$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153871.roa File: AS153871.roa (raw, json) Hash identifier: X8EWZq3lq6qaJqAQ5rBGO3yznGWZ0xFbGKjO7Atxv08= Subject key identifier: 39:0B:BE:8F:C0:D7:87:38:28:B0:86:1C:EF:49:28:D7:AD:05:10:67 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 132AE48E81ED3FF03DEC087DEC01ECFE42B9369E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153871.roa Signing time: Fri 16 May 2025 08:24:16 +0000 ROA not before: Fri 16 May 2025 08:19:16 +0000 ROA not after: Fri 15 May 2026 08:24:16 +0000 asID: 153871 IP address blocks: 163.227.232.0/24 maxlen: 24 2001:df5:7e40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:2a:e4:8e:81:ed:3f:f0:3d:ec:08:7d:ec:01:ec:fe:42:b9:36:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 16 08:19:16 2025 GMT Not After : May 15 08:24:16 2026 GMT Subject: CN=390BBE8FC0D7873828B0861CEF4928D7AD051067 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:4b:88:bb:c4:11:2e:b0:b9:6a:eb:95:c4:55: d1:b7:5d:3f:99:c1:3e:8a:a6:59:ca:97:70:07:d2: 2d:12:6a:f7:82:dc:9e:67:79:77:e1:0b:af:cf:f0: 6b:31:78:8c:a1:b3:4a:9d:5a:82:80:73:16:f7:52: 05:4a:ad:a3:86:f2:ad:74:e6:ba:15:34:e4:a1:75: ba:c6:37:3b:40:c4:92:cf:b2:46:e2:22:d9:e2:74: d2:a3:c7:c9:0f:26:87:3f:bf:b2:b4:bf:15:49:3a: 20:4b:9d:86:90:9e:96:88:93:71:1b:5d:01:cc:54: af:1d:82:af:31:4d:56:0b:31:f2:47:4b:85:06:a1: da:0e:28:ed:25:18:94:bb:3a:3a:a8:fa:e0:96:31: 6f:8e:16:87:8b:fc:b8:03:be:29:36:03:e6:de:03: 34:cc:52:34:09:2b:42:a9:99:1a:50:48:85:24:14: b4:ff:98:ee:b0:b6:a8:57:34:f6:7e:07:30:e8:81: 3e:b3:38:a8:f7:bf:5c:89:66:f5:37:d5:f1:e1:44: 57:13:ed:6f:50:08:41:7e:29:72:73:aa:4f:56:a7: cd:0a:06:07:85:1e:91:8b:2f:15:c5:0f:5b:38:a2: 80:33:92:34:84:73:d5:fa:42:c1:df:f5:42:76:b7: fa:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0B:BE:8F:C0:D7:87:38:28:B0:86:1C:EF:49:28:D7:AD:05:10:67 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153871.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.232.0/24 IPv6: 2001:df5:7e40::/48 Signature Algorithm: sha256WithRSAEncryption 29:a5:4e:57:12:0e:a7:c1:16:14:ea:d8:7d:d1:2e:ac:72:69: 54:e8:2f:71:cf:0e:f8:1b:2a:00:c4:31:f0:4f:21:10:e8:95: 8d:41:aa:54:dc:ca:56:2a:6f:89:40:1a:91:7d:13:5a:c1:b3: 30:69:b3:4e:66:22:31:0b:06:b5:6f:79:8c:25:a3:d2:81:73: dc:7d:fe:68:40:e0:73:35:52:30:c1:27:f9:a7:19:46:7d:67: 58:c2:60:67:0a:0d:db:9e:5d:7d:92:b0:5d:af:aa:57:76:5b: 7c:d2:5d:05:a3:ff:16:f7:c3:2d:82:fa:62:93:bb:6c:59:0a: 71:91:45:d6:33:03:9f:8c:ba:09:98:f8:9b:32:fe:87:d4:26: ea:e2:42:34:ac:ee:a0:58:08:00:0a:c7:ed:7d:51:90:b9:89: 56:97:f6:4a:ff:5a:b4:9b:27:cd:9b:89:5c:85:85:50:8e:94: d7:8c:4d:39:a2:16:55:76:ca:e6:9c:55:98:8a:cf:17:c2:ec: e6:09:fe:1d:d5:f2:67:1e:8a:05:ab:d9:7d:02:1d:5d:d6:02: 11:bc:2f:e1:ec:05:a9:0a:c9:53:72:65:85:43:d9:0b:e9:6a: 91:75:40:18:0d:bf:62:52:fc:4f:7c:00:6d:fe:cf:20:c6:08: 3f:88:01:13 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUEyrkjoHtP/A97Ah97AHs/kK5Np4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxNjA4MTkxNloX DTI2MDUxNTA4MjQxNlowMzExMC8GA1UEAxMoMzkwQkJFOEZDMEQ3ODczODI4QjA4 NjFDRUY0OTI4RDdBRDA1MTA2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVLiLvEES6wuWrrlcRV0bddP5nBPoqmWcqXcAfSLRJq94Lcnmd5d+ELr8/w azF4jKGzSp1agoBzFvdSBUqto4byrXTmuhU05KF1usY3O0DEks+yRuIi2eJ00qPH yQ8mhz+/srS/FUk6IEudhpCeloiTcRtdAcxUrx2CrzFNVgsx8kdLhQah2g4o7SUY lLs6Oqj64JYxb44Wh4v8uAO+KTYD5t4DNMxSNAkrQqmZGlBIhSQUtP+Y7rC2qFc0 9n4HMOiBPrM4qPe/XIlm9TfV8eFEVxPtb1AIQX4pcnOqT1anzQoGB4UekYsvFcUP WziigDOSNIRz1fpCwd/1Qna3+vECAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQ5C76P wNeHOCiwhhzvSSjXrQUQZzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1Mzg3MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKPj6DAPBAIAAjAJAwcAIAEN9X5AMA0GCSqGSIb3DQEBCwUAA4IB AQAppU5XEg6nwRYU6th90S6scmlU6C9xzw74GyoAxDHwTyEQ6JWNQapU3MpWKm+J QBqRfRNawbMwabNOZiIxCwa1b3mMJaPSgXPcff5oQOBzNVIwwSf5pxlGfWdYwmBn Cg3bnl19krBdr6pXdlt80l0Fo/8W98Mtgvpik7tsWQpxkUXWMwOfjLoJmPibMv6H 1Cbq4kI0rO6gWAgACsftfVGQuYlWl/ZK/1q0myfNm4lchYVQjpTXjE05ohZVdsrm nFWYis8XwuzmCf4d1fJnHooFq9l9Ah1d1gIRvC/h7AWpCslTcmWFQ9kL6WqRdUAY Db9iUvxPfABt/s8gxgg/iAET -----END CERTIFICATE-----Generated at Tue Jun 3 23:16:06 2025 by rpki-client