$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa File: AS152394.roa (raw, json) Hash identifier: zCx7o044VuzfMJTqAm4N+P7PUkpA3PMXQ0QsL4SfwIY= Subject key identifier: A2:65:20:17:9C:06:31:59:93:5B:4F:FA:EF:FE:A1:AB:06:B1:7D:F5 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 42F6D5BF92D848A0B2CE234DD76A1C0418F8E3E8 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa Signing time: Fri 21 Feb 2025 04:00:00 +0000 ROA not before: Fri 21 Feb 2025 03:55:00 +0000 ROA not after: Fri 20 Feb 2026 04:00:00 +0000 asID: 152394 IP address blocks: 2001:df3:98c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:f6:d5:bf:92:d8:48:a0:b2:ce:23:4d:d7:6a:1c:04:18:f8:e3:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 21 03:55:00 2025 GMT Not After : Feb 20 04:00:00 2026 GMT Subject: CN=A26520179C063159935B4FFAEFFEA1AB06B17DF5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:53:41:e2:91:4c:b9:ea:59:83:23:35:c4:32: 84:62:2d:01:cf:14:63:9e:3e:ee:19:68:b9:75:2c: ea:64:70:3e:98:3e:59:39:b8:b3:17:06:aa:f5:a9: a9:5a:55:d9:ef:16:4b:d4:d4:11:e7:f2:c9:34:98: 4e:be:da:1d:f8:e8:55:02:db:58:cf:63:9f:c0:5a: 2c:e9:33:97:53:f0:c3:b0:fa:f0:e8:3f:ef:c3:da: 66:3c:00:de:ae:5e:94:ad:7e:65:f9:de:be:88:54: 3e:74:dd:14:76:36:ff:3c:f5:ff:bf:0a:73:b6:8f: 1f:08:0a:f3:58:80:c4:52:2d:66:c4:d9:09:19:ff: 21:b9:50:6e:5c:b9:71:bc:42:cd:c4:63:2f:42:59: 81:73:89:34:ae:15:0e:c5:c9:68:e3:e3:d1:c4:00: 6b:a9:ea:f4:8d:9c:d9:a7:37:1b:05:4e:4d:5b:a0: b8:b0:fd:e9:a8:33:17:43:d1:ae:59:28:b7:c1:ff: 3f:48:66:a7:9d:f6:89:c5:50:da:19:a7:80:c3:e4: f1:a3:06:ad:91:14:c6:a5:43:d3:df:42:e5:7f:cb: 7e:34:30:7f:b7:85:68:a7:f0:17:01:c3:9f:90:1b: 1c:53:b2:4f:bd:9b:a7:25:30:b9:a0:75:d5:bd:11: c4:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:65:20:17:9C:06:31:59:93:5B:4F:FA:EF:FE:A1:AB:06:B1:7D:F5 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:98c0::/48 Signature Algorithm: sha256WithRSAEncryption 51:de:fb:0f:0d:4a:52:6f:d6:69:33:17:fc:ae:88:00:82:fe: 07:d4:dc:5d:e7:c7:c1:c3:e0:83:10:1e:96:31:b8:b6:38:2f: 71:9c:37:62:de:b1:2d:52:0d:1a:7e:6e:e9:17:1e:05:4c:6b: 3a:9b:3b:8d:f4:00:1f:31:4b:12:f4:ec:1e:61:50:fe:4d:81: 2c:10:9a:f0:c4:8f:0d:b6:44:a0:8c:85:db:01:63:ef:6d:9f: 21:d5:e7:b3:7e:7d:24:3a:aa:1f:75:5d:60:d4:09:28:76:c9: e9:00:6f:a3:87:a8:05:f3:33:90:7b:81:12:28:06:f5:dc:49: c5:ed:16:93:ff:2d:b0:49:63:55:00:cc:ee:32:df:09:3a:71: 31:13:99:0c:b4:cd:f9:20:52:3b:ed:90:58:82:09:48:2e:22: 5d:99:46:1a:34:34:c8:f0:8c:35:f8:19:d5:d7:aa:48:32:29: 7b:35:d1:6c:d4:8d:a3:76:00:be:65:a2:d3:21:3e:41:b1:52: 2c:cd:31:91:5d:66:7a:96:49:15:fa:8f:ae:5c:0d:cc:64:d5: de:5f:bb:e5:e4:24:0b:2c:d2:99:a8:3a:49:68:f7:87:30:15: 4a:4c:3c:01:6e:44:93:4c:81:42:f2:b9:d2:04:9d:ae:1a:89: e9:be:1c:c5 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUQvbVv5LYSKCyziNN12ocBBj44+gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIyMTAzNTUwMFoX DTI2MDIyMDA0MDAwMFowMzExMC8GA1UEAxMoQTI2NTIwMTc5QzA2MzE1OTkzNUI0 RkZBRUZGRUExQUIwNkIxN0RGNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVTQeKRTLnqWYMjNcQyhGItAc8UY54+7hlouXUs6mRwPpg+WTm4sxcGqvWp qVpV2e8WS9TUEefyyTSYTr7aHfjoVQLbWM9jn8BaLOkzl1Pww7D68Og/78PaZjwA 3q5elK1+ZfnevohUPnTdFHY2/zz1/78Kc7aPHwgK81iAxFItZsTZCRn/IblQbly5 cbxCzcRjL0JZgXOJNK4VDsXJaOPj0cQAa6nq9I2c2ac3GwVOTVuguLD96agzF0PR rlkot8H/P0hmp532icVQ2hmngMPk8aMGrZEUxqVD099C5X/LfjQwf7eFaKfwFwHD n5AbHFOyT72bpyUwuaB11b0RxFUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSiZSAX nAYxWZNbT/rv/qGrBrF99TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOYwDANBgkqhkiG9w0BAQsFAAOCAQEAUd77Dw1KUm/WaTMX /K6IAIL+B9TcXefHwcPggxAeljG4tjgvcZw3Yt6xLVINGn5u6RceBUxrOps7jfQA HzFLEvTsHmFQ/k2BLBCa8MSPDbZEoIyF2wFj722fIdXns359JDqqH3VdYNQJKHbJ 6QBvo4eoBfMzkHuBEigG9dxJxe0Wk/8tsEljVQDM7jLfCTpxMROZDLTN+SBSO+2Q WIIJSC4iXZlGGjQ0yPCMNfgZ1deqSDIpezXRbNSNo3YAvmWi0yE+QbFSLM0xkV1m epZJFfqPrlwNzGTV3l+75eQkCyzSmag6SWj3hzAVSkw8AW5Ek0yBQvK50gSdrhqJ 6b4cxQ== -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:30 2025 by rpki-client