$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142350.roa File: AS142350.roa (raw, json) Hash identifier: IVB0y2Ki26n3XjUjbT1IvMkZXdrHK5RaFIFSsb+c0lI= Subject key identifier: 27:25:CF:8F:B1:ED:53:1E:8C:DF:DD:43:A0:47:33:47:19:DB:0C:6A Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 52148724520DE87F15FCF53125408E572A59AC1F Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142350.roa Signing time: Sat 13 Sep 2025 04:43:31 +0000 ROA not before: Sat 13 Sep 2025 04:38:31 +0000 ROA not after: Sat 12 Sep 2026 04:43:31 +0000 asID: 142350 IP address blocks: 157.66.226.0/23 maxlen: 24 157.66.226.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:14:87:24:52:0d:e8:7f:15:fc:f5:31:25:40:8e:57:2a:59:ac:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 13 04:38:31 2025 GMT Not After : Sep 12 04:43:31 2026 GMT Subject: CN=2725CF8FB1ED531E8CDFDD43A047334719DB0C6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:86:7c:11:08:d8:30:92:63:fe:cb:e2:3f:42: 9f:9c:5e:c9:90:66:45:f5:a8:1a:f5:1b:39:68:88: 29:ff:0d:21:0d:fa:69:44:0c:fa:f9:60:64:ff:6f: 98:62:3b:63:cc:04:cb:2b:aa:74:34:64:8f:b0:17: 28:d7:e4:ef:2f:2c:52:8c:ef:ec:91:97:19:3b:2e: 9e:cb:f8:d5:50:00:cd:d5:b5:ae:10:79:57:ef:8c: 9f:48:74:73:40:d5:42:c8:45:2a:80:3c:5a:96:64: 7c:41:d5:84:b9:8e:d4:99:5f:ec:09:70:f1:3f:c1: 15:32:55:33:02:37:d4:10:c4:ff:95:94:80:10:fe: bb:d8:85:e2:f0:d1:70:a8:7e:3f:c4:6e:10:35:2d: c9:9a:a6:2c:ac:0e:9a:ea:2a:f8:f0:ab:91:44:ae: 62:14:8b:b5:e8:4a:86:89:3e:8e:7e:9b:f3:ea:ac: 58:81:a7:ed:8b:94:5b:70:93:82:a8:b3:bd:a2:8c: 72:dc:63:95:ab:a2:5f:e1:af:79:87:e6:b4:d7:4d: bb:e2:93:9a:8b:2c:70:7b:61:03:76:5c:24:4f:bb: 1b:0b:ea:f5:19:f1:03:ed:c5:eb:1f:84:65:32:d8: af:7f:0c:99:d5:2d:30:dd:c0:8f:e7:6d:0d:63:9d: 65:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:25:CF:8F:B1:ED:53:1E:8C:DF:DD:43:A0:47:33:47:19:DB:0C:6A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142350.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.226.0/23 Signature Algorithm: sha256WithRSAEncryption 18:1e:3a:69:e2:fc:55:ed:d0:eb:b5:16:b8:70:bf:06:23:ef: f4:2f:ef:20:e9:b6:1b:62:a7:ec:78:2e:e2:f2:f9:03:dd:57: e6:12:22:c7:98:41:bd:bf:2b:eb:05:ce:e4:aa:55:ad:f6:78: 0f:05:81:17:ec:0a:39:76:0e:e3:43:24:51:b3:d1:8f:34:ce: 75:de:2f:01:ca:c2:c8:e2:7b:c7:a6:a6:c1:24:47:8f:d4:39: 17:2f:b8:bb:3d:a0:ff:b3:cc:0c:36:51:39:c4:2d:f0:f1:75: 22:09:01:49:b1:39:84:e7:d1:d0:98:a3:5c:47:3b:9c:31:18: 87:e0:c5:8b:fa:6d:1a:c5:78:f6:c0:9c:cb:21:c6:53:0a:ed: f1:3e:18:e1:32:59:61:f5:1b:f2:53:d3:4d:6f:f0:d6:de:c5: f2:72:37:dd:8f:90:42:0c:f8:52:9c:f3:71:8f:8d:5f:84:54: e0:f7:53:78:d7:05:7f:63:3c:60:e8:d6:21:88:16:37:c3:f3: de:80:40:4b:ad:a8:c0:13:f6:73:16:ad:4c:71:99:b3:1a:0b: 32:84:b9:11:4a:10:cb:ca:36:49:fc:20:f8:bc:4f:5f:04:bd: 1f:40:73:b9:91:57:e7:b1:9c:46:1b:52:ff:46:05:95:92:71: 6d:05:d6:21 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUUhSHJFIN6H8V/PUxJUCOVypZrB8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkxMzA0MzgzMVoX DTI2MDkxMjA0NDMzMVowMzExMC8GA1UEAxMoMjcyNUNGOEZCMUVENTMxRThDREZE RDQzQTA0NzMzNDcxOURCMEM2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+GfBEI2DCSY/7L4j9Cn5xeyZBmRfWoGvUbOWiIKf8NIQ36aUQM+vlgZP9v mGI7Y8wEyyuqdDRkj7AXKNfk7y8sUozv7JGXGTsunsv41VAAzdW1rhB5V++Mn0h0 c0DVQshFKoA8WpZkfEHVhLmO1Jlf7Alw8T/BFTJVMwI31BDE/5WUgBD+u9iF4vDR cKh+P8RuEDUtyZqmLKwOmuoq+PCrkUSuYhSLtehKhok+jn6b8+qsWIGn7YuUW3CT gqizvaKMctxjlauiX+GveYfmtNdNu+KTmosscHthA3ZcJE+7Gwvq9RnxA+3F6x+E ZTLYr38MmdUtMN3Aj+dtDWOdZX8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQnJc+P se1THozf3UOgRzNHGdsMajAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0MjM1MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ1C4jANBgkqhkiG9w0BAQsFAAOCAQEAGB46aeL8Ve3Q67UWuHC/ BiPv9C/vIOm2G2Kn7Hgu4vL5A91X5hIix5hBvb8r6wXO5KpVrfZ4DwWBF+wKOXYO 40MkUbPRjzTOdd4vAcrCyOJ7x6amwSRHj9Q5Fy+4uz2g/7PMDDZROcQt8PF1IgkB SbE5hOfR0JijXEc7nDEYh+DFi/ptGsV49sCcyyHGUwrt8T4Y4TJZYfUb8lPTTW/w 1t7F8nI33Y+QQgz4UpzzcY+NX4RU4PdTeNcFf2M8YOjWIYgWN8Pz3oBAS62owBP2 cxatTHGZsxoLMoS5EUoQy8o2Sfwg+LxPXwS9H0BzuZFX57GcRhtS/0YFlZJxbQXW IQ== -----END CERTIFICATE-----Generated at Wed Nov 5 00:35:54 2025 by rpki-client