMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGehATAPBAIAAjAJAwcAIAEN8TlAMA0GCSqGSIb3DQEBCwUAA4IB AQBiVUP5w41eM8qiV2scwxZVOkThMUNYMIZcmzNSs0yfQXlVmzGp9fqyA7ucSLIH mCTWtCvlSkxp2Vmt4n3eWID6TMpFb1C0rBXroW1xJEIGb8fsJw4UNaRHi05R9hWh yVys9BggheVBobBKWT0Y/JwAZXEP0/1nbMqeVuhIL14efbcJiQAAcJRyyLIZTpbp q58G8sZI/RCs2ftcAN+GwGY/ghKXV+iCOiQTSVXovp/iJEm5gpGCrSH1BHjl6E6/ elDH2W35q+3HmMTA8yAXE/J3XivJuwoSTdWZp/2PicCZ4E/SWPJWZrVJKitu27Gv 3tXcetCw3YcnPYhRFasg7gtB -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:34 2025 by rpki-client