$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152019.roa File: AS152019.roa (raw, json) Hash identifier: R5NT0W9AkqO6J8LyzaclshQGz/oFLjYYRRdbKXHRlT8= Subject key identifier: 6A:48:F9:33:9D:99:04:79:D1:C6:67:17:30:7B:EA:87:F2:32:BF:81 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 76D786CDB2E0C3F30D921BF14AE1BA96D9C86A55 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152019.roa Signing time: Wed 25 Dec 2024 04:00:05 +0000 ROA not before: Wed 25 Dec 2024 03:55:05 +0000 ROA not after: Wed 24 Dec 2025 04:00:05 +0000 asID: 152019 IP address blocks: 180.131.130.0/24 maxlen: 24 2001:df3:6340::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:d7:86:cd:b2:e0:c3:f3:0d:92:1b:f1:4a:e1:ba:96:d9:c8:6a:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 25 03:55:05 2024 GMT Not After : Dec 24 04:00:05 2025 GMT Subject: CN=6A48F9339D990479D1C66717307BEA87F232BF81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:0f:12:25:24:66:ef:ce:4a:a6:86:c1:8f:58: be:49:4d:25:fc:43:d7:6b:2d:7a:b1:ca:fd:4b:ab: 57:3a:89:df:60:0c:35:e0:ac:00:62:73:b6:95:67: b5:57:11:2c:77:0b:de:a7:18:9d:90:d3:3e:a0:dd: e3:0d:5c:ad:4c:f2:98:67:d0:bf:ff:b1:68:9a:6e: a1:a3:e4:a8:bb:02:59:2d:72:41:08:d2:b9:f4:4e: f9:40:18:a6:f2:b2:45:9a:c9:10:73:c1:af:2c:1c: 8f:ad:42:06:e9:ed:94:a6:9c:ec:63:b4:33:26:c1: fd:19:37:00:31:76:08:dd:0b:a6:81:4b:d0:d5:c8: 6f:ec:ae:f6:35:f4:4e:9b:54:86:ea:a8:e0:2e:58: bf:d4:5b:17:70:3f:e6:0a:c1:c5:0f:0e:4c:17:b0: ef:a3:a3:6d:67:bb:d4:c4:6f:21:90:4a:5d:11:f7: e2:21:c1:7d:6c:78:b8:09:a0:d4:1b:48:a0:55:16: 33:c4:2e:42:ea:a8:98:2e:22:85:41:97:18:0b:35: f8:8b:d2:9d:3e:96:5a:87:b9:6f:b8:80:b2:b4:99: d6:3c:d1:f5:42:35:77:b5:00:e2:c6:7e:bb:22:8a: 78:de:99:05:a7:91:ae:15:64:fc:76:21:19:2d:94: 44:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:48:F9:33:9D:99:04:79:D1:C6:67:17:30:7B:EA:87:F2:32:BF:81 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152019.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 180.131.130.0/24 IPv6: 2001:df3:6340::/48 Signature Algorithm: sha256WithRSAEncryption 17:d1:ae:54:a1:2e:de:62:1b:07:8c:f9:09:b6:4f:3c:a7:ad: c9:fc:24:8f:a5:83:d6:91:80:be:97:bd:3f:1f:6e:d9:c8:e8: d2:07:ee:e6:d7:eb:c7:a4:9b:a2:55:98:47:de:c4:8f:fa:71: 12:ab:d4:4c:0a:7a:8f:4c:35:7b:39:48:c8:f4:2a:1d:82:ee: ab:ed:f2:47:80:22:4d:21:87:39:4d:bc:2d:a9:d2:d7:e0:74: ec:09:12:37:9c:07:63:61:57:6c:1a:44:d8:74:fa:9c:e6:6e: 83:98:eb:df:1a:45:f6:9b:ac:71:61:71:e6:79:f8:0b:f6:a7: da:a6:1d:d7:72:33:4d:d9:e1:3a:f0:55:82:a6:7c:26:e4:c8: 69:df:27:7d:f1:6c:cd:a6:1c:cc:f6:d8:50:26:b2:b7:71:44: 91:5d:3b:0e:c8:73:6a:58:0d:e5:8a:7b:a7:ce:8b:cb:61:31: 3c:e1:36:97:5b:66:94:28:d4:7e:97:0e:26:0f:93:22:aa:c8: 63:cd:ad:36:8e:76:48:05:d7:d4:52:0c:09:e5:de:e2:cd:05: ae:e3:ee:9f:c8:3d:c6:d6:dd:8c:82:2e:6e:f4:0b:6a:da:3f: f3:4e:e5:82:c7:b4:b7:48:15:0d:57:da:a8:41:7e:cc:c7:8f: 96:28:c7:06 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUdteGzbLgw/MNkhvxSuG6ltnIalUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIyNTAzNTUwNVoX DTI1MTIyNDA0MDAwNVowMzExMC8GA1UEAxMoNkE0OEY5MzM5RDk5MDQ3OUQxQzY2 NzE3MzA3QkVBODdGMjMyQkY4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKkPEiUkZu/OSqaGwY9YvklNJfxD12sterHK/UurVzqJ32AMNeCsAGJztpVn tVcRLHcL3qcYnZDTPqDd4w1crUzymGfQv/+xaJpuoaPkqLsCWS1yQQjSufRO+UAY pvKyRZrJEHPBrywcj61CBuntlKac7GO0MybB/Rk3ADF2CN0LpoFL0NXIb+yu9jX0 TptUhuqo4C5Yv9RbF3A/5grBxQ8OTBew76OjbWe71MRvIZBKXRH34iHBfWx4uAmg 1BtIoFUWM8QuQuqomC4ihUGXGAs1+IvSnT6WWoe5b7iAsrSZ1jzR9UI1d7UA4sZ+ uyKKeN6ZBaeRrhVk/HYhGS2URC8CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRqSPkz nZkEedHGZxcwe+qH8jK/gTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAxOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEALSDgjAPBAIAAjAJAwcAIAEN82NAMA0GCSqGSIb3DQEBCwUAA4IB AQAX0a5UoS7eYhsHjPkJtk88p63J/CSPpYPWkYC+l70/H27ZyOjSB+7m1+vHpJui VZhH3sSP+nESq9RMCnqPTDV7OUjI9Codgu6r7fJHgCJNIYc5TbwtqdLX4HTsCRI3 nAdjYVdsGkTYdPqc5m6DmOvfGkX2m6xxYXHmefgL9qfaph3XcjNN2eE68FWCpnwm 5Mhp3yd98WzNphzM9thQJrK3cUSRXTsOyHNqWA3linunzovLYTE84TaXW2aUKNR+ lw4mD5Miqshjza02jnZIBdfUUgwJ5d7izQWu4+6fyD3G1t2Mgi5u9Atq2j/zTuWC x7S3SBUNV9qoQX7Mx4+WKMcG -----END CERTIFICATE-----Generated at Sat Apr 5 06:29:44 2025 by rpki-client