$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4622.roa File: AS4622.roa (raw, json) Hash identifier: RkVa0W6wbwiaaiZqk/mY2cYbfYy8mZ7ITVuFlIGYweM= Subject key identifier: 45:C6:7F:D7:CA:4D:BA:8B:6B:0A:6F:9F:46:10:12:60:DF:36:9D:6D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 043D7E1CBBD0CC5236E1AC6A769A67C0E3EF456F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4622.roa Signing time: Tue 03 Jun 2025 13:00:00 +0000 ROA not before: Tue 03 Jun 2025 12:55:00 +0000 ROA not after: Tue 02 Jun 2026 13:00:00 +0000 asID: 4622 IP address blocks: 203.119.13.0/24 maxlen: 24 203.119.52.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:3d:7e:1c:bb:d0:cc:52:36:e1:ac:6a:76:9a:67:c0:e3:ef:45:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 12:55:00 2025 GMT Not After : Jun 2 13:00:00 2026 GMT Subject: CN=45C67FD7CA4DBA8B6B0A6F9F46101260DF369D6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ef:da:ab:7e:cd:2e:7d:00:db:03:e1:21:e3: bb:94:8c:9c:43:ac:aa:aa:24:23:f2:f2:e6:71:eb: 31:eb:f8:ca:6f:db:ee:a1:67:dd:31:98:2e:79:5b: aa:0a:26:4c:2d:66:1b:4e:4a:53:51:ad:1f:d8:1a: 69:5a:3b:f9:7d:32:4d:cd:da:b7:85:ad:86:89:37: 24:83:28:ce:76:52:4d:54:36:46:0c:f8:44:1b:10: 49:3c:64:86:d8:3b:42:3b:66:eb:93:a7:a8:22:06: 51:fc:bc:b8:88:46:26:1c:06:23:2a:b3:69:12:0f: af:a1:0b:e4:9f:14:3e:a6:4f:ff:11:53:69:6b:16: be:ad:5b:24:18:06:24:f0:40:ec:6a:09:cd:63:01: 3a:9e:cd:00:47:3e:2b:8c:9b:7a:d7:74:dd:e2:c7: d6:9e:8a:aa:6d:8c:fb:d4:90:e8:ac:6b:d5:ff:e3: e6:e9:7c:b2:87:cb:4d:8a:52:45:bf:53:61:de:56: 69:79:47:02:7e:6a:82:b9:28:cd:dd:ad:01:6e:08: dd:29:48:16:7d:b3:83:4b:d0:09:21:9a:43:f9:71: 51:2a:7a:fa:b9:79:97:05:f8:68:51:bf:be:72:87: 91:60:62:4b:d9:d5:18:e3:e5:c7:e4:c9:56:51:3b: 05:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:C6:7F:D7:CA:4D:BA:8B:6B:0A:6F:9F:46:10:12:60:DF:36:9D:6D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS4622.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.119.13.0/24 203.119.52.0/22 Signature Algorithm: sha256WithRSAEncryption 51:00:82:c8:6b:3b:f1:b3:7e:17:0d:d4:7e:ca:8f:52:69:fa: 86:1c:7e:ab:98:c6:c4:b0:4a:1e:5d:66:8e:51:94:0c:03:f7: 7d:9f:ab:5d:a7:84:07:21:07:68:80:86:29:05:84:43:d8:01: 0b:ad:72:82:53:bf:dd:29:f6:2e:1a:99:3b:02:dd:81:05:64: 1c:44:12:84:26:b8:05:aa:58:48:c0:f7:ea:46:d8:de:d8:c7: 1d:f0:80:11:eb:8d:1f:6b:7b:8d:2e:6f:e6:61:94:c6:35:8f: 94:05:c3:ab:b1:fd:fa:d0:d9:77:11:fa:75:50:a5:10:64:35: c6:5a:27:78:4a:c3:52:14:22:f7:ec:3d:de:8c:5c:ef:c6:a5: e2:6d:b4:61:e3:fc:6c:4b:c0:bd:b0:55:9b:83:59:65:0b:8b: 5b:67:8c:72:75:11:bf:b6:d2:ba:8e:fe:a0:98:4f:16:0f:fb: aa:c2:b8:c6:7f:7d:19:ba:5c:60:4d:b9:96:b7:a4:93:22:7c: 45:c5:34:a5:39:e3:41:62:ec:30:88:b3:98:d6:70:bf:95:ff: 2f:43:68:42:85:8b:48:31:a0:99:b2:b2:0e:e1:98:be:d0:48: d0:b3:f1:a9:34:25:7e:88:8b:bb:69:1e:43:1d:4a:3c:a0:ef: 44:c6:eb:2f -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIUBD1+HLvQzFI24axqdppnwOPvRW8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzEyNTUwMFoX DTI2MDYwMjEzMDAwMFowMzExMC8GA1UEAxMoNDVDNjdGRDdDQTREQkE4QjZCMEE2 RjlGNDYxMDEyNjBERjM2OUQ2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMrv2qt+zS59ANsD4SHju5SMnEOsqqokI/Ly5nHrMev4ym/b7qFn3TGYLnlb qgomTC1mG05KU1GtH9gaaVo7+X0yTc3at4Wthok3JIMoznZSTVQ2Rgz4RBsQSTxk htg7Qjtm65OnqCIGUfy8uIhGJhwGIyqzaRIPr6EL5J8UPqZP/xFTaWsWvq1bJBgG JPBA7GoJzWMBOp7NAEc+K4ybetd03eLH1p6Kqm2M+9SQ6Kxr1f/j5ul8sofLTYpS Rb9TYd5WaXlHAn5qgrkozd2tAW4I3SlIFn2zg0vQCSGaQ/lxUSp6+rl5lwX4aFG/ vnKHkWBiS9nVGOPlx+TJVlE7Bb8CAwEAAaOCAdQwggHQMB0GA1UdDgQWBBRFxn/X yk26i2sKb59GEBJg3zadbTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzQ2MjIucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIE AgABMAwDBADLdw0DBALLdzQwDQYJKoZIhvcNAQELBQADggEBAFEAgshrO/GzfhcN 1H7Kj1Jp+oYcfquYxsSwSh5dZo5RlAwD932fq12nhAchB2iAhikFhEPYAQutcoJT v90p9i4amTsC3YEFZBxEEoQmuAWqWEjA9+pG2N7Yxx3wgBHrjR9re40ub+ZhlMY1 j5QFw6ux/frQ2XcR+nVQpRBkNcZaJ3hKw1IUIvfsPd6MXO/GpeJttGHj/GxLwL2w VZuDWWULi1tnjHJ1Eb+20rqO/qCYTxYP+6rCuMZ/fRm6XGBNuZa3pJMifEXFNKU5 40Fi7DCIs5jWcL+V/y9DaEKFi0gxoJmysg7hmL7QSNCz8ak0JX6Ii7tpHkMdSjyg 70TG6y8= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:20 2025 by rpki-client