$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152359.roa File: AS152359.roa (raw, json) Hash identifier: A4OzhkdOqzfJhiUgAJymb0k6kEkqfE4uIoj2zO/nBiY= Subject key identifier: C5:03:B6:60:90:31:D9:AA:0F:9D:AA:1F:68:29:08:4F:3B:23:D1:DD Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 27B58266612EC47ACFDA47EED9310B884999A414 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152359.roa Signing time: Thu 06 Feb 2025 10:44:48 +0000 ROA not before: Thu 06 Feb 2025 10:39:48 +0000 ROA not after: Thu 05 Feb 2026 10:44:48 +0000 asID: 152359 IP address blocks: 157.10.254.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 03:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:b5:82:66:61:2e:c4:7a:cf:da:47:ee:d9:31:0b:88:49:99:a4:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:48 2025 GMT Not After : Feb 5 10:44:48 2026 GMT Subject: CN=C503B6609031D9AA0F9DAA1F6829084F3B23D1DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:88:cc:6e:69:f8:4d:9e:5e:33:85:d2:4f:ef: fa:dc:e2:45:12:b7:b2:99:e3:ee:46:09:64:db:36: 9b:b0:ff:1f:78:81:82:18:11:44:c0:1e:c3:01:83: ac:2c:54:65:10:06:77:d4:2f:59:24:b3:0c:1a:02: 6b:8e:54:c8:78:85:f7:0e:f0:9a:70:6c:7f:5a:66: 7a:33:b3:6f:4f:bb:d2:62:21:ec:e5:0f:95:75:d5: 70:8e:e6:20:9e:f6:b9:d0:75:ed:5f:66:b2:12:1b: 1e:d1:9c:6d:3a:b5:50:ac:18:17:4b:cb:b1:a5:70: e2:e3:81:08:99:c5:60:fa:cc:37:cb:9d:fc:8c:6f: 3d:32:64:d4:22:61:9f:a3:02:2e:db:55:e9:31:93: a8:2e:d3:22:4a:c6:ed:a1:85:69:f8:b1:11:6b:4e: aa:d9:4d:e5:05:78:07:62:d2:e2:f2:ee:99:d4:a4: 34:23:c0:c3:a9:1c:28:33:a3:cf:6b:04:1f:60:38: 05:7b:e8:d8:6f:07:b3:ae:34:ec:d4:b4:41:28:6e: d0:57:bd:1f:de:63:78:38:d1:8f:5c:7d:3d:1c:10: 64:16:ea:99:00:6c:12:f3:b5:7a:9a:a4:a2:a1:cf: d4:01:8d:00:97:a6:07:7f:21:e3:67:55:24:85:fe: 63:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:03:B6:60:90:31:D9:AA:0F:9D:AA:1F:68:29:08:4F:3B:23:D1:DD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152359.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.254.0/23 Signature Algorithm: sha256WithRSAEncryption 7a:fb:1a:e5:76:bd:ba:28:01:b7:4a:3b:1f:24:9c:aa:fe:c5: 21:2d:19:6b:9f:d0:91:15:5d:4d:75:8f:19:29:fe:06:a9:36: bc:af:7f:63:39:e1:e5:fc:b3:ca:8a:56:a6:06:ee:db:b9:32: 2f:d6:a3:23:d1:23:8e:e8:50:9a:90:23:94:32:71:0f:1f:aa: 53:16:37:96:22:f0:5f:27:bd:d9:c9:b1:49:10:7c:95:5b:e8: 51:24:3b:0a:8c:d0:84:b9:c0:88:aa:84:c7:30:37:20:bb:4c: 5f:9e:a9:84:78:57:97:8d:1d:51:c3:b0:41:17:08:05:15:46: d9:e2:8b:cf:9d:b0:3a:6e:c3:b6:51:9b:f7:b3:df:be:15:d6: 0f:33:5f:87:88:0e:67:73:75:5d:1b:92:b3:23:a3:41:35:48: 7c:0d:fd:ec:6d:24:01:79:d6:98:ca:ac:f9:46:21:a1:fc:fc: 17:0c:92:f9:61:5f:de:e4:0f:23:9d:3c:a1:1a:c6:78:19:cc: ed:de:e4:5c:32:28:cc:f0:80:c3:cf:4a:65:ec:c0:2e:4a:ca: 19:3e:db:14:87:b4:af:8d:3f:eb:3e:9d:84:bb:80:21:28:c7: f9:36:82:4c:ef:ca:07:b7:4e:6e:90:ae:f7:2d:2d:53:01:8b: c8:b7:fa:84 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJ7WCZmEuxHrP2kfu2TELiEmZpBQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OFoX DTI2MDIwNTEwNDQ0OFowMzExMC8GA1UEAxMoQzUwM0I2NjA5MDMxRDlBQTBGOURB QTFGNjgyOTA4NEYzQjIzRDFERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKiIzG5p+E2eXjOF0k/v+tziRRK3spnj7kYJZNs2m7D/H3iBghgRRMAewwGD rCxUZRAGd9QvWSSzDBoCa45UyHiF9w7wmnBsf1pmejOzb0+70mIh7OUPlXXVcI7m IJ72udB17V9mshIbHtGcbTq1UKwYF0vLsaVw4uOBCJnFYPrMN8ud/IxvPTJk1CJh n6MCLttV6TGTqC7TIkrG7aGFafixEWtOqtlN5QV4B2LS4vLumdSkNCPAw6kcKDOj z2sEH2A4BXvo2G8Hs6407NS0QShu0Fe9H95jeDjRj1x9PRwQZBbqmQBsEvO1epqk oqHP1AGNAJemB38h42dVJIX+Yy8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTFA7Zg kDHZqg+dqh9oKQhPOyPR3TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM1OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0K/jANBgkqhkiG9w0BAQsFAAOCAQEAevsa5Xa9uigBt0o7HySc qv7FIS0Za5/QkRVdTXWPGSn+Bqk2vK9/Yznh5fyzyopWpgbu27kyL9ajI9EjjuhQ mpAjlDJxDx+qUxY3liLwXye92cmxSRB8lVvoUSQ7CozQhLnAiKqExzA3ILtMX56p hHhXl40dUcOwQRcIBRVG2eKLz52wOm7DtlGb97PfvhXWDzNfh4gOZ3N1XRuSsyOj QTVIfA397G0kAXnWmMqs+UYhofz8FwyS+WFf3uQPI508oRrGeBnM7d7kXDIozPCA w89KZezALkrKGT7bFIe0r40/6z6dhLuAISjH+TaCTO/KB7dObpCu9y0tUwGLyLf6 hA== -----END CERTIFICATE-----Generated at Sun Apr 27 06:04:08 2025 by rpki-client