$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS154203.roa File: AS154203.roa (raw, json) Hash identifier: 37m3ruKBxRco2VN2nShL7S1W1bq25cRhB+rJlMwY/3E= Subject key identifier: 89:19:89:2B:C2:26:6B:F6:38:EE:B5:CD:BD:21:E9:18:22:EA:26:03 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 45FB591FCCD09B086B9E7F1FCE015EF661C0C2EA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS154203.roa Signing time: Wed 10 Sep 2025 08:59:38 +0000 ROA not before: Wed 10 Sep 2025 08:54:38 +0000 ROA not after: Wed 09 Sep 2026 08:59:38 +0000 asID: 154203 IP address blocks: 203.28.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Oct 2025 17:51:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:fb:59:1f:cc:d0:9b:08:6b:9e:7f:1f:ce:01:5e:f6:61:c0:c2:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 10 08:54:38 2025 GMT Not After : Sep 9 08:59:38 2026 GMT Subject: CN=8919892BC2266BF638EEB5CDBD21E91822EA2603 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:0d:b6:eb:1d:55:af:7f:66:ba:a3:8f:0a:fb: b8:c2:66:72:cd:8e:4f:b1:de:1f:75:70:5b:ca:4b: db:e5:eb:9c:b2:93:0a:df:7d:ef:1a:44:91:e3:bc: f7:4e:3a:04:e9:58:f8:df:a8:41:12:f3:67:28:e1: 81:de:fc:8b:5a:65:7a:29:13:d4:67:d7:1d:26:4e: 12:0c:3a:89:0a:15:ec:11:cf:5b:f7:f5:02:30:97: f4:a2:56:35:b1:29:f7:ce:2a:f7:51:c0:bd:7a:d8: 0f:4a:f4:b1:0f:5b:e6:be:70:08:29:df:4a:d1:13: bf:d2:9c:bd:5b:eb:51:50:e9:1d:0b:9b:19:de:da: bc:1a:6c:89:cd:15:f4:14:23:25:b9:20:07:bc:24: 52:84:1a:d7:60:10:7c:97:2c:cf:07:5b:5a:b7:46: 9b:15:13:15:65:04:0a:92:31:1b:bc:ed:ca:a5:c9: 23:fc:37:46:79:f0:6f:e2:37:9a:e9:f9:1e:c6:db: 38:ff:b2:85:ad:31:87:77:da:3d:33:a1:56:8c:e0: 10:6c:16:df:9a:d6:54:ed:86:32:19:eb:ef:80:57: cc:97:34:43:24:88:83:40:89:c2:a2:62:66:54:a2: ab:36:97:83:95:c9:ea:80:b7:34:39:ce:0f:47:bc: d3:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:19:89:2B:C2:26:6B:F6:38:EE:B5:CD:BD:21:E9:18:22:EA:26:03 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS154203.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.28.53.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:b0:d1:e0:2f:a2:59:fd:0b:81:cc:0a:fc:4b:83:05:40:ec: d7:f1:55:f5:b9:13:62:2e:0b:97:d8:67:13:4c:75:28:d2:7c: 74:51:f4:d3:f8:4f:1e:d8:08:34:bb:77:81:1d:b0:03:64:54: 95:69:42:92:4b:f2:7c:89:e0:a3:2b:5c:97:fa:b1:ca:89:fe: bb:4a:97:fe:77:93:34:f6:52:ba:dd:7e:8e:70:a4:3a:e4:71: c2:60:bb:f6:a8:ac:3a:9f:7d:be:0f:f4:18:cc:b9:90:09:5f: 6f:6f:59:2f:5c:a9:bd:3c:70:a4:f5:4d:78:76:2d:74:2b:79: 2d:3c:3c:99:bc:ad:e4:46:22:53:5e:69:b9:0f:c6:55:bc:c8: d2:61:b3:0d:d8:77:a1:83:c5:16:a9:cb:be:a5:6e:b4:77:c8: da:ae:20:83:08:b4:c2:6b:b8:d1:98:a1:c5:1b:48:7a:1f:5b: 13:e3:02:2b:ae:d3:cf:43:83:ad:1d:03:2f:62:4a:35:db:2d: 55:0e:f6:7e:17:7e:a8:8a:7a:d7:ea:bf:2e:6b:9f:9d:e3:36: b3:43:ac:ba:1a:fc:5d:1d:e8:a1:72:e1:8a:33:9b:ba:e6:b6: 13:2f:06:a8:9a:2a:1f:a0:0f:20:a8:67:54:50:8d:49:76:1c: 4d:d6:f6:99 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURftZH8zQmwhrnn8fzgFe9mHAwuowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxMDA4NTQzOFoX DTI2MDkwOTA4NTkzOFowMzExMC8GA1UEAxMoODkxOTg5MkJDMjI2NkJGNjM4RUVC NUNEQkQyMUU5MTgyMkVBMjYwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgNtusdVa9/Zrqjjwr7uMJmcs2OT7HeH3VwW8pL2+XrnLKTCt997xpEkeO8 9046BOlY+N+oQRLzZyjhgd78i1pleikT1GfXHSZOEgw6iQoV7BHPW/f1AjCX9KJW NbEp984q91HAvXrYD0r0sQ9b5r5wCCnfStETv9KcvVvrUVDpHQubGd7avBpsic0V 9BQjJbkgB7wkUoQa12AQfJcszwdbWrdGmxUTFWUECpIxG7ztyqXJI/w3Rnnwb+I3 mun5HsbbOP+yha0xh3faPTOhVozgEGwW35rWVO2GMhnr74BXzJc0QySIg0CJwqJi ZlSiqzaXg5XJ6oC3NDnOD0e80+kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSJGYkr wiZr9jjutc29IekYIuomAzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1NDIwMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAMscNTANBgkqhkiG9w0BAQsFAAOCAQEAP7DR4C+iWf0LgcwK/EuD BUDs1/FV9bkTYi4Ll9hnE0x1KNJ8dFH00/hPHtgINLt3gR2wA2RUlWlCkkvyfIng oytcl/qxyon+u0qX/neTNPZSut1+jnCkOuRxwmC79qisOp99vg/0GMy5kAlfb29Z L1ypvTxwpPVNeHYtdCt5LTw8mbyt5EYiU15puQ/GVbzI0mGzDdh3oYPFFqnLvqVu tHfI2q4ggwi0wmu40ZihxRtIeh9bE+MCK67Tz0ODrR0DL2JKNdstVQ72fhd+qIp6 1+q/LmufneM2s0Osuhr8XR3ooXLhijObuua2Ey8GqJoqH6APIKhnVFCNSXYcTdb2 mQ== -----END CERTIFICATE-----Generated at Sun Oct 19 12:51:22 2025 by rpki-client