$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153876.roa File: AS153876.roa (raw, json) Hash identifier: uborwdOMFxBrmH6JSrJ7hsq1zpNTUNU5K9v1uH2ZvlQ= Subject key identifier: 70:DF:29:14:07:5E:D6:FA:AB:DB:EE:88:8F:B4:87:34:A2:D8:C5:32 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 74B4E9505C77303C688035BD07A1062BA2C39291 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153876.roa Signing time: Wed 14 May 2025 09:47:12 +0000 ROA not before: Wed 14 May 2025 09:42:12 +0000 ROA not after: Wed 13 May 2026 09:47:12 +0000 asID: 153876 IP address blocks: 163.227.183.0/24 maxlen: 24 2001:df5:7740::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:b4:e9:50:5c:77:30:3c:68:80:35:bd:07:a1:06:2b:a2:c3:92:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 14 09:42:12 2025 GMT Not After : May 13 09:47:12 2026 GMT Subject: CN=70DF2914075ED6FAABDBEE888FB48734A2D8C532 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ce:eb:c8:56:b8:cd:94:af:ec:c1:f0:06:3c: f6:26:ab:38:4a:53:53:a0:fe:8f:c0:7b:4a:a5:4c: d8:15:7b:81:3d:81:ac:1e:2a:d8:7e:41:82:76:7b: 18:af:36:b7:9c:b9:30:1a:a7:2a:48:a2:76:31:9e: 22:2d:17:3b:9e:a0:94:02:4a:43:79:97:99:11:33: 8c:49:78:1f:d6:b5:11:43:21:37:41:0a:47:1c:fa: d8:3c:70:93:8f:66:59:c4:50:78:66:f0:fa:7f:bb: 8f:3e:0b:57:31:c9:66:03:0b:a6:ab:ce:e0:db:b8: 78:9b:e6:08:23:bb:63:28:2e:6e:ba:01:d3:ed:7d: 60:95:89:75:34:55:c9:ca:4f:32:df:f4:28:92:94: e3:c8:af:6c:08:57:11:2d:a8:92:ad:89:23:4d:50: 8a:f9:be:fd:2b:10:1e:7e:40:01:3d:a7:18:87:0b: 80:20:bf:a2:59:bc:d1:7e:94:81:7c:67:d4:f8:1b: 61:06:df:60:11:51:5b:6c:26:35:d2:91:77:8e:ad: 5e:de:75:0e:dd:53:70:39:8b:7c:a0:fc:f8:34:75: 55:05:8c:9b:56:46:b8:a5:59:cc:b4:74:bf:b7:d3: 50:88:65:ec:39:a4:65:eb:8c:34:2d:ec:08:a5:5d: 4e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:DF:29:14:07:5E:D6:FA:AB:DB:EE:88:8F:B4:87:34:A2:D8:C5:32 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153876.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.183.0/24 IPv6: 2001:df5:7740::/48 Signature Algorithm: sha256WithRSAEncryption 84:29:0f:e7:60:f4:d4:38:38:e6:65:64:61:6f:b9:66:aa:8e: 15:ae:39:bb:b6:fa:12:2c:3e:cc:1c:c2:56:26:2d:1a:b3:b5: 87:f1:28:4e:d1:47:5a:43:81:e5:20:6d:d2:40:86:db:94:5f: 75:22:79:d3:bd:b5:b6:2e:2a:b3:2a:fa:92:19:e1:bd:52:b4: dd:45:cf:da:ba:f3:80:2e:c0:e7:9e:84:a6:21:9b:a6:ab:89: 1a:4e:74:41:2b:72:68:c2:f0:58:01:a0:82:0b:34:85:8f:11: dd:d9:1a:12:a7:38:db:1a:41:c6:67:26:1e:f6:96:dc:b8:c8: 6e:26:6c:a2:f8:20:47:c1:cf:ac:90:f5:58:a6:8a:c3:0a:29: 92:9f:25:79:af:2f:f4:f2:d4:05:f2:50:32:f5:2c:f4:00:3d: 6d:e3:a4:9c:dc:c9:64:12:3a:e0:83:38:f2:eb:13:e8:e0:85: 24:1c:2f:ab:2f:10:6e:06:0b:78:da:74:91:db:0c:05:cc:ed: 4a:4e:07:66:a3:e1:19:0c:ff:94:15:08:94:36:03:54:c4:5c: c4:dc:eb:65:60:e8:08:a2:30:67:6e:b0:45:48:44:ba:4d:c8: b2:1a:31:6e:06:dc:52:47:10:06:31:6a:26:f0:6a:04:1a:36: 7b:7e:d9:55 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUdLTpUFx3MDxogDW9B6EGK6LDkpEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxNDA5NDIxMloX DTI2MDUxMzA5NDcxMlowMzExMC8GA1UEAxMoNzBERjI5MTQwNzVFRDZGQUFCREJF RTg4OEZCNDg3MzRBMkQ4QzUzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMfO68hWuM2Ur+zB8AY89iarOEpTU6D+j8B7SqVM2BV7gT2BrB4q2H5BgnZ7 GK82t5y5MBqnKkiidjGeIi0XO56glAJKQ3mXmREzjEl4H9a1EUMhN0EKRxz62Dxw k49mWcRQeGbw+n+7jz4LVzHJZgMLpqvO4Nu4eJvmCCO7YygubroB0+19YJWJdTRV ycpPMt/0KJKU48ivbAhXES2okq2JI01Qivm+/SsQHn5AAT2nGIcLgCC/olm80X6U gXxn1PgbYQbfYBFRW2wmNdKRd46tXt51Dt1TcDmLfKD8+DR1VQWMm1ZGuKVZzLR0 v7fTUIhl7DmkZeuMNC3sCKVdTrUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRw3ykU B17W+qvb7oiPtIc0otjFMjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1Mzg3Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKPjtzAPBAIAAjAJAwcAIAEN9XdAMA0GCSqGSIb3DQEBCwUAA4IB AQCEKQ/nYPTUODjmZWRhb7lmqo4Vrjm7tvoSLD7MHMJWJi0as7WH8ShO0UdaQ4Hl IG3SQIbblF91InnTvbW2LiqzKvqSGeG9UrTdRc/auvOALsDnnoSmIZumq4kaTnRB K3JowvBYAaCCCzSFjxHd2RoSpzjbGkHGZyYe9pbcuMhuJmyi+CBHwc+skPVYporD CimSnyV5ry/08tQF8lAy9Sz0AD1t46Sc3MlkEjrggzjy6xPo4IUkHC+rLxBuBgt4 2nSR2wwFzO1KTgdmo+EZDP+UFQiUNgNUxFzE3OtlYOgIojBnbrBFSES6TciyGjFu BtxSRxAGMWom8GoEGjZ7ftlV -----END CERTIFICATE-----Generated at Tue Jun 3 23:11:57 2025 by rpki-client