$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa File: AS152373.roa (raw, json) Hash identifier: CYfaBOI+kaIxWpM/FTCoDfwFP5A9vk7jQUOL/tIBq6o= Subject key identifier: 90:86:1D:28:A0:E7:75:9C:EC:49:4D:D7:51:6E:F6:F1:BC:E0:67:D3 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 19EC82E67A951B28EA0FF8F40B5D879DAE2EC430 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa Signing time: Wed 19 Feb 2025 05:00:00 +0000 ROA not before: Wed 19 Feb 2025 04:55:00 +0000 ROA not after: Wed 18 Feb 2026 05:00:00 +0000 asID: 152373 IP address blocks: 2001:df3:72c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:ec:82:e6:7a:95:1b:28:ea:0f:f8:f4:0b:5d:87:9d:ae:2e:c4:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 19 04:55:00 2025 GMT Not After : Feb 18 05:00:00 2026 GMT Subject: CN=90861D28A0E7759CEC494DD7516EF6F1BCE067D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1f:d8:a9:14:6a:b8:ab:26:b1:6c:f9:e7:6e: df:5e:d4:30:27:58:29:b9:01:ff:0e:62:5e:37:bf: b2:77:65:e5:09:12:c2:b0:5b:10:69:33:43:87:72: 7d:d9:38:d6:3e:a3:d6:51:e2:d1:3b:89:dd:53:d3: e9:61:8d:97:ab:15:bd:5f:5b:b2:75:a4:a5:06:72: 7c:a4:1f:eb:81:1b:e7:39:f0:18:8e:d4:19:fe:04: 42:27:86:88:a9:d7:20:4c:85:71:5e:52:73:cb:c6: 7b:80:02:cf:ec:85:55:00:4b:11:43:2b:06:17:98: d9:4e:6b:ce:7f:6b:ef:79:55:10:ab:90:62:6a:7f: 20:ef:0c:54:8e:e4:c1:96:3d:7e:59:28:55:bb:8f: a6:09:e1:da:fa:14:94:a4:8f:33:26:a6:b8:0e:ca: a4:8c:9e:8f:46:87:80:2f:ac:c1:f8:b3:a7:39:ce: 7c:b1:58:fb:c1:b2:72:c5:a9:74:17:23:1e:ef:4d: fd:3b:25:19:4b:b4:a5:72:21:3f:29:86:50:14:51: d0:76:07:34:f5:ab:12:21:21:9c:2e:7d:10:4e:07: 7e:38:db:b1:fa:3d:0f:c7:5d:86:7f:5c:98:de:47: d1:4a:f7:ce:e7:23:91:97:01:96:94:fc:be:31:a0: 67:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:86:1D:28:A0:E7:75:9C:EC:49:4D:D7:51:6E:F6:F1:BC:E0:67:D3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:72c0::/48 Signature Algorithm: sha256WithRSAEncryption 05:a3:d4:ad:54:29:6d:4d:ef:73:a3:3b:15:3f:79:e9:6a:bc: 43:ac:4f:ac:cd:d5:08:de:7f:f7:42:54:fd:49:85:45:16:70: d4:5f:39:9d:eb:95:8b:71:9a:1a:3c:41:39:04:2d:6e:e8:88: a1:ed:be:fd:2c:34:2b:50:35:a9:a3:59:a0:50:ea:44:cc:9c: 28:48:fa:40:62:e3:97:8c:bd:3a:b7:82:11:b6:be:56:78:05: fa:6c:c8:0e:ea:7a:84:4b:01:ee:ad:62:2b:1f:c6:c7:81:04: 0d:61:8f:ec:c9:cc:c0:dd:0a:d4:e5:1d:6a:7c:7e:bd:bb:af: 0d:50:11:30:11:1c:50:fe:62:4e:42:f9:99:54:09:28:8e:30: 0d:50:56:89:54:c0:e3:bd:34:cb:8d:96:ce:b8:35:47:1c:23: de:24:3a:0a:3f:36:da:d1:9c:62:a8:02:46:67:03:86:79:36: 62:7f:f9:13:88:45:cf:b4:65:c0:8e:80:54:37:4e:12:73:d2: 4e:47:a2:99:06:f7:b3:fb:c2:8b:66:ef:c4:4f:06:13:5a:2f: 73:1b:9d:8f:6b:27:ad:7f:3e:fe:ec:f4:a4:5d:89:c9:59:9a: 42:bb:92:a3:16:03:cb:8d:d1:7f:6c:7b:2d:7a:ea:01:91:7e: de:d2:64:37 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUGeyC5nqVGyjqD/j0C12Hna4uxDAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIxOTA0NTUwMFoX DTI2MDIxODA1MDAwMFowMzExMC8GA1UEAxMoOTA4NjFEMjhBMEU3NzU5Q0VDNDk0 REQ3NTE2RUY2RjFCQ0UwNjdEMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsf2KkUarirJrFs+edu317UMCdYKbkB/w5iXje/sndl5QkSwrBbEGkzQ4dy fdk41j6j1lHi0TuJ3VPT6WGNl6sVvV9bsnWkpQZyfKQf64Eb5znwGI7UGf4EQieG iKnXIEyFcV5Sc8vGe4ACz+yFVQBLEUMrBheY2U5rzn9r73lVEKuQYmp/IO8MVI7k wZY9flkoVbuPpgnh2voUlKSPMyamuA7KpIyej0aHgC+swfizpznOfLFY+8GycsWp dBcjHu9N/TslGUu0pXIhPymGUBRR0HYHNPWrEiEhnC59EE4Hfjjbsfo9D8ddhn9c mN5H0Ur3zucjkZcBlpT8vjGgZ/ECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSQhh0o oOd1nOxJTddRbvbxvOBn0zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNywDANBgkqhkiG9w0BAQsFAAOCAQEABaPUrVQpbU3vc6M7 FT956Wq8Q6xPrM3VCN5/90JU/UmFRRZw1F85neuVi3GaGjxBOQQtbuiIoe2+/Sw0 K1A1qaNZoFDqRMycKEj6QGLjl4y9OreCEba+VngF+mzIDup6hEsB7q1iKx/Gx4EE DWGP7MnMwN0K1OUdanx+vbuvDVARMBEcUP5iTkL5mVQJKI4wDVBWiVTA4700y42W zrg1Rxwj3iQ6Cj822tGcYqgCRmcDhnk2Yn/5E4hFz7RlwI6AVDdOEnPSTkeimQb3 s/vCi2bvxE8GE1ovcxudj2snrX8+/uz0pF2JyVmaQruSoxYDy43Rf2x7LXrqAZF+ 3tJkNw== -----END CERTIFICATE-----Generated at Sat Apr 5 06:24:06 2025 by rpki-client