$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152401.roa File: AS152401.roa (raw, json) Hash identifier: jnqSP4pxpfsQE5BQt0wyU32nyQJikpzQQJsdpzvmC4A= Subject key identifier: 37:23:BB:50:94:52:98:28:99:7F:9F:44:24:94:45:CC:A0:5B:4D:4E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2DC5C5C467549443BA486C7ECE92291386F36FA5 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152401.roa Signing time: Wed 30 Apr 2025 06:49:59 +0000 ROA not before: Wed 30 Apr 2025 06:44:59 +0000 ROA not after: Wed 29 Apr 2026 06:49:59 +0000 asID: 152401 IP address blocks: 163.227.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:c5:c5:c4:67:54:94:43:ba:48:6c:7e:ce:92:29:13:86:f3:6f:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 30 06:44:59 2025 GMT Not After : Apr 29 06:49:59 2026 GMT Subject: CN=3723BB5094529828997F9F44249445CCA05B4D4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:1e:36:79:ad:c2:25:b3:00:05:12:f9:d0:e2: 0b:4e:a5:5c:d7:56:02:6e:f5:9a:71:36:91:cd:e7: 14:cc:91:91:09:19:d9:d0:c5:34:34:14:9a:49:e1: 12:de:f7:0e:2c:69:4f:f6:6a:36:86:ae:56:80:5f: f2:14:e3:55:c2:0f:cc:ec:ff:79:32:37:50:6a:36: 57:4a:19:74:82:7e:69:a3:ef:83:58:7e:ee:10:76: ff:ca:90:b3:c6:1f:8c:26:eb:6c:22:ed:4e:ea:c5: e1:45:ae:00:78:b5:12:ea:bb:dc:8c:56:33:91:f5: 28:d7:c4:cf:f0:e3:6f:14:3d:06:a5:6e:6f:19:2d: ed:c3:52:f6:bd:2e:5e:2f:2f:af:1d:03:16:b1:92: 7f:70:0f:a2:56:52:88:22:3b:98:03:b9:81:2f:d7: 3b:02:21:bf:f1:b8:f4:17:61:97:60:c9:45:9f:09: 88:f9:77:09:65:45:da:c8:e6:17:b1:46:29:c3:22: 62:a0:6d:ec:c2:45:fb:ba:50:a8:44:e0:48:36:73: 1f:59:8e:fd:60:82:2b:97:a8:fd:73:fd:9e:16:24: 41:7b:af:37:b1:dd:24:59:e2:1f:00:07:1b:c4:ef: 01:f0:70:14:d1:0a:a7:0c:2e:27:5f:71:f9:63:c8: d4:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:23:BB:50:94:52:98:28:99:7F:9F:44:24:94:45:CC:A0:5B:4D:4E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152401.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.64.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:8a:c9:8d:bb:29:33:0c:16:17:a6:ba:fb:51:bc:e5:12:75: b9:36:ec:52:89:c9:1c:82:08:d8:0d:9f:f6:71:3f:d7:ec:f6: 39:fb:53:65:de:ec:6c:c4:3a:37:0b:40:b3:2e:46:14:9b:5d: 2d:f9:f4:47:71:e7:4b:99:8e:2b:d5:6e:42:e4:05:7a:97:26: f0:20:a1:94:2a:69:15:b5:7e:be:9b:60:94:d6:a9:1b:7a:0c: 8b:20:1d:9b:df:6a:15:36:00:e3:c8:c9:bb:ab:b8:fa:96:db: 72:f8:4e:7c:61:34:a9:73:9b:38:ad:32:b6:73:a7:4f:4a:a5: 43:e9:d4:4e:c8:fb:7a:24:fb:39:cf:d0:0f:ca:fd:10:50:69: b0:c1:5e:ad:41:f5:e3:2f:55:ce:80:8b:cb:33:78:31:61:37: 81:8d:f0:31:53:df:a5:2c:53:93:29:8b:15:91:5e:8a:9c:aa: bc:f9:b8:97:07:c1:3b:2c:05:06:d2:e8:6d:f1:8a:22:09:54: cb:7d:9f:c4:04:80:fe:ac:af:5a:4c:6e:f3:5d:f8:d3:4f:eb: 13:b2:99:40:cc:4c:4b:07:50:09:ed:e1:6a:40:2a:d6:a1:ba: 46:5a:8c:7a:09:12:f1:8c:28:52:64:f0:19:6f:80:7d:e8:9a: 8b:9d:17:19 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULcXFxGdUlEO6SGx+zpIpE4bzb6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQzMDA2NDQ1OVoX DTI2MDQyOTA2NDk1OVowMzExMC8GA1UEAxMoMzcyM0JCNTA5NDUyOTgyODk5N0Y5 RjQ0MjQ5NDQ1Q0NBMDVCNEQ0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMceNnmtwiWzAAUS+dDiC06lXNdWAm71mnE2kc3nFMyRkQkZ2dDFNDQUmknh Et73DixpT/ZqNoauVoBf8hTjVcIPzOz/eTI3UGo2V0oZdIJ+aaPvg1h+7hB2/8qQ s8YfjCbrbCLtTurF4UWuAHi1Euq73IxWM5H1KNfEz/DjbxQ9BqVubxkt7cNS9r0u Xi8vrx0DFrGSf3APolZSiCI7mAO5gS/XOwIhv/G49Bdhl2DJRZ8JiPl3CWVF2sjm F7FGKcMiYqBt7MJF+7pQqETgSDZzH1mO/WCCK5eo/XP9nhYkQXuvN7HdJFniHwAH G8TvAfBwFNEKpwwuJ19x+WPI1PcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQ3I7tQ lFKYKJl/n0QklEXMoFtNTjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjQwMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKPjQDANBgkqhkiG9w0BAQsFAAOCAQEAjYrJjbspMwwWF6a6+1G8 5RJ1uTbsUonJHIII2A2f9nE/1+z2OftTZd7sbMQ6NwtAsy5GFJtdLfn0R3HnS5mO K9VuQuQFepcm8CChlCppFbV+vptglNapG3oMiyAdm99qFTYA48jJu6u4+pbbcvhO fGE0qXObOK0ytnOnT0qlQ+nUTsj7eiT7Oc/QD8r9EFBpsMFerUH14y9VzoCLyzN4 MWE3gY3wMVPfpSxTkymLFZFeipyqvPm4lwfBOywFBtLobfGKIglUy32fxASA/qyv Wkxu813400/rE7KZQMxMSwdQCe3hakAq1qG6RlqMegkS8YwoUmTwGW+Afeiai50X GQ== -----END CERTIFICATE-----Generated at Tue Jun 3 23:09:17 2025 by rpki-client