$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151596.roa File: AS151596.roa (raw, json) Hash identifier: QUpf6+DWIoinWC1ystEn7YSAMrMCLsJG9y7szwtRXdM= Subject key identifier: 93:D6:EE:48:09:F3:50:E6:3B:33:6E:97:6A:89:43:F5:F6:B5:A0:61 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 70ACD0EA21B06E5D51CEB295F0F39BA30931609E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151596.roa Signing time: Tue 02 Sep 2025 08:00:00 +0000 ROA not before: Tue 02 Sep 2025 07:55:00 +0000 ROA not after: Tue 01 Sep 2026 08:00:00 +0000 asID: 151596 IP address blocks: 103.240.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 17:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:ac:d0:ea:21:b0:6e:5d:51:ce:b2:95:f0:f3:9b:a3:09:31:60:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 2 07:55:00 2025 GMT Not After : Sep 1 08:00:00 2026 GMT Subject: CN=93D6EE4809F350E63B336E976A8943F5F6B5A061 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ee:6d:29:14:81:77:e2:a4:09:a2:b1:b7:6c: 9d:82:4e:05:3e:53:a5:02:97:c7:88:1b:cd:46:86: b9:74:ff:a0:2d:21:14:f2:59:79:d1:2d:a3:94:cd: 79:71:6f:d2:18:d9:7c:31:fd:ff:9c:b7:78:64:2e: 03:8c:43:fb:7f:99:1d:96:73:3c:ab:c4:ba:07:be: a4:63:a3:91:2b:e9:86:0f:82:ec:c1:d4:fa:e4:0c: 2a:72:1e:c4:80:36:38:f3:9c:cd:7d:5f:21:54:ff: 36:16:0a:cd:4b:22:36:f8:e6:d6:72:67:66:58:39: 2c:2b:dd:c4:3f:7c:9a:4a:dd:89:db:ca:65:f7:f5: 2d:c3:e8:d6:20:74:a4:02:df:5b:d0:bd:04:db:91: 61:20:b3:99:c0:83:b7:c1:2d:b8:b9:da:f9:7b:b5: 75:20:aa:81:12:f5:35:81:f1:ce:53:d0:08:95:77: 78:a8:cb:36:a1:8b:1d:aa:d9:80:38:fe:08:b2:b8: 14:57:87:a0:e7:e1:51:5f:79:f4:f0:fb:37:ec:d0: 0c:a4:de:12:8a:2c:62:13:66:26:f9:41:d1:94:7c: 8f:42:00:a0:27:93:a6:42:27:c1:4a:fd:46:5c:37: dc:30:ad:e3:96:fc:e6:85:35:8f:ae:61:3d:eb:8e: d5:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:D6:EE:48:09:F3:50:E6:3B:33:6E:97:6A:89:43:F5:F6:B5:A0:61 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151596.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.240.0.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:87:00:a8:df:d7:da:47:7f:9e:a6:31:c3:db:6b:8c:b6:1d: ae:3c:1c:b2:4d:bb:b8:df:e1:cc:a9:6b:4d:47:98:b8:f2:c7: 83:66:32:15:a8:58:ed:f7:f1:21:ec:d9:6a:61:49:1f:e8:28: 26:68:9f:34:e0:ba:bc:a2:3b:bd:d4:8f:2a:e0:8a:93:5c:00: d6:8f:d7:9f:89:01:2b:51:f0:54:b6:a1:67:f4:c1:71:ae:14: 35:7a:bd:59:bb:a6:07:bf:2d:2e:b7:bf:8f:d4:ed:62:b2:d0: 43:c4:79:87:4d:3c:f8:4d:1b:e3:15:3f:33:35:55:5f:5b:c7: 0b:c0:b4:d0:7d:d3:07:52:57:b5:1b:5d:83:fb:80:b7:0b:55: f5:1b:c9:b8:b9:db:34:eb:15:8a:48:55:0a:57:aa:42:e1:c4: 05:68:32:57:08:dd:84:a1:a7:21:a3:55:08:bc:04:a9:1b:19: cf:c3:cc:5c:9d:76:05:e3:25:d5:d5:67:1a:18:4f:0a:11:0a: 84:7b:c1:0f:4f:85:ee:ea:0b:25:9d:0f:15:26:60:9c:fc:62: 4f:79:04:07:1d:22:e9:6d:1d:57:69:44:7e:02:e3:1d:fa:c8: 92:68:a7:bc:e4:18:74:8e:9b:b0:bd:5a:b2:f1:6c:73:56:b8: f6:0c:e5:3e -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUcKzQ6iGwbl1RzrKV8PObowkxYJ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwMjA3NTUwMFoX DTI2MDkwMTA4MDAwMFowMzExMC8GA1UEAxMoOTNENkVFNDgwOUYzNTBFNjNCMzM2 RTk3NkE4OTQzRjVGNkI1QTA2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHubSkUgXfipAmisbdsnYJOBT5TpQKXx4gbzUaGuXT/oC0hFPJZedEto5TN eXFv0hjZfDH9/5y3eGQuA4xD+3+ZHZZzPKvEuge+pGOjkSvphg+C7MHU+uQMKnIe xIA2OPOczX1fIVT/NhYKzUsiNvjm1nJnZlg5LCvdxD98mkrdidvKZff1LcPo1iB0 pALfW9C9BNuRYSCzmcCDt8EtuLna+Xu1dSCqgRL1NYHxzlPQCJV3eKjLNqGLHarZ gDj+CLK4FFeHoOfhUV959PD7N+zQDKTeEoosYhNmJvlB0ZR8j0IAoCeTpkInwUr9 Rlw33DCt45b85oU1j65hPeuO1fECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBST1u5I CfNQ5jszbpdqiUP19rWgYTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTU5Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGfwADANBgkqhkiG9w0BAQsFAAOCAQEAi4cAqN/X2kd/nqYxw9tr jLYdrjwcsk27uN/hzKlrTUeYuPLHg2YyFahY7ffxIezZamFJH+goJmifNOC6vKI7 vdSPKuCKk1wA1o/Xn4kBK1HwVLahZ/TBca4UNXq9WbumB78tLre/j9TtYrLQQ8R5 h008+E0b4xU/MzVVX1vHC8C00H3TB1JXtRtdg/uAtwtV9RvJuLnbNOsVikhVCleq QuHEBWgyVwjdhKGnIaNVCLwEqRsZz8PMXJ12BeMl1dVnGhhPChEKhHvBD0+F7uoL JZ0PFSZgnPxiT3kEBx0i6W0dV2lEfgLjHfrIkminvOQYdI6bsL1asvFsc1a49gzl Pg== -----END CERTIFICATE-----Generated at Fri Sep 5 10:10:38 2025 by rpki-client