$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa File: AS45325.roa (raw, json) Hash identifier: 4XcCvPjxmYb9vPat69iR1+AqmcoaB6O8dPzcG8ugik8= Subject key identifier: B7:33:13:D7:16:A5:67:D0:55:E8:29:D9:E0:A0:36:7C:3D:B9:E8:80 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 073469707494D0F2BBCF45143443D27DF4CAE64A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa Signing time: Wed 07 May 2025 07:00:00 +0000 ROA not before: Wed 07 May 2025 06:55:00 +0000 ROA not after: Wed 06 May 2026 07:00:00 +0000 asID: 45325 IP address blocks: 103.3.68.0/23 maxlen: 24 103.151.140.0/24 maxlen: 24 103.151.141.0/24 maxlen: 24 2001:df7:880::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:34:69:70:74:94:d0:f2:bb:cf:45:14:34:43:d2:7d:f4:ca:e6:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 7 06:55:00 2025 GMT Not After : May 6 07:00:00 2026 GMT Subject: CN=B73313D716A567D055E829D9E0A0367C3DB9E880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:88:72:f3:b2:66:c2:97:3f:5f:c6:e7:02:20: 15:84:0d:13:5a:67:7e:0a:51:4d:a9:39:d4:15:7d: 1a:2d:be:d6:41:17:a2:ec:9f:85:ea:bb:0e:f5:b9: 8d:cf:80:c2:82:0a:eb:6d:bf:04:29:e1:45:16:01: c0:49:58:58:77:0f:ad:8a:b8:89:6e:4c:89:7b:41: 93:88:9b:6f:48:2f:8a:ac:ed:93:69:37:a8:56:30: 9b:35:12:b9:4c:d3:26:18:83:a1:85:e6:4e:3a:43: a2:2b:da:30:bd:63:e5:10:db:96:f2:d0:9f:f1:59: b8:7d:a9:43:e1:6f:7c:64:53:97:4b:94:66:08:6e: 59:e6:da:b5:ac:e0:5e:b8:a2:01:48:3c:74:b2:84: 11:3c:bd:4b:ca:f9:61:ba:c6:55:54:d4:dc:73:79: 70:81:1b:15:56:d1:20:1f:0f:56:e5:5e:c1:2f:51: 82:fe:db:8c:1a:27:27:35:55:ba:ba:2f:71:35:53: d5:d4:3f:f7:b1:4b:4f:82:a9:90:93:b1:da:e3:e7: d4:71:31:31:65:5b:a6:e1:cb:5d:32:66:a2:bd:b5: 61:34:98:e8:58:99:e0:37:ed:e0:3d:bf:7c:95:ba: 80:d8:d5:8f:0b:70:ef:eb:7e:9d:f4:ff:b2:cd:d0: 9f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:33:13:D7:16:A5:67:D0:55:E8:29:D9:E0:A0:36:7C:3D:B9:E8:80 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS45325.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.3.68.0/23 103.151.140.0/23 IPv6: 2001:df7:880::/48 Signature Algorithm: sha256WithRSAEncryption 2b:7a:56:c8:a8:52:b8:db:fe:84:17:37:82:2c:63:fd:4a:e8: 34:04:5c:f7:6b:a3:a1:6b:5c:0f:51:a7:51:49:88:57:c3:0e: ef:23:48:b1:28:57:96:3e:ea:f5:d3:47:8a:a2:c9:8b:2a:ad: c7:74:ba:60:f6:88:17:f8:cd:d2:49:23:5a:b4:eb:89:bc:70: 06:86:c3:35:d4:fd:24:19:2a:b1:e5:11:bd:57:53:f6:69:85: c0:30:9e:e4:40:12:23:c8:0a:fe:54:f7:a6:46:66:72:6f:cd: e1:c9:77:81:41:5e:68:29:3e:00:71:4a:90:93:52:71:12:18: 09:fc:3c:eb:b7:ac:d1:12:6f:f4:c5:17:cb:0e:c3:45:6c:99: d1:69:e2:81:38:a5:0a:87:7a:2b:c3:aa:dd:5a:6c:87:cc:41: a3:4e:45:2e:c6:d4:10:a1:5e:13:80:4e:2e:98:91:99:9d:b4: 7e:88:ad:57:ae:82:42:41:f2:5e:3d:d2:1f:2a:a9:19:dc:4d: 20:4d:60:67:30:51:99:43:54:93:88:37:bc:05:ba:a4:17:99: 83:62:ef:aa:d6:fe:b0:44:68:05:cb:70:d4:51:39:a9:2a:cd: fd:c0:09:63:b7:19:72:90:72:e7:e0:69:53:92:2c:e2:98:ed: 10:34:2b:12 -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUBzRpcHSU0PK7z0UUNEPSffTK5kowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwNzA2NTUwMFoX DTI2MDUwNjA3MDAwMFowMzExMC8GA1UEAxMoQjczMzEzRDcxNkE1NjdEMDU1RTgy OUQ5RTBBMDM2N0MzREI5RTg4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMyIcvOyZsKXP1/G5wIgFYQNE1pnfgpRTak51BV9Gi2+1kEXouyfheq7DvW5 jc+AwoIK622/BCnhRRYBwElYWHcPrYq4iW5MiXtBk4ibb0gviqztk2k3qFYwmzUS uUzTJhiDoYXmTjpDoivaML1j5RDblvLQn/FZuH2pQ+FvfGRTl0uUZghuWebatazg XriiAUg8dLKEETy9S8r5YbrGVVTU3HN5cIEbFVbRIB8PVuVewS9Rgv7bjBonJzVV urovcTVT1dQ/97FLT4KpkJOx2uPn1HExMWVbpuHLXTJmor21YTSY6FiZ4Dft4D2/ fJW6gNjVjwtw7+t+nfT/ss3Qn9ECAwEAAaOCAeYwggHiMB0GA1UdDgQWBBS3MxPX FqVn0FXoKdngoDZ8PbnogDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ1MzI1LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAS BAIAATAMAwQBZwNEAwQBZ5eMMA8EAgACMAkDBwAgAQ33CIAwDQYJKoZIhvcNAQEL BQADggEBACt6VsioUrjb/oQXN4IsY/1K6DQEXPdro6FrXA9Rp1FJiFfDDu8jSLEo V5Y+6vXTR4qiyYsqrcd0umD2iBf4zdJJI1q064m8cAaGwzXU/SQZKrHlEb1XU/Zp hcAwnuRAEiPICv5U96ZGZnJvzeHJd4FBXmgpPgBxSpCTUnESGAn8POu3rNESb/TF F8sOw0VsmdFp4oE4pQqHeivDqt1abIfMQaNORS7G1BChXhOATi6YkZmdtH6IrVeu gkJB8l490h8qqRncTSBNYGcwUZlDVJOIN7wFuqQXmYNi76rW/rBEaAXLcNRROakq zf3ACWO3GXKQcufgaVOSLOKY7RA0KxI= -----END CERTIFICATE-----Generated at Tue Jun 3 23:12:22 2025 by rpki-client