$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152044.roa File: AS152044.roa (raw, json) Hash identifier: zXxGybG8WZtEpLzDkB7+8lVyzbnDENf72/M07aDETEc= Subject key identifier: CF:49:C8:29:05:9B:B6:81:17:B8:EE:EF:16:84:AE:97:6C:E1:E3:0F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5720A43934E9EC359F94422EE983786A78A544C4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152044.roa Signing time: Wed 15 Jan 2025 03:47:28 +0000 ROA not before: Wed 15 Jan 2025 03:42:28 +0000 ROA not after: Wed 14 Jan 2026 03:47:28 +0000 asID: 152044 IP address blocks: 115.187.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:20:a4:39:34:e9:ec:35:9f:94:42:2e:e9:83:78:6a:78:a5:44:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 15 03:42:28 2025 GMT Not After : Jan 14 03:47:28 2026 GMT Subject: CN=CF49C829059BB68117B8EEEF1684AE976CE1E30F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:22:99:d2:b4:85:fb:7d:af:53:03:70:95:01: 73:99:72:dc:c8:8a:83:7a:b4:a2:7d:e9:e3:ba:7e: 73:e1:ff:60:3b:af:b9:a8:29:4c:60:a9:26:16:ab: 4a:c1:e2:a8:e3:11:a3:ee:35:27:b2:f5:40:7b:73: bc:ae:d5:d8:4f:b1:ff:e7:c8:62:e3:25:ed:b4:1d: 64:90:e8:01:d9:77:df:ac:55:45:35:0b:22:f2:7a: f8:0f:20:25:ea:2a:ac:22:ca:a6:22:b1:fe:02:1f: 41:7f:fc:45:38:60:7f:96:3d:7b:47:08:77:ca:2d: e6:35:01:d4:ea:fb:58:6f:03:9d:8d:97:94:6b:14: 4a:e8:e9:cc:5a:db:6e:4a:0c:fd:2b:ba:22:6a:50: 8c:a6:09:8b:e8:83:9a:8a:98:a0:a4:e6:27:b1:12: 61:0f:82:c6:87:13:3e:32:52:c3:a6:be:38:67:9d: 94:14:10:02:d3:fb:dd:cd:74:0a:0b:bc:8a:86:30: d6:c0:99:0c:10:a9:b8:a0:e2:f5:22:10:99:78:71: 81:19:aa:1f:5f:7a:bf:1b:65:95:6e:ab:06:0c:cd: d4:a7:f0:10:27:59:ae:79:42:74:b1:1c:69:35:8b: d8:79:97:45:e6:45:aa:41:9b:0d:c1:25:e6:a9:0a: c2:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:49:C8:29:05:9B:B6:81:17:B8:EE:EF:16:84:AE:97:6C:E1:E3:0F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152044.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 115.187.23.0/24 Signature Algorithm: sha256WithRSAEncryption 06:58:81:de:58:31:10:4e:56:fa:69:5c:14:1b:ee:77:4d:4e: 61:61:cd:d4:06:5c:b7:57:a2:b3:78:b9:8e:f9:f3:e7:c1:16: 41:34:c5:e0:58:6d:c0:1e:18:c0:37:66:78:b0:83:33:a4:d0: cd:66:ca:19:09:29:65:f9:41:76:31:64:d3:66:e0:2f:c2:b3: 3c:2f:6d:ff:f4:fb:94:58:e1:53:10:40:b8:5f:45:f9:b1:3e: 96:d4:0f:1f:4a:83:d9:16:67:57:54:68:06:6b:b8:57:7b:94: a5:9d:32:4b:3a:32:c3:b7:00:d5:e7:ef:84:a6:e3:c0:eb:1b: da:2d:f6:f8:1b:f0:61:4a:4b:5b:2a:fa:97:bf:57:a6:51:e3: 00:61:c1:8a:73:08:4f:4c:e9:ea:2d:d7:f5:80:c0:4d:35:15: 59:83:1f:25:7b:a1:f8:fd:fd:b7:ed:bb:18:8d:e0:1e:e6:a2: fa:fa:1a:2b:c7:a3:d6:cd:a1:58:7a:b7:7e:a3:12:2b:01:cc: 7e:bd:cb:34:3c:f1:81:17:6b:62:23:f8:31:99:72:c3:b6:0c: 6f:b1:4c:1b:e8:2a:1a:80:de:f4:52:07:b4:fd:f4:9f:f4:fd: f9:c0:f2:61:71:17:08:2c:4b:c3:6f:8e:13:a3:3e:59:4a:07: b2:fb:50:e0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUVyCkOTTp7DWflEIu6YN4anilRMQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDExNTAzNDIyOFoX DTI2MDExNDAzNDcyOFowMzExMC8GA1UEAxMoQ0Y0OUM4MjkwNTlCQjY4MTE3QjhF RUVGMTY4NEFFOTc2Q0UxRTMwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMcimdK0hft9r1MDcJUBc5ly3MiKg3q0on3p47p+c+H/YDuvuagpTGCpJhar SsHiqOMRo+41J7L1QHtzvK7V2E+x/+fIYuMl7bQdZJDoAdl336xVRTULIvJ6+A8g JeoqrCLKpiKx/gIfQX/8RThgf5Y9e0cId8ot5jUB1Or7WG8DnY2XlGsUSujpzFrb bkoM/Su6ImpQjKYJi+iDmoqYoKTmJ7ESYQ+CxocTPjJSw6a+OGedlBQQAtP73c10 Cgu8ioYw1sCZDBCpuKDi9SIQmXhxgRmqH196vxtllW6rBgzN1KfwECdZrnlCdLEc aTWL2HmXReZFqkGbDcEl5qkKwtMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTPScgp BZu2gRe47u8WhK6XbOHjDzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjA0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAHO7FzANBgkqhkiG9w0BAQsFAAOCAQEABliB3lgxEE5W+mlcFBvu d01OYWHN1AZct1eis3i5jvnz58EWQTTF4FhtwB4YwDdmeLCDM6TQzWbKGQkpZflB djFk02bgL8KzPC9t//T7lFjhUxBAuF9F+bE+ltQPH0qD2RZnV1RoBmu4V3uUpZ0y Szoyw7cA1efvhKbjwOsb2i32+BvwYUpLWyr6l79XplHjAGHBinMIT0zp6i3X9YDA TTUVWYMfJXuh+P39t+27GI3gHuai+voaK8ej1s2hWHq3fqMSKwHMfr3LNDzxgRdr YiP4MZlyw7YMb7FMG+gqGoDe9FIHtP30n/T9+cDyYXEXCCxLw2+OE6M+WUoHsvtQ 4A== -----END CERTIFICATE-----Generated at Sat Apr 5 06:20:33 2025 by rpki-client