$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153728.roa File: AS153728.roa (raw, json) Hash identifier: 0CcIUp7lglsEJ78SW5aclXUYp4vEzX0oXC/5+9m62VM= Subject key identifier: 3F:09:61:26:1C:4F:6C:AF:49:E5:DE:CD:43:8E:1D:EB:9A:9F:A7:1F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D9FC7A4F69C4CF539CA49B34CFDF33C45EB014C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153728.roa Signing time: Tue 13 May 2025 11:56:37 +0000 ROA not before: Tue 13 May 2025 11:51:37 +0000 ROA not after: Tue 12 May 2026 11:56:37 +0000 asID: 153728 IP address blocks: 163.223.172.0/24 maxlen: 24 2001:df5:46c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:9f:c7:a4:f6:9c:4c:f5:39:ca:49:b3:4c:fd:f3:3c:45:eb:01:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 13 11:51:37 2025 GMT Not After : May 12 11:56:37 2026 GMT Subject: CN=3F0961261C4F6CAF49E5DECD438E1DEB9A9FA71F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a2:64:f1:e4:38:0b:b0:5b:bd:f6:65:d0:25: 49:52:e5:f6:2c:25:c6:b0:81:f5:44:75:a3:5b:9c: 02:9f:1c:2b:7e:61:91:3e:bc:e1:c6:23:ea:af:a3: 9a:9a:50:a5:9e:2f:d8:de:93:0b:85:9c:e6:b7:22: 2e:e2:96:d0:ed:af:4a:87:95:13:05:1d:5d:63:f0: d0:42:e6:02:09:c9:5d:50:92:7a:e5:43:88:96:aa: 4f:e1:f4:dd:4b:97:4a:c8:d2:08:23:0b:e3:3e:2b: 25:95:78:8e:02:90:d2:c6:42:04:ef:d7:2e:ef:bc: 03:49:0e:c4:09:3d:26:3d:e9:b9:f2:2e:01:a8:72: cd:6e:16:45:ee:c9:3e:0e:b6:f0:7b:f2:61:62:0a: e0:5d:ce:64:66:07:de:e5:ea:b1:5d:8a:8f:15:b4: 0b:be:92:fc:92:99:55:f1:10:ad:e3:ec:2b:3f:5e: 0a:37:86:81:7f:2a:0c:e1:54:3b:1c:c4:53:a7:30: a4:4f:92:6d:21:bb:51:cd:55:8f:8f:39:69:c2:52: c6:81:4a:c9:d5:26:2a:fb:33:40:e9:1c:61:3a:cf: 71:61:e7:98:40:c6:35:2b:4f:06:b7:f5:3e:12:9f: 5d:4f:79:bb:0c:85:8d:0e:83:cf:d3:9b:8e:3f:ef: a2:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:09:61:26:1C:4F:6C:AF:49:E5:DE:CD:43:8E:1D:EB:9A:9F:A7:1F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153728.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.172.0/24 IPv6: 2001:df5:46c0::/48 Signature Algorithm: sha256WithRSAEncryption 10:60:aa:b2:be:86:f6:31:9d:33:46:49:50:28:f4:8c:b8:9b: f9:58:fd:2f:04:58:c7:54:94:21:08:2f:f5:b0:19:df:b0:93: 34:08:42:02:73:c8:1c:c6:a8:26:ed:42:1c:80:6b:04:56:9f: c4:cb:84:27:c8:b2:fb:43:ab:ce:48:22:9a:04:d5:cd:80:62: bc:79:31:cc:f3:f0:7d:6d:cf:38:31:92:2a:42:d8:17:dd:e5: 7d:57:1b:4e:c2:d7:df:ed:bb:a3:3d:4b:30:58:e5:bb:d9:eb: fb:f0:97:c6:0f:70:52:e1:71:36:a5:b0:c3:9f:15:b8:06:42: 32:95:37:53:93:01:27:31:26:11:00:17:1e:38:43:b1:18:23: 20:0d:56:39:88:b5:eb:7a:af:a2:46:6e:46:62:9c:f8:72:43: 31:99:bd:52:a8:17:ff:67:17:ec:69:c6:f4:94:56:75:45:88: bc:94:21:98:a6:2a:88:f1:fc:7a:61:c1:64:89:ba:c4:bc:59: f4:cd:76:21:ac:8e:83:4d:c4:06:16:46:f0:81:1b:e2:a1:eb: 7b:72:ef:89:eb:73:14:14:de:bd:46:85:31:bf:ef:ce:16:10: 54:bd:db:28:7d:a1:bb:9a:03:8b:e4:f9:0a:d5:77:39:01:e0: 3a:25:99:06 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIULZ/HpPacTPU5ykmzTP3zPEXrAUwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxMzExNTEzN1oX DTI2MDUxMjExNTYzN1owMzExMC8GA1UEAxMoM0YwOTYxMjYxQzRGNkNBRjQ5RTVE RUNENDM4RTFERUI5QTlGQTcxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALWiZPHkOAuwW732ZdAlSVLl9iwlxrCB9UR1o1ucAp8cK35hkT684cYj6q+j mppQpZ4v2N6TC4Wc5rciLuKW0O2vSoeVEwUdXWPw0ELmAgnJXVCSeuVDiJaqT+H0 3UuXSsjSCCML4z4rJZV4jgKQ0sZCBO/XLu+8A0kOxAk9Jj3pufIuAahyzW4WRe7J Pg628HvyYWIK4F3OZGYH3uXqsV2KjxW0C76S/JKZVfEQrePsKz9eCjeGgX8qDOFU OxzEU6cwpE+SbSG7Uc1Vj485acJSxoFKydUmKvszQOkcYTrPcWHnmEDGNStPBrf1 PhKfXU95uwyFjQ6Dz9Objj/volECAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQ/CWEm HE9sr0nl3s1Djh3rmp+nHzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzcyOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKPfrDAPBAIAAjAJAwcAIAEN9UbAMA0GCSqGSIb3DQEBCwUAA4IB AQAQYKqyvob2MZ0zRklQKPSMuJv5WP0vBFjHVJQhCC/1sBnfsJM0CEICc8gcxqgm 7UIcgGsEVp/Ey4QnyLL7Q6vOSCKaBNXNgGK8eTHM8/B9bc84MZIqQtgX3eV9VxtO wtff7bujPUswWOW72ev78JfGD3BS4XE2pbDDnxW4BkIylTdTkwEnMSYRABceOEOx GCMgDVY5iLXreq+iRm5GYpz4ckMxmb1SqBf/Zxfsacb0lFZ1RYi8lCGYpiqI8fx6 YcFkibrEvFn0zXYhrI6DTcQGFkbwgRvioet7cu+J63MUFN69RoUxv+/OFhBUvdso faG7mgOL5PkK1Xc5AeA6JZkG -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:02 2025 by rpki-client