$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa File: AS150191.roa (raw, json) Hash identifier: RCC6i82kdR/ZaIqgTOz33m9Z/Z3UeXmsQa+uC6oG/Ts= Subject key identifier: DE:7A:96:2B:AC:73:D3:74:00:76:F1:46:C1:E3:6A:0C:9D:14:90:E5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 43E336F647A9D8B9827CE9F7A884E71CB6CAD65C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa Signing time: Tue 20 May 2025 07:00:00 +0000 ROA not before: Tue 20 May 2025 06:55:00 +0000 ROA not after: Tue 19 May 2026 07:00:00 +0000 asID: 150191 IP address blocks: 103.152.21.0/24 maxlen: 24 2001:df2:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:e3:36:f6:47:a9:d8:b9:82:7c:e9:f7:a8:84:e7:1c:b6:ca:d6:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 20 06:55:00 2025 GMT Not After : May 19 07:00:00 2026 GMT Subject: CN=DE7A962BAC73D3740076F146C1E36A0C9D1490E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:47:3c:86:51:8a:c3:77:17:cc:70:c9:db:56: ee:43:12:f6:0f:b8:9b:fe:85:30:05:38:1b:41:c5: 75:44:e5:c9:a2:5f:a9:db:5b:30:33:12:8a:27:c7: 90:c9:f2:0e:d5:47:b8:f1:c2:a8:6a:fc:c5:41:a7: 6a:2e:71:04:01:be:b1:5b:f5:d4:4c:a3:61:05:c9: 57:4b:99:26:77:28:ec:81:ac:0c:b1:8e:2b:98:86: 35:88:5d:79:e6:ec:4c:22:7e:01:6a:6c:a6:3c:f0: 61:53:67:4c:98:26:f5:15:2c:a7:03:19:34:45:78: 41:13:35:c6:5f:37:69:5e:8b:eb:b6:de:e2:90:61: 25:b7:97:87:bb:7a:77:3f:24:71:84:4c:46:6d:be: a9:ca:4c:ee:a8:61:44:21:67:a9:b2:69:d9:de:d8: a2:fb:0d:cf:18:f8:20:b1:48:84:c6:31:ec:94:56: e4:2b:e4:0f:5b:24:50:f9:93:e4:44:0b:56:a0:09: 3d:ff:77:78:cf:fa:07:ed:ea:d9:b1:f1:d9:2a:f5: ed:dc:41:5c:45:c3:20:51:a8:94:93:81:8f:f6:ad: 41:00:5d:80:f1:fd:49:f0:3d:15:b1:a3:5d:48:04: 2d:ee:b8:05:99:6d:1f:c5:2c:71:f4:3c:a7:fa:93: f1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:7A:96:2B:AC:73:D3:74:00:76:F1:46:C1:E3:6A:0C:9D:14:90:E5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS150191.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.21.0/24 IPv6: 2001:df2:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 5d:c3:59:e6:3a:18:99:c8:cb:94:b4:0d:12:89:d1:71:4b:e3: 52:93:59:18:e8:7c:11:f0:80:e0:37:4f:ea:58:b1:5f:45:81: ac:6a:f9:55:b9:45:1d:a6:4a:6c:2a:17:bf:d5:ba:79:d5:9d: ea:3d:94:72:59:5d:3d:07:4e:fa:8e:60:b7:04:0a:fd:0b:64: 08:74:13:fa:3a:c4:69:60:47:80:a1:2b:0d:1e:e7:a7:52:8a: b4:d2:95:52:d0:c3:43:dd:20:50:ca:6f:7d:30:c7:e3:6f:f2: c9:0f:18:82:a1:f1:31:10:8e:4e:64:96:82:e1:fc:eb:0a:07: 58:24:33:c6:cf:12:7d:78:e9:77:65:35:33:29:b9:7e:77:07: fb:ac:b6:b5:80:be:1c:23:91:62:c2:5f:c7:dd:45:73:4c:6c: 27:df:6f:95:d6:69:3c:70:6d:2e:43:80:e9:1e:dc:8c:e6:24: 4d:8c:7f:b5:a5:82:b9:67:72:0f:0c:03:5a:37:e6:e9:93:04: c5:a7:8c:06:93:a1:e4:99:83:50:f9:b8:e9:02:db:c3:49:e6: 6d:8d:df:5c:4d:a7:6b:71:94:29:0a:0c:05:6e:17:c3:be:1c: cd:e6:7e:b8:eb:5f:92:29:dc:26:78:2b:2c:83:01:90:bb:40: 68:5a:ed:db -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUQ+M29kep2LmCfOn3qITnHLbK1lwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyMDA2NTUwMFoX DTI2MDUxOTA3MDAwMFowMzExMC8GA1UEAxMoREU3QTk2MkJBQzczRDM3NDAwNzZG MTQ2QzFFMzZBMEM5RDE0OTBFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5HPIZRisN3F8xwydtW7kMS9g+4m/6FMAU4G0HFdUTlyaJfqdtbMDMSiifH kMnyDtVHuPHCqGr8xUGnai5xBAG+sVv11EyjYQXJV0uZJnco7IGsDLGOK5iGNYhd eebsTCJ+AWpspjzwYVNnTJgm9RUspwMZNEV4QRM1xl83aV6L67be4pBhJbeXh7t6 dz8kcYRMRm2+qcpM7qhhRCFnqbJp2d7YovsNzxj4ILFIhMYx7JRW5CvkD1skUPmT 5EQLVqAJPf93eM/6B+3q2bHx2Sr17dxBXEXDIFGolJOBj/atQQBdgPH9SfA9FbGj XUgELe64BZltH8UscfQ8p/qT8UcCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBTeepYr rHPTdAB28UbB42oMnRSQ5TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MDE5MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGeYFTAPBAIAAjAJAwcAIAEN8l3AMA0GCSqGSIb3DQEBCwUAA4IB AQBdw1nmOhiZyMuUtA0SidFxS+NSk1kY6HwR8IDgN0/qWLFfRYGsavlVuUUdpkps Khe/1bp51Z3qPZRyWV09B076jmC3BAr9C2QIdBP6OsRpYEeAoSsNHuenUoq00pVS 0MND3SBQym99MMfjb/LJDxiCofExEI5OZJaC4fzrCgdYJDPGzxJ9eOl3ZTUzKbl+ dwf7rLa1gL4cI5Fiwl/H3UVzTGwn32+V1mk8cG0uQ4DpHtyM5iRNjH+1pYK5Z3IP DANaN+bpkwTFp4wGk6HkmYNQ+bjpAtvDSeZtjd9cTadrcZQpCgwFbhfDvhzN5n64 61+SKdwmeCssgwGQu0BoWu3b -----END CERTIFICATE-----Generated at Tue Jun 3 23:15:05 2025 by rpki-client