$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147173.roa File: AS147173.roa (raw, json) Hash identifier: wiOisYwJvO/tJGm4ghXxW8W3VwYPjw+425AyLLHngIU= Subject key identifier: 8C:4F:8A:7F:22:04:56:9D:16:B1:8D:E0:A4:D2:77:C3:5F:5F:88:A1 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 631D110AF6CD6D0A0E699D6377AF9D1EE3E03880 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147173.roa Signing time: Tue 04 Nov 2025 10:04:19 +0000 ROA not before: Tue 04 Nov 2025 09:59:19 +0000 ROA not after: Tue 03 Nov 2026 10:04:19 +0000 asID: 147173 IP address blocks: 138.252.44.0/23 maxlen: 24 138.252.44.0/24 maxlen: 24 138.252.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:1d:11:0a:f6:cd:6d:0a:0e:69:9d:63:77:af:9d:1e:e3:e0:38:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 4 09:59:19 2025 GMT Not After : Nov 3 10:04:19 2026 GMT Subject: CN=8C4F8A7F2204569D16B18DE0A4D277C35F5F88A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:7c:90:f2:b9:28:ed:8b:bf:1c:8e:b1:13:74: ee:71:05:80:5f:11:4c:4c:c8:ff:c9:35:20:c0:a9: 82:98:e3:27:be:2c:4a:a4:8f:5c:21:60:4a:c6:72: 8c:4b:a0:d8:64:13:16:05:aa:9a:aa:53:38:63:a9: 2f:7d:4e:d1:2d:b2:ca:33:97:b6:19:51:a4:b3:77: a9:59:0b:e8:88:a7:e4:09:1d:15:81:02:a7:3b:18: 59:a3:6c:92:ba:23:66:55:cd:7e:19:f2:13:fd:44: 48:2d:c5:1a:e9:c4:33:3c:47:29:bf:9a:e8:93:f4: 6b:77:62:11:ed:61:dc:75:60:bc:76:94:b4:4a:7a: 55:59:67:f0:b2:13:c5:61:5c:08:7e:e7:31:fa:6a: 60:38:26:4b:17:ae:ad:8c:fc:c1:28:82:c1:1e:2f: ec:c8:86:29:e3:b7:9e:12:c5:b3:a2:da:93:01:6a: 83:48:bd:3d:79:97:fd:89:23:06:ee:cc:4a:9f:a7: 22:6a:ff:ba:f0:84:c3:15:bf:ac:a0:9c:96:b4:8e: b7:ef:38:38:ec:df:bd:9e:f1:59:20:9f:bc:eb:f4: f8:b1:7b:3b:b9:5d:fd:38:ea:95:3e:59:95:03:ea: 8f:0c:f9:ba:14:81:40:be:ad:4e:ac:cc:3b:3d:c2: 3f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:4F:8A:7F:22:04:56:9D:16:B1:8D:E0:A4:D2:77:C3:5F:5F:88:A1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS147173.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.44.0/23 Signature Algorithm: sha256WithRSAEncryption 68:e2:9c:73:3c:95:29:ae:54:e5:0f:0f:39:0b:2a:31:07:bf: 5e:b2:2b:a8:51:01:3b:23:84:ec:a4:3a:37:6e:77:e1:b7:05: 09:e8:52:b0:35:e7:a8:85:19:73:89:58:c2:8a:fb:46:8c:25: e7:c6:39:8a:e0:d2:45:7b:7f:4e:3a:99:1a:97:c6:9d:df:20: 99:e5:fd:28:96:57:43:2e:96:ee:44:bc:2b:84:b4:ef:b7:aa: 1e:6b:97:23:ea:68:5c:44:e5:3f:ec:9b:0d:db:88:d8:11:fa: de:ab:42:7f:4b:f9:d1:ab:37:a0:ae:80:bb:4c:fe:7a:58:ad: 5e:89:74:44:fc:db:86:3c:8b:1f:ea:fa:0c:3a:e0:31:f7:ec: 1b:c4:6d:fd:c6:5f:5b:66:a1:54:74:80:26:a1:b5:ab:6c:70: 6c:e5:ab:18:42:26:30:2e:d0:40:fc:78:11:62:83:4f:ca:d1: 28:78:1b:ed:dc:e5:48:0b:9a:c0:1e:33:18:5d:a4:b1:5f:f5: c3:37:70:c2:12:94:86:6e:56:bc:5f:94:64:58:33:e8:c2:63: 77:f4:98:3a:64:d1:1c:8d:57:6c:f6:91:9b:06:e9:28:e9:01: 1a:9d:ca:4c:70:3b:94:0f:a1:8a:a4:c2:d6:b9:a7:d8:f4:6e: e9:fc:55:cb -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUYx0RCvbNbQoOaZ1jd6+dHuPgOIAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTEwNDA5NTkxOVoX DTI2MTEwMzEwMDQxOVowMzExMC8GA1UEAxMoOEM0RjhBN0YyMjA0NTY5RDE2QjE4 REUwQTREMjc3QzM1RjVGODhBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOx8kPK5KO2LvxyOsRN07nEFgF8RTEzI/8k1IMCpgpjjJ74sSqSPXCFgSsZy jEug2GQTFgWqmqpTOGOpL31O0S2yyjOXthlRpLN3qVkL6Iin5AkdFYECpzsYWaNs krojZlXNfhnyE/1ESC3FGunEMzxHKb+a6JP0a3diEe1h3HVgvHaUtEp6VVln8LIT xWFcCH7nMfpqYDgmSxeurYz8wSiCwR4v7MiGKeO3nhLFs6LakwFqg0i9PXmX/Ykj Bu7MSp+nImr/uvCEwxW/rKCclrSOt+84OOzfvZ7xWSCfvOv0+LF7O7ld/TjqlT5Z lQPqjwz5uhSBQL6tTqzMOz3CP08CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSMT4p/ IgRWnRaxjeCk0nfDX1+IoTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0NzE3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAYr8LDANBgkqhkiG9w0BAQsFAAOCAQEAaOKcczyVKa5U5Q8POQsq MQe/XrIrqFEBOyOE7KQ6N2534bcFCehSsDXnqIUZc4lYwor7Rowl58Y5iuDSRXt/ TjqZGpfGnd8gmeX9KJZXQy6W7kS8K4S077eqHmuXI+poXETlP+ybDduI2BH63qtC f0v50as3oK6Au0z+elitXol0RPzbhjyLH+r6DDrgMffsG8Rt/cZfW2ahVHSAJqG1 q2xwbOWrGEImMC7QQPx4EWKDT8rRKHgb7dzlSAuawB4zGF2ksV/1wzdwwhKUhm5W vF+UZFgz6MJjd/SYOmTRHI1XbPaRmwbpKOkBGp3KTHA7lA+hiqTC1rmn2PRu6fxV yw== -----END CERTIFICATE-----Generated at Wed Nov 5 00:35:17 2025 by rpki-client