$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS151000.roa File: AS151000.roa (raw, json) Hash identifier: W9YFuzGN6LSGanH84Rf8MGDTEzT7T7a8N6IQlHdGya8= Subject key identifier: B1:E3:29:A8:2A:69:25:88:EE:17:0F:C2:D8:B7:85:0D:48:E6:F9:5D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 458C20DDB578378B8FFCB8CC529F597CF2172735 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS151000.roa Signing time: Thu 06 Feb 2025 10:44:46 +0000 ROA not before: Thu 06 Feb 2025 10:39:46 +0000 ROA not after: Thu 05 Feb 2026 10:44:46 +0000 asID: 151000 IP address blocks: 157.20.254.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:8c:20:dd:b5:78:37:8b:8f:fc:b8:cc:52:9f:59:7c:f2:17:27:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:46 2025 GMT Not After : Feb 5 10:44:46 2026 GMT Subject: CN=B1E329A82A692588EE170FC2D8B7850D48E6F95D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:aa:d7:f7:57:0f:db:68:ce:00:54:81:fc:0c: 35:d7:2b:00:ef:3f:38:bc:ea:dd:29:e5:d2:2e:b1: f9:c6:ab:7b:60:11:64:e5:87:95:17:ab:42:05:18: 95:f4:d8:bb:fb:40:5d:98:48:8e:b4:87:18:8d:28: ef:7a:50:b9:c4:a8:a3:28:de:c5:7f:68:f1:e7:dd: 99:07:b4:f5:eb:57:0c:dd:84:59:1d:43:b9:b0:d8: f9:b3:ab:f5:eb:ab:59:98:3b:c3:d3:17:fe:f9:04: 00:2c:ae:7b:06:3f:0c:fa:42:76:b6:a7:09:e5:c5: 98:9d:cf:36:db:cd:4d:c9:78:da:c6:4c:68:9b:9c: 7d:e8:27:53:e0:c1:21:2f:59:04:a2:4a:2a:ad:58: 39:d4:1a:35:40:a5:38:f4:3e:3d:42:a0:cb:2d:da: 06:fa:9f:28:e2:d1:66:dd:d6:a2:39:1a:4c:ae:ae: aa:09:82:ac:01:1c:9a:c1:15:68:75:7e:12:e5:f7: dd:ae:a9:03:eb:b7:34:0b:fd:24:b1:78:96:f9:bc: b7:28:a1:1d:63:66:ef:a3:45:9a:2b:31:0b:fc:d1: 12:ac:d5:e2:e4:c2:31:0a:fc:8e:56:37:7b:a5:da: 55:ff:07:e5:37:c3:42:22:72:4c:57:87:a8:45:d9: aa:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:E3:29:A8:2A:69:25:88:EE:17:0F:C2:D8:B7:85:0D:48:E6:F9:5D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS151000.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.254.0/23 Signature Algorithm: sha256WithRSAEncryption 84:3e:02:11:56:55:f7:f4:32:ad:d1:1a:21:06:34:db:ed:e6: 69:cc:61:cf:97:7c:8b:1b:00:80:f3:2b:fe:1d:9b:d7:f8:b4: 2c:71:06:d5:8d:97:99:17:18:e2:2a:2d:e9:f1:c9:fe:d6:75: 2c:1e:db:2c:4e:dc:5a:75:cc:d1:d5:e9:09:1a:a4:5a:f7:9c: 83:89:4e:a2:2a:a3:f8:b6:b2:1d:0d:c5:ba:3b:37:cb:ab:1c: e1:52:37:06:ec:03:52:51:b8:e6:05:99:65:16:16:d1:35:d0: 50:98:e1:13:c7:3e:f4:c0:33:08:98:ed:7c:9c:48:52:3d:d3: 56:48:3f:d3:1a:25:c2:e1:1a:3b:3b:64:67:fe:41:74:40:cc: 3b:f4:b5:92:12:c5:6f:5e:58:c6:5c:ea:9c:dd:b4:43:68:58: 0c:87:26:b5:28:0d:96:23:f8:fc:8a:d2:48:11:a1:6a:77:3c: 09:9c:57:9b:a2:7d:2b:70:5d:ff:43:31:0f:0f:22:cb:c8:0d: 88:0f:99:fd:5b:77:6f:f1:af:85:03:fe:88:99:c7:f7:42:c5: 07:46:37:18:a7:8e:ec:55:aa:47:ba:1f:93:9c:2f:72:08:52: f2:43:08:6d:9f:a0:18:ae:fd:8b:5a:b2:05:55:0b:40:d7:d9: d4:66:15:14 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIURYwg3bV4N4uP/LjMUp9ZfPIXJzUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0NloX DTI2MDIwNTEwNDQ0NlowMzExMC8GA1UEAxMoQjFFMzI5QTgyQTY5MjU4OEVFMTcw RkMyRDhCNzg1MEQ0OEU2Rjk1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMGq1/dXD9tozgBUgfwMNdcrAO8/OLzq3Snl0i6x+care2ARZOWHlRerQgUY lfTYu/tAXZhIjrSHGI0o73pQucSooyjexX9o8efdmQe09etXDN2EWR1DubDY+bOr 9eurWZg7w9MX/vkEACyuewY/DPpCdranCeXFmJ3PNtvNTcl42sZMaJucfegnU+DB IS9ZBKJKKq1YOdQaNUClOPQ+PUKgyy3aBvqfKOLRZt3WojkaTK6uqgmCrAEcmsEV aHV+EuX33a6pA+u3NAv9JLF4lvm8tyihHWNm76NFmisxC/zREqzV4uTCMQr8jlY3 e6XaVf8H5TfDQiJyTFeHqEXZqgECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSx4ymo KmkliO4XD8LYt4UNSOb5XTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MTAwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0U/jANBgkqhkiG9w0BAQsFAAOCAQEAhD4CEVZV9/QyrdEaIQY0 2+3macxhz5d8ixsAgPMr/h2b1/i0LHEG1Y2XmRcY4iot6fHJ/tZ1LB7bLE7cWnXM 0dXpCRqkWvecg4lOoiqj+LayHQ3Fujs3y6sc4VI3BuwDUlG45gWZZRYW0TXQUJjh E8c+9MAzCJjtfJxIUj3TVkg/0xolwuEaOztkZ/5BdEDMO/S1khLFb15YxlzqnN20 Q2hYDIcmtSgNliP4/IrSSBGhanc8CZxXm6J9K3Bd/0MxDw8iy8gNiA+Z/Vt3b/Gv hQP+iJnH90LFB0Y3GKeO7FWqR7ofk5wvcghS8kMIbZ+gGK79i1qyBVULQNfZ1GYV FA== -----END CERTIFICATE-----Generated at Wed Nov 5 02:06:16 2025 by rpki-client