$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152003.roa File: AS152003.roa (raw, json) Hash identifier: Gzoi6ugbP0nam8bCzjpJRB7/BG3opGH01pLEbbHevL0= Subject key identifier: 9D:FD:4E:D1:8F:D3:09:77:91:71:D8:BF:C7:46:81:53:45:96:3D:AF Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1DB86706DA615891B7EFB770BCFAE9C067B5368A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152003.roa Signing time: Thu 04 Sep 2025 02:04:57 +0000 ROA not before: Thu 04 Sep 2025 01:59:57 +0000 ROA not after: Thu 03 Sep 2026 02:04:57 +0000 asID: 152003 IP address blocks: 160.191.173.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 22:31:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:b8:67:06:da:61:58:91:b7:ef:b7:70:bc:fa:e9:c0:67:b5:36:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 4 01:59:57 2025 GMT Not After : Sep 3 02:04:57 2026 GMT Subject: CN=9DFD4ED18FD309779171D8BFC746815345963DAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d5:33:23:d1:8d:16:e4:02:24:44:e0:ed:de: 67:54:fe:ce:05:68:de:79:90:86:ad:cc:a2:af:60: 9d:fe:b9:53:f8:ea:f1:16:ad:4e:be:b9:1c:9a:c4: 82:8d:6a:ed:6a:7b:de:6d:07:dc:8a:47:70:c6:ea: 3f:30:dd:d7:8b:4d:c9:e5:c8:eb:e1:29:17:27:42: 46:7a:f2:c6:d0:86:36:d2:7d:94:ef:e6:69:f9:92: fe:c4:bd:c3:73:ea:8a:7c:4a:9e:1f:b0:44:e6:c6: e7:64:97:d1:68:f0:b6:91:79:d2:6c:65:3f:ae:39: 8b:73:81:2f:41:55:cf:4f:18:47:18:a1:25:cf:b8: f5:c9:33:96:f4:76:50:db:23:b0:f0:b6:10:da:7f: 63:b2:09:d4:68:c5:dc:e6:89:f3:c3:48:eb:3e:e5: 9a:c4:7f:74:a0:1b:c9:5d:10:6a:23:0d:bb:f2:73: 2b:c5:32:59:87:07:a8:f1:30:85:b6:0f:5b:51:6b: fd:35:ee:5a:38:60:06:92:f1:1c:2b:10:0e:13:20: 6a:e5:33:fe:e5:3d:aa:85:42:2d:14:61:36:a6:2b: fa:9a:7c:bf:7a:f8:78:16:7d:ed:8a:9a:89:3e:30: fe:84:8a:d8:20:2d:a3:fd:77:b3:48:86:6b:ec:22: 52:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:FD:4E:D1:8F:D3:09:77:91:71:D8:BF:C7:46:81:53:45:96:3D:AF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152003.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.191.173.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:de:d8:36:b5:02:b7:58:56:f6:03:c0:80:c7:04:78:70:05: 4c:49:fb:8d:e4:b8:30:55:fe:73:c5:3a:fe:bb:15:19:13:d0: b8:15:c0:f8:99:6f:2f:33:d3:ae:0c:5a:38:92:07:20:68:64: 4d:9b:bd:54:19:63:e5:69:fd:82:59:74:b8:79:1e:25:fc:c4: d5:2e:fb:ed:a3:a8:e3:49:2f:77:5c:54:08:17:6d:78:89:f8: 48:22:3d:70:c1:aa:b4:71:bd:1c:f6:9c:4a:df:17:23:a6:4e: bc:73:b0:0d:2f:02:c6:38:75:4c:e6:ea:f4:6d:2f:32:c1:33: 6b:7d:ab:26:2e:5d:4a:95:de:b0:bd:20:da:0e:03:14:c8:64: b5:a6:15:04:dd:fe:33:89:e0:49:52:a4:7d:a5:6e:c7:f9:43: 9a:d9:68:da:94:6a:4d:60:34:e3:10:99:31:7a:61:80:71:d9: e8:ce:93:68:05:63:6d:e5:63:b5:e8:53:87:4b:e0:80:e1:27: af:f9:0e:50:03:41:9d:b6:1c:25:ca:f6:41:7c:fb:93:0b:84: 2b:71:65:b7:34:95:b8:be:3b:97:36:46:62:b4:c8:88:ea:85: 08:28:c9:6d:71:94:85:ec:f0:21:ac:48:ea:4e:85:24:96:99: 46:93:a6:db -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHbhnBtphWJG377dwvPrpwGe1NoowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkwNDAxNTk1N1oX DTI2MDkwMzAyMDQ1N1owMzExMC8GA1UEAxMoOURGRDRFRDE4RkQzMDk3NzkxNzFE OEJGQzc0NjgxNTM0NTk2M0RBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHVMyPRjRbkAiRE4O3eZ1T+zgVo3nmQhq3Moq9gnf65U/jq8RatTr65HJrE go1q7Wp73m0H3IpHcMbqPzDd14tNyeXI6+EpFydCRnryxtCGNtJ9lO/mafmS/sS9 w3PqinxKnh+wRObG52SX0WjwtpF50mxlP645i3OBL0FVz08YRxihJc+49ckzlvR2 UNsjsPC2ENp/Y7IJ1GjF3OaJ88NI6z7lmsR/dKAbyV0QaiMNu/JzK8UyWYcHqPEw hbYPW1Fr/TXuWjhgBpLxHCsQDhMgauUz/uU9qoVCLRRhNqYr+pp8v3r4eBZ97Yqa iT4w/oSK2CAto/13s0iGa+wiUi8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSd/U7R j9MJd5Fx2L/HRoFTRZY9rzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjAwMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKC/rTANBgkqhkiG9w0BAQsFAAOCAQEAjt7YNrUCt1hW9gPAgMcE eHAFTEn7jeS4MFX+c8U6/rsVGRPQuBXA+JlvLzPTrgxaOJIHIGhkTZu9VBlj5Wn9 gll0uHkeJfzE1S777aOo40kvd1xUCBdteIn4SCI9cMGqtHG9HPacSt8XI6ZOvHOw DS8Cxjh1TObq9G0vMsEza32rJi5dSpXesL0g2g4DFMhktaYVBN3+M4ngSVKkfaVu x/lDmtlo2pRqTWA04xCZMXphgHHZ6M6TaAVjbeVjtehTh0vggOEnr/kOUANBnbYc Jcr2QXz7kwuEK3FltzSVuL47lzZGYrTIiOqFCCjJbXGUhezwIaxI6k6FJJaZRpOm 2w== -----END CERTIFICATE-----Generated at Wed Nov 5 21:20:35 2025 by rpki-client