$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149925.roa File: AS149925.roa (raw, json) Hash identifier: mFys8eY6n0Cb7SB3qDGOtT7m7NPip37FExILT97+JtE= Subject key identifier: 3B:68:97:9A:6B:44:EF:C6:84:3C:FF:93:D1:7F:30:B9:8A:AD:9E:CE Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 05BD1B338C863BA5CB2F2C109F3968B9D9BE47B2 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149925.roa Signing time: Wed 26 Mar 2025 07:00:00 +0000 ROA not before: Wed 26 Mar 2025 06:55:00 +0000 ROA not after: Wed 25 Mar 2026 07:00:00 +0000 asID: 149925 IP address blocks: 103.115.20.0/24 maxlen: 24 2001:df2:7a40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:bd:1b:33:8c:86:3b:a5:cb:2f:2c:10:9f:39:68:b9:d9:be:47:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 26 06:55:00 2025 GMT Not After : Mar 25 07:00:00 2026 GMT Subject: CN=3B68979A6B44EFC6843CFF93D17F30B98AAD9ECE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:6b:76:c1:07:2d:e7:2d:a4:c7:aa:4a:18:b2: bf:01:52:e8:9b:2e:9d:bb:ad:8b:a5:c0:63:2c:14: 6d:43:52:3e:2d:02:31:cb:92:76:04:56:15:26:63: 1e:45:17:b0:a5:ae:f1:d3:e5:04:62:d1:fa:ff:73: ec:82:b9:d1:a2:75:68:54:cf:95:9d:e5:b4:70:16: 38:57:b6:02:f3:00:b4:10:a3:5c:1a:74:e2:32:a3: 59:c5:5e:62:4d:cf:00:4d:93:3b:18:bb:8c:44:52: 96:1a:b4:eb:49:27:54:b1:f0:29:0e:70:21:37:41: 8c:18:4b:51:2b:e9:86:37:89:69:e1:32:04:43:5d: a3:b5:52:e8:ea:82:34:6c:9e:d6:b9:0b:23:55:14: d4:2c:5a:5e:f0:72:50:ef:e0:61:06:93:8c:4f:c9: 9a:97:f6:3d:04:d7:bd:1a:99:da:63:e4:e6:8f:49: 84:13:54:2f:93:2b:4e:2b:d1:aa:8d:c4:06:39:65: 2c:07:0a:23:89:8a:03:31:09:51:d9:31:94:d4:4e: 03:82:27:09:5b:c4:34:d4:14:e2:0d:a1:7e:b8:5b: 1a:13:ff:32:4e:44:6d:d6:94:1e:54:92:5f:d9:4c: 5e:51:5c:20:2d:2c:43:00:79:a0:d0:81:3e:4a:95: 1c:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:68:97:9A:6B:44:EF:C6:84:3C:FF:93:D1:7F:30:B9:8A:AD:9E:CE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS149925.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.115.20.0/24 IPv6: 2001:df2:7a40::/48 Signature Algorithm: sha256WithRSAEncryption 85:65:11:c9:87:a1:6b:98:91:cf:c0:7f:de:88:ef:90:38:13: c9:87:d4:06:cb:7e:71:85:4a:d6:0f:57:5e:ee:93:6f:05:95: 37:ec:d2:e5:9f:f2:fd:9c:be:72:bb:3a:51:27:c0:b7:5d:4c: 20:60:b7:05:d1:a8:41:8b:53:fa:96:56:38:60:09:a5:f8:b2: 09:65:3f:8c:03:04:ff:37:51:d7:7b:40:a3:b0:57:62:c9:8a: 26:da:19:63:25:08:2a:38:46:15:88:39:b0:a5:d0:af:42:95: ba:ac:4e:61:ee:5a:54:a7:08:54:2e:e3:2a:38:99:35:6f:c6: 2a:19:ab:94:41:db:28:71:b9:7b:88:f4:e4:f4:16:ac:24:ce: 31:6a:05:48:f3:b6:8f:73:7d:e2:f0:38:82:7b:8c:5f:8e:e1: 78:00:fe:cf:12:01:90:40:43:2a:db:27:fd:35:19:e7:eb:59: a4:08:27:fe:86:1d:18:ab:4e:c6:a2:d0:15:69:99:e8:4b:b6: 09:2f:39:5c:86:81:54:3d:78:47:d0:ad:5c:ec:0e:92:06:e7: 98:f8:6f:fc:35:9a:fa:49:2f:c8:17:12:1b:2a:9b:30:d8:c0: 3a:d5:80:29:e5:00:13:23:a6:8e:09:a0:cd:7f:64:a7:24:e9: d4:f8:d8:67 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUBb0bM4yGO6XLLywQnzloudm+R7IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMyNjA2NTUwMFoX DTI2MDMyNTA3MDAwMFowMzExMC8GA1UEAxMoM0I2ODk3OUE2QjQ0RUZDNjg0M0NG RjkzRDE3RjMwQjk4QUFEOUVDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMxrdsEHLectpMeqShiyvwFS6Jsunbuti6XAYywUbUNSPi0CMcuSdgRWFSZj HkUXsKWu8dPlBGLR+v9z7IK50aJ1aFTPlZ3ltHAWOFe2AvMAtBCjXBp04jKjWcVe Yk3PAE2TOxi7jERSlhq060knVLHwKQ5wITdBjBhLUSvphjeJaeEyBENdo7VS6OqC NGye1rkLI1UU1CxaXvByUO/gYQaTjE/Jmpf2PQTXvRqZ2mPk5o9JhBNUL5MrTivR qo3EBjllLAcKI4mKAzEJUdkxlNROA4InCVvENNQU4g2hfrhbGhP/Mk5EbdaUHlSS X9lMXlFcIC0sQwB5oNCBPkqVHNsCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQ7aJea a0TvxoQ8/5PRfzC5iq2ezjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0OTkyNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGdzFDAPBAIAAjAJAwcAIAEN8npAMA0GCSqGSIb3DQEBCwUAA4IB AQCFZRHJh6FrmJHPwH/eiO+QOBPJh9QGy35xhUrWD1de7pNvBZU37NLln/L9nL5y uzpRJ8C3XUwgYLcF0ahBi1P6llY4YAml+LIJZT+MAwT/N1HXe0CjsFdiyYom2hlj JQgqOEYViDmwpdCvQpW6rE5h7lpUpwhULuMqOJk1b8YqGauUQdsocbl7iPTk9Bas JM4xagVI87aPc33i8DiCe4xfjuF4AP7PEgGQQEMq2yf9NRnn61mkCCf+hh0Yq07G otAVaZnoS7YJLzlchoFUPXhH0K1c7A6SBueY+G/8NZr6SS/IFxIbKpsw2MA61YAp 5QATI6aOCaDNf2SnJOnU+Nhn -----END CERTIFICATE-----Generated at Sat Apr 5 06:24:03 2025 by rpki-client