$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS134127.roa File: AS134127.roa (raw, json) Hash identifier: U+8LI4prxfWknFr7ADLmyFkEyccQqluH4GdHzTcsJ/k= Subject key identifier: 32:E0:43:56:AB:DC:C9:DA:2C:39:29:8E:10:6B:40:08:81:CC:A9:07 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0EA22CEF8F820384B0CB53AA5010C04416C67EDD Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS134127.roa Signing time: Mon 28 Jul 2025 03:48:33 +0000 ROA not before: Mon 28 Jul 2025 03:43:33 +0000 ROA not after: Mon 27 Jul 2026 03:48:33 +0000 asID: 134127 IP address blocks: 165.99.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 09:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:a2:2c:ef:8f:82:03:84:b0:cb:53:aa:50:10:c0:44:16:c6:7e:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 28 03:43:33 2025 GMT Not After : Jul 27 03:48:33 2026 GMT Subject: CN=32E04356ABDCC9DA2C39298E106B400881CCA907 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:96:b5:e5:4f:7f:c5:46:bc:d1:29:6f:29:d6: 09:0c:4b:8b:ab:c6:c8:d5:e8:d9:22:1a:95:2a:8f: fc:7e:2d:20:92:a9:5a:23:5b:dd:dd:98:0c:2f:96: 58:e3:e0:5d:ca:3d:2a:b4:e9:58:b8:47:81:9c:1f: 53:46:37:0b:54:33:f1:f6:d1:ba:e7:35:0b:9f:4d: bd:13:2f:c5:95:8d:8b:ec:4d:9e:11:64:0c:1b:6d: c2:54:f2:14:be:ea:70:df:bf:fb:13:18:46:c8:39: f7:c4:40:5a:1d:c2:7f:0c:e9:95:f2:16:36:cd:0b: 4e:da:57:7b:e8:31:a3:2f:fc:2a:52:ad:f0:1a:a5: 4b:03:8f:bf:80:ff:02:8d:09:f3:24:cc:31:97:8e: 83:97:f3:3d:0e:c9:b1:3c:39:c9:07:3d:a7:d4:b4: 38:68:91:d1:b0:2c:6e:39:49:24:7a:93:62:7c:cd: 15:86:67:5a:3d:00:dd:21:31:9c:74:1e:c3:ea:80: a6:d7:03:13:ee:ef:b4:2b:b6:db:cf:90:ab:3c:6b: 2e:89:33:f0:f5:e9:a5:f0:fa:9f:fd:f2:a1:83:80: 87:9d:2a:2d:3c:05:ce:7a:05:c6:c4:7b:3e:12:d1: 75:aa:b8:a8:01:3b:77:1a:42:27:67:63:30:92:3a: 5f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:E0:43:56:AB:DC:C9:DA:2C:39:29:8E:10:6B:40:08:81:CC:A9:07 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS134127.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.5.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:0b:3e:4f:cc:2b:4e:0c:69:6a:e4:d7:03:6b:07:4b:56:92: 39:e0:df:2e:90:8c:98:df:9b:64:8b:e4:5c:d1:a9:1f:dc:67: 9a:2f:5d:77:57:6d:7c:49:46:5a:f7:a3:eb:39:b8:42:b4:6a: a8:1c:f1:e1:ed:f9:35:ef:fe:7a:10:c9:f7:0c:7d:10:15:ea: 41:da:68:3e:b5:39:26:f1:89:a7:00:22:90:36:e3:33:92:e6: 2a:96:07:3e:41:19:02:dd:c5:13:05:fb:75:37:41:98:35:94: 58:8a:3b:fe:6d:40:4f:0b:3d:f4:ba:6e:50:f3:c4:90:bc:6c: 85:07:e2:d9:ee:6f:38:c4:90:6b:9f:f1:93:24:80:5e:2f:9c: d6:41:14:70:62:45:25:61:bc:64:0e:f1:76:74:68:cb:94:2e: 17:28:16:fd:db:42:34:25:a2:15:09:63:8d:f1:b8:5c:e0:54: bd:d9:d0:b3:e3:00:cf:6e:47:38:56:b5:61:b5:cd:e6:85:2e: 83:77:02:5b:26:4d:04:7b:df:71:02:b5:62:6d:bf:d4:2b:34: ab:ae:c1:68:7b:c3:5f:a3:30:be:bc:48:fa:1b:bc:f6:0f:e3: b4:7b:5e:fd:4b:37:de:93:5d:0b:ca:3f:71:b6:e1:89:10:c3: 0d:c6:2c:19 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUDqIs74+CA4Swy1OqUBDARBbGft0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcyODAzNDMzM1oX DTI2MDcyNzAzNDgzM1owMzExMC8GA1UEAxMoMzJFMDQzNTZBQkRDQzlEQTJDMzky OThFMTA2QjQwMDg4MUNDQTkwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANeWteVPf8VGvNEpbynWCQxLi6vGyNXo2SIalSqP/H4tIJKpWiNb3d2YDC+W WOPgXco9KrTpWLhHgZwfU0Y3C1Qz8fbRuuc1C59NvRMvxZWNi+xNnhFkDBttwlTy FL7qcN+/+xMYRsg598RAWh3CfwzplfIWNs0LTtpXe+gxoy/8KlKt8BqlSwOPv4D/ Ao0J8yTMMZeOg5fzPQ7JsTw5yQc9p9S0OGiR0bAsbjlJJHqTYnzNFYZnWj0A3SEx nHQew+qAptcDE+7vtCu228+QqzxrLokz8PXppfD6n/3yoYOAh50qLTwFznoFxsR7 PhLRdaq4qAE7dxpCJ2djMJI6X10CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQy4ENW q9zJ2iw5KY4Qa0AIgcypBzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzEzNDEyNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjBTANBgkqhkiG9w0BAQsFAAOCAQEADgs+T8wrTgxpauTXA2sH S1aSOeDfLpCMmN+bZIvkXNGpH9xnmi9dd1dtfElGWvej6zm4QrRqqBzx4e35Ne/+ ehDJ9wx9EBXqQdpoPrU5JvGJpwAikDbjM5LmKpYHPkEZAt3FEwX7dTdBmDWUWIo7 /m1ATws99LpuUPPEkLxshQfi2e5vOMSQa5/xkySAXi+c1kEUcGJFJWG8ZA7xdnRo y5QuFygW/dtCNCWiFQljjfG4XOBUvdnQs+MAz25HOFa1YbXN5oUug3cCWyZNBHvf cQK1Ym2/1Cs0q67BaHvDX6MwvrxI+hu89g/jtHte/Us33pNdC8o/cbbhiRDDDcYs GQ== -----END CERTIFICATE-----Generated at Tue Aug 5 19:59:24 2025 by rpki-client