$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151006.roa File: AS151006.roa (raw, json) Hash identifier: 53pB+YkGirS6+GC6rhtZRwZ7m19xrfgQbnk2nJgwGoE= Subject key identifier: 36:57:EE:1D:B9:38:C6:F7:E7:2C:65:DB:B7:15:80:87:F2:E9:3C:60 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 13D73851FFD4571B9E0235A9553831774094E31D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151006.roa Signing time: Thu 29 May 2025 09:00:00 +0000 ROA not before: Thu 29 May 2025 08:55:00 +0000 ROA not after: Thu 28 May 2026 09:00:00 +0000 asID: 151006 IP address blocks: 103.203.234.0/24 maxlen: 24 2001:df3:a40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:d7:38:51:ff:d4:57:1b:9e:02:35:a9:55:38:31:77:40:94:e3:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 29 08:55:00 2025 GMT Not After : May 28 09:00:00 2026 GMT Subject: CN=3657EE1DB938C6F7E72C65DBB7158087F2E93C60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ea:70:d4:bf:a0:cc:b5:5c:70:f4:5d:ed:58: bd:24:f4:e6:f6:f6:0e:56:d9:53:e8:f8:41:4c:e7: 69:1f:d5:68:a5:e5:f5:06:98:a9:9d:a5:65:d4:ef: a9:f8:a0:c3:99:09:53:06:51:89:c7:e3:df:4e:5c: 19:f4:f6:f3:ab:40:d6:d1:c0:6c:5f:80:16:47:40: 07:0b:dc:b4:d0:4e:f9:65:e7:3b:af:95:21:bd:c2: d8:af:52:52:d9:e2:5f:7a:89:4e:67:8a:c3:94:1b: df:16:82:48:5f:d5:5c:7c:94:b3:25:1e:79:36:e7: bd:a0:9c:43:30:3c:3e:a2:7c:2e:c6:1f:89:5a:67: 49:38:e2:b4:99:25:52:34:bd:1a:0a:08:c4:ca:38: 69:e3:61:85:46:b1:63:d4:92:e5:27:e1:2a:05:2d: d4:5c:c9:93:01:ed:88:6f:ad:e4:7b:b6:20:04:fe: 04:4b:e1:42:35:df:6a:a0:09:5b:8c:d6:01:cf:0f: 85:4d:e4:02:f0:5f:a7:24:a7:7a:b9:73:14:df:79: 0b:44:f5:22:a9:a1:0b:3c:3d:47:d4:ed:bc:2d:90: 64:64:c0:ff:cb:a8:19:40:d0:1b:23:9e:00:02:00: 50:8a:cc:86:03:14:79:b3:5e:fd:53:50:47:36:67: e8:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:57:EE:1D:B9:38:C6:F7:E7:2C:65:DB:B7:15:80:87:F2:E9:3C:60 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151006.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.203.234.0/24 IPv6: 2001:df3:a40::/48 Signature Algorithm: sha256WithRSAEncryption 8e:b5:ef:27:4b:af:7a:3b:9e:16:3c:72:73:ea:83:3c:3d:be: 3c:1b:d7:c4:e6:ef:41:62:a2:a3:0d:e0:2f:75:1f:27:dc:bb: 1c:42:2a:24:33:ea:92:67:0b:53:9a:ec:fe:16:3b:d1:18:4a: c8:5e:f8:18:ce:6c:4b:fc:10:51:74:2c:47:bc:b8:55:bd:81: cd:2a:9a:c4:24:f0:95:e6:2b:8b:7d:3e:3a:88:f0:1e:cf:bc: d2:57:11:11:05:aa:39:3f:db:3c:51:de:e0:8e:d7:5a:90:27: 28:37:1f:92:57:2b:a3:21:d1:ed:30:81:de:12:58:fc:31:a4: d0:53:1e:1d:9c:9d:33:6e:13:16:fb:9f:ff:e7:3f:fe:1b:df: bf:72:ea:b7:46:37:de:0a:96:a2:95:e2:d2:66:50:59:4c:8d: 93:c2:bb:3b:98:00:e9:e9:11:30:25:11:9a:c2:be:c1:12:85: 02:c8:4d:52:8a:e9:39:62:a2:e3:2e:12:67:59:27:a1:e9:25: 94:0d:e3:0e:17:46:32:1b:9c:76:73:a8:46:70:f3:a5:3e:c8: 38:83:78:50:54:3d:41:b2:4c:2d:bd:80:aa:7d:8f:64:be:eb: 60:59:98:e6:88:55:15:ee:4a:68:bc:ec:38:da:69:29:de:8a: 49:71:31:c3 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUE9c4Uf/UVxueAjWpVTgxd0CU4x0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyOTA4NTUwMFoX DTI2MDUyODA5MDAwMFowMzExMC8GA1UEAxMoMzY1N0VFMURCOTM4QzZGN0U3MkM2 NURCQjcxNTgwODdGMkU5M0M2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ3qcNS/oMy1XHD0Xe1YvST05vb2DlbZU+j4QUznaR/VaKXl9QaYqZ2lZdTv qfigw5kJUwZRicfj305cGfT286tA1tHAbF+AFkdABwvctNBO+WXnO6+VIb3C2K9S UtniX3qJTmeKw5Qb3xaCSF/VXHyUsyUeeTbnvaCcQzA8PqJ8LsYfiVpnSTjitJkl UjS9GgoIxMo4aeNhhUaxY9SS5SfhKgUt1FzJkwHtiG+t5Hu2IAT+BEvhQjXfaqAJ W4zWAc8PhU3kAvBfpySnerlzFN95C0T1IqmhCzw9R9TtvC2QZGTA/8uoGUDQGyOe AAIAUIrMhgMUebNe/VNQRzZn6AUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQ2V+4d uTjG9+csZdu3FYCH8uk8YDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTAwNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGfL6jAPBAIAAjAJAwcAIAEN8wpAMA0GCSqGSIb3DQEBCwUAA4IB AQCOte8nS696O54WPHJz6oM8Pb48G9fE5u9BYqKjDeAvdR8n3LscQiokM+qSZwtT muz+FjvRGErIXvgYzmxL/BBRdCxHvLhVvYHNKprEJPCV5iuLfT46iPAez7zSVxER Bao5P9s8Ud7gjtdakCcoNx+SVyujIdHtMIHeElj8MaTQUx4dnJ0zbhMW+5//5z/+ G9+/cuq3RjfeCpaileLSZlBZTI2Twrs7mADp6REwJRGawr7BEoUCyE1Siuk5YqLj LhJnWSeh6SWUDeMOF0YyG5x2c6hGcPOlPsg4g3hQVD1BskwtvYCqfY9kvutgWZjm iFUV7kpovOw42mkp3opJcTHD -----END CERTIFICATE-----Generated at Tue Jun 3 23:14:06 2025 by rpki-client