$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153937.roa File: AS153937.roa (raw, json) Hash identifier: LK1tdIK4GrBQFttTOrjLEoESBkdE78ETApIkMQFMsjs= Subject key identifier: 29:9E:FA:80:4A:77:1B:65:15:38:76:B8:79:F0:BD:44:48:A3:01:36 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 301928402BCBA50A5521E1C317456B014D95453D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153937.roa Signing time: Wed 04 Jun 2025 02:14:46 +0000 ROA not before: Wed 04 Jun 2025 02:09:46 +0000 ROA not after: Wed 03 Jun 2026 02:14:46 +0000 asID: 153937 IP address blocks: 2001:df5:8cc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 02:27:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:19:28:40:2b:cb:a5:0a:55:21:e1:c3:17:45:6b:01:4d:95:45:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 4 02:09:46 2025 GMT Not After : Jun 3 02:14:46 2026 GMT Subject: CN=299EFA804A771B65153876B879F0BD4448A30136 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ad:99:00:da:e6:7d:4e:6e:83:28:3f:38:95: 44:2c:9c:8c:b8:8d:aa:e5:1f:e3:94:d0:bb:8e:b3: 6a:7b:96:1e:f7:77:18:02:03:b7:e6:c5:19:59:28: 74:ea:7d:fb:e6:a0:b7:dd:a6:37:b8:fd:3f:31:8f: ab:2c:6d:d5:f5:8c:75:c8:8d:09:06:55:4b:81:fa: 2b:24:19:5c:18:fc:53:c6:06:d7:b5:a5:73:7a:75: 7c:82:e2:24:81:42:88:a9:50:22:71:5f:ff:21:0e: 12:74:b4:cb:57:f2:a6:f5:e7:ee:79:6c:4a:ad:e9: c7:dc:19:3f:5c:e3:55:95:bf:27:92:72:1a:13:ae: 20:1c:07:72:fc:ef:4c:a5:c1:cd:d0:a3:95:4c:3c: 88:53:2e:0c:ba:46:b2:44:8f:32:a5:40:43:62:55: 4c:f4:7c:4e:16:5d:b9:06:28:32:9f:0b:25:a3:e9: 9b:ff:fc:25:28:cb:62:41:27:be:79:1f:8b:f8:ba: bf:51:f0:6f:eb:9a:4e:18:08:9a:59:fc:ea:a0:33: 6c:4b:93:de:3d:60:8e:7d:3d:82:d4:73:5b:3b:11: 17:7e:ca:52:b8:fa:71:35:ee:15:21:bd:3b:a0:a1: e9:91:ef:85:79:e7:4a:3a:19:d9:12:06:2f:57:31: 1b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:9E:FA:80:4A:77:1B:65:15:38:76:B8:79:F0:BD:44:48:A3:01:36 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153937.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:8cc0::/48 Signature Algorithm: sha256WithRSAEncryption 16:fe:01:55:a1:d5:54:f4:ec:69:a7:4d:a6:e2:ca:99:2d:2b: 56:50:ca:91:b3:97:9b:12:06:8c:46:6d:22:b0:43:ef:82:ca: 5c:ed:58:c7:ae:0e:07:e7:ba:73:09:d6:6e:d7:13:bd:00:1c: 5b:f8:d4:12:98:41:b2:ee:d2:22:dc:6c:28:3b:7f:bd:7f:a1: 28:08:df:7f:93:2c:dd:6f:2a:18:67:2d:56:4c:cd:94:81:55: 7d:fa:44:79:53:cc:8e:d6:96:5f:45:a3:d8:b5:81:08:fb:28: 88:36:61:b7:25:8e:d3:01:b9:99:40:7e:c3:29:68:99:bb:8d: 60:2a:46:a7:8c:d7:30:75:a2:db:2a:04:b2:c2:12:a0:7f:cf: 15:2e:2a:29:03:07:43:c4:70:53:d6:6e:7f:f0:78:8d:0e:d5: 93:b4:72:89:b8:08:a0:fd:c9:e0:b0:39:2c:fc:c0:f2:26:95: ff:07:8b:ff:f9:d8:76:98:3d:a7:78:01:78:5d:25:28:6b:b4: a6:59:22:32:bc:55:be:37:98:29:29:a5:72:5e:47:d5:26:87: d4:61:5a:b6:f6:55:9d:1d:83:1d:9e:64:ec:ef:25:a3:07:6a: 78:54:d5:bc:02:72:ee:d1:db:ea:d3:49:98:d8:ef:d1:a7:68: bf:34:0a:d6 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUMBkoQCvLpQpVIeHDF0VrAU2VRT0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwNDAyMDk0NloX DTI2MDYwMzAyMTQ0NlowMzExMC8GA1UEAxMoMjk5RUZBODA0QTc3MUI2NTE1Mzg3 NkI4NzlGMEJENDQ0OEEzMDEzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALetmQDa5n1OboMoPziVRCycjLiNquUf45TQu46zanuWHvd3GAIDt+bFGVko dOp9++agt92mN7j9PzGPqyxt1fWMdciNCQZVS4H6KyQZXBj8U8YG17Wlc3p1fILi JIFCiKlQInFf/yEOEnS0y1fypvXn7nlsSq3px9wZP1zjVZW/J5JyGhOuIBwHcvzv TKXBzdCjlUw8iFMuDLpGskSPMqVAQ2JVTPR8ThZduQYoMp8LJaPpm//8JSjLYkEn vnkfi/i6v1Hwb+uaThgImln86qAzbEuT3j1gjn09gtRzWzsRF37KUrj6cTXuFSG9 O6Ch6ZHvhXnnSjoZ2RIGL1cxGy0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQpnvqA SncbZRU4drh58L1ESKMBNjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzkzNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfWMwDANBgkqhkiG9w0BAQsFAAOCAQEAFv4BVaHVVPTsaadN puLKmS0rVlDKkbOXmxIGjEZtIrBD74LKXO1Yx64OB+e6cwnWbtcTvQAcW/jUEphB su7SItxsKDt/vX+hKAjff5Ms3W8qGGctVkzNlIFVffpEeVPMjtaWX0Wj2LWBCPso iDZhtyWO0wG5mUB+wylombuNYCpGp4zXMHWi2yoEssISoH/PFS4qKQMHQ8RwU9Zu f/B4jQ7Vk7RyibgIoP3J4LA5LPzA8iaV/weL//nYdpg9p3gBeF0lKGu0plkiMrxV vjeYKSmlcl5H1SaH1GFatvZVnR2DHZ5k7O8lowdqeFTVvAJy7tHb6tNJmNjv0ado vzQK1g== -----END CERTIFICATE-----Generated at Sun Jun 8 01:37:30 2025 by rpki-client