$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa File: AS152395.roa (raw, json) Hash identifier: ACi1ijnLhDltfhJ4X8XBgaG6ul7gedJ7Zt1CxjKgVzg= Subject key identifier: AE:46:25:6F:A5:CE:0C:69:69:32:01:EF:96:B5:A5:19:04:39:09:16 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5533AADC8FDDF579E5BC0D4014628C213B4A725A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa Signing time: Fri 14 Feb 2025 04:00:00 +0000 ROA not before: Fri 14 Feb 2025 03:55:00 +0000 ROA not after: Fri 13 Feb 2026 04:00:00 +0000 asID: 152395 IP address blocks: 2001:df3:84c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:33:aa:dc:8f:dd:f5:79:e5:bc:0d:40:14:62:8c:21:3b:4a:72:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 14 03:55:00 2025 GMT Not After : Feb 13 04:00:00 2026 GMT Subject: CN=AE46256FA5CE0C69693201EF96B5A51904390916 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0f:b6:6d:67:e6:0b:bb:06:1e:69:71:67:64: 91:c9:07:56:df:e2:cf:6b:6b:b7:b3:5b:ec:34:96: 6e:da:8c:b5:71:e0:d0:4c:fd:47:94:b7:c0:fa:67: aa:10:be:0c:b4:e1:2c:e9:04:f6:a7:0d:56:a0:93: 90:6b:cd:be:ec:d3:ba:d2:f0:7b:e5:f1:bb:1c:8b: 5b:cd:80:fe:ab:38:79:e2:68:a4:54:84:22:a1:b4: 2d:e9:fd:ec:14:b0:55:22:02:4a:ae:43:31:75:cf: e9:f9:5b:d6:29:83:5b:89:f9:dd:cb:ef:ec:03:2e: 06:90:dc:98:25:aa:24:81:9f:23:d3:c9:19:b4:15: b6:d1:52:23:75:ea:46:52:fb:3b:77:5c:f8:92:cd: 98:c2:67:59:6a:83:e1:fa:25:84:19:9e:ea:4f:70: d4:bc:f8:a4:1a:82:8a:12:b7:6a:47:e3:b6:b8:38: 4d:c9:f1:59:c5:ff:a2:1a:b7:29:0f:1f:24:01:ce: 17:46:e4:00:92:25:ea:13:14:51:af:95:05:5d:bd: 69:0c:c5:27:ec:34:dc:74:02:28:bc:f3:9f:aa:70: 3d:54:df:70:62:9d:b1:f4:ab:9e:9d:b8:20:8d:03: d3:68:54:c2:f1:31:f4:ec:43:a1:7f:c2:fd:20:95: e7:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:46:25:6F:A5:CE:0C:69:69:32:01:EF:96:B5:A5:19:04:39:09:16 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152395.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:84c0::/48 Signature Algorithm: sha256WithRSAEncryption 75:98:9f:b5:46:d0:70:92:0b:81:c6:2f:c1:4d:db:b2:a2:d4: 10:c4:66:9a:27:7e:d0:8c:b9:0e:f3:57:d9:66:59:30:62:9a: 18:7e:29:22:1c:e6:cd:8b:3b:b4:fc:28:2a:36:02:01:8d:dd: 21:17:f6:15:5e:07:cd:af:c4:50:d0:68:e1:ba:ad:23:c4:94: 0f:cb:c7:26:2a:33:80:81:fe:58:54:3c:d8:4d:9a:4b:02:bc: b7:94:f2:5b:81:3a:16:4b:59:fc:14:96:b2:3a:5a:e2:91:04: 04:ef:50:2f:f3:f9:39:91:75:c4:cf:f2:70:87:d9:1b:bb:31: 49:bc:49:1e:b7:af:42:b6:df:a3:2f:3e:7f:0a:6f:09:de:1a: 70:59:82:78:a7:52:76:53:60:d6:fa:08:fc:31:91:9f:e1:67: 06:60:2a:9b:14:63:11:1a:a5:b9:d2:02:a9:70:58:d8:e8:98: 85:63:58:09:2d:5b:4e:3e:65:40:c8:a0:3a:5d:8e:aa:1c:52: d4:98:7e:8f:41:36:b4:46:00:27:59:77:e3:f7:9c:d1:09:74: 9a:f9:85:6b:33:2c:ea:81:b4:6e:c7:29:32:45:20:66:df:f1: 42:88:48:ba:94:a6:05:e2:db:ee:d7:47:cc:fd:3b:5b:3c:eb: e5:f3:c0:f3 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUVTOq3I/d9XnlvA1AFGKMITtKclowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIxNDAzNTUwMFoX DTI2MDIxMzA0MDAwMFowMzExMC8GA1UEAxMoQUU0NjI1NkZBNUNFMEM2OTY5MzIw MUVGOTZCNUE1MTkwNDM5MDkxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYPtm1n5gu7Bh5pcWdkkckHVt/iz2trt7Nb7DSWbtqMtXHg0Ez9R5S3wPpn qhC+DLThLOkE9qcNVqCTkGvNvuzTutLwe+XxuxyLW82A/qs4eeJopFSEIqG0Len9 7BSwVSICSq5DMXXP6flb1imDW4n53cvv7AMuBpDcmCWqJIGfI9PJGbQVttFSI3Xq RlL7O3dc+JLNmMJnWWqD4folhBme6k9w1Lz4pBqCihK3akfjtrg4TcnxWcX/ohq3 KQ8fJAHOF0bkAJIl6hMUUa+VBV29aQzFJ+w03HQCKLzzn6pwPVTfcGKdsfSrnp24 II0D02hUwvEx9OxDoX/C/SCV5y8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSuRiVv pc4MaWkyAe+WtaUZBDkJFjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM5NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOEwDANBgkqhkiG9w0BAQsFAAOCAQEAdZiftUbQcJILgcYv wU3bsqLUEMRmmid+0Iy5DvNX2WZZMGKaGH4pIhzmzYs7tPwoKjYCAY3dIRf2FV4H za/EUNBo4bqtI8SUD8vHJiozgIH+WFQ82E2aSwK8t5TyW4E6FktZ/BSWsjpa4pEE BO9QL/P5OZF1xM/ycIfZG7sxSbxJHrevQrbfoy8+fwpvCd4acFmCeKdSdlNg1voI /DGRn+FnBmAqmxRjERqludICqXBY2OiYhWNYCS1bTj5lQMigOl2OqhxS1Jh+j0E2 tEYAJ1l34/ec0Ql0mvmFazMs6oG0bscpMkUgZt/xQohIupSmBeLb7tdHzP07Wzzr 5fPA8w== -----END CERTIFICATE-----Generated at Sat Apr 5 06:22:42 2025 by rpki-client