$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa File: AS152395.roa (raw, json) Hash identifier: mFqsOq+F3/2CdvRmzhpIOIA2xMlYzTetZ4h+u/XZ0UI= Subject key identifier: 77:DA:6D:6F:E9:E0:AC:97:B0:A3:FB:BF:D5:BB:45:03:31:84:67:75 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4D794BA6CDE1E9D67C85D79E3719764E92ABB6F4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa Signing time: Thu 06 Feb 2025 10:44:49 +0000 ROA not before: Thu 06 Feb 2025 10:39:49 +0000 ROA not after: Thu 05 Feb 2026 10:44:49 +0000 asID: 152395 IP address blocks: 157.20.90.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:79:4b:a6:cd:e1:e9:d6:7c:85:d7:9e:37:19:76:4e:92:ab:b6:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:49 2025 GMT Not After : Feb 5 10:44:49 2026 GMT Subject: CN=77DA6D6FE9E0AC97B0A3FBBFD5BB450331846775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:99:86:e4:72:b5:9d:9e:0b:f3:6d:8c:b3:c9: d1:94:65:57:e6:da:0f:46:c1:62:ef:e7:e2:b2:6e: ad:42:8a:c8:80:75:96:3f:9a:d4:bd:97:73:ef:ca: 0e:36:ae:c9:76:98:7f:d3:83:a1:11:40:ad:7b:22: 8c:52:47:ee:4b:2c:2b:77:86:b3:0f:08:9b:6d:c1: d4:f9:3b:8e:ed:30:c2:4b:4c:90:98:b1:8c:52:33: 19:d9:3c:0f:b5:ff:31:f8:6e:d4:c7:d9:99:da:6b: 1b:72:3d:4a:46:32:68:ea:e7:47:1c:3a:ae:96:dd: 1f:ae:79:2b:d2:cc:06:5d:31:a6:4d:bb:d7:c0:e0: ba:de:9b:3c:60:c2:be:60:1c:b0:62:d1:c8:19:16: 5f:40:21:5d:e7:c1:7f:dd:c8:e3:d9:fd:78:5e:61: a4:cd:95:42:5b:e0:00:77:fd:3c:74:33:7b:35:11: 04:66:55:47:c2:e7:b2:6d:12:38:09:e1:c1:e9:5d: 40:71:19:79:d9:3d:48:c8:1b:37:3f:2f:78:8c:d4: 68:c0:a3:46:fd:0e:4f:ff:31:3f:62:40:cd:d9:ba: a6:5e:33:4e:5c:f4:33:6a:24:a7:65:dd:4b:37:f4: ba:ca:8c:e4:52:01:68:2e:53:15:d9:2c:e8:e5:21: d9:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:DA:6D:6F:E9:E0:AC:97:B0:A3:FB:BF:D5:BB:45:03:31:84:67:75 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152395.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.90.0/23 Signature Algorithm: sha256WithRSAEncryption 1d:1a:3c:03:db:90:b3:26:62:b9:93:ea:bb:04:96:b4:34:ce: 9f:8f:15:5e:f2:47:4a:86:98:3e:a8:ab:fe:db:df:ae:0c:7f: 97:96:63:d3:d3:c4:10:84:2b:0c:c3:01:5d:0c:91:b7:55:e3: ea:10:f5:96:0a:6b:0b:f6:40:64:bb:fc:0f:e0:c3:ee:99:65: f5:c7:51:8e:b4:51:40:37:fc:38:fe:89:24:26:ae:5b:ec:71: 3f:ce:20:bc:ec:a9:45:b3:e3:95:f2:33:a8:68:b8:13:b0:29: 78:93:3f:91:3b:6c:0c:db:66:9f:bd:f8:29:05:e5:55:41:a0: 61:3b:4e:d5:03:93:1a:7e:5e:ba:50:f7:b8:89:2c:ce:b4:92: eb:ec:14:03:06:d4:b2:65:75:dd:3c:1e:6c:6b:5a:9c:6d:b4: 8c:1f:4e:e6:c5:37:e6:47:78:5a:2e:b1:2d:cb:66:b1:14:06: 8a:aa:d8:7b:ef:d7:eb:67:70:dc:90:ab:58:44:ea:c1:50:54: cf:c3:85:bc:5c:a7:1f:e5:29:f9:b4:de:12:da:c4:cb:a9:a7: 1e:56:fb:0b:dc:43:dd:d9:83:49:9d:56:dd:cb:34:5a:e1:9a: 7d:fc:56:eb:91:7e:6e:c7:13:61:2b:93:76:f3:94:c4:7c:b2: 49:09:27:59 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUTXlLps3h6dZ8hdeeNxl2TpKrtvQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OVoX DTI2MDIwNTEwNDQ0OVowMzExMC8GA1UEAxMoNzdEQTZENkZFOUUwQUM5N0IwQTNG QkJGRDVCQjQ1MDMzMTg0Njc3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMeZhuRytZ2eC/NtjLPJ0ZRlV+baD0bBYu/n4rJurUKKyIB1lj+a1L2Xc+/K DjauyXaYf9ODoRFArXsijFJH7kssK3eGsw8Im23B1Pk7ju0wwktMkJixjFIzGdk8 D7X/Mfhu1MfZmdprG3I9SkYyaOrnRxw6rpbdH655K9LMBl0xpk2718Dgut6bPGDC vmAcsGLRyBkWX0AhXefBf93I49n9eF5hpM2VQlvgAHf9PHQzezURBGZVR8Lnsm0S OAnhweldQHEZedk9SMgbNz8veIzUaMCjRv0OT/8xP2JAzdm6pl4zTlz0M2okp2Xd Szf0usqM5FIBaC5TFdks6OUh2akCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBR32m1v 6eCsl7Cj+7/Vu0UDMYRndTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM5NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UWjANBgkqhkiG9w0BAQsFAAOCAQEAHRo8A9uQsyZiuZPquwSW tDTOn48VXvJHSoaYPqir/tvfrgx/l5Zj09PEEIQrDMMBXQyRt1Xj6hD1lgprC/ZA ZLv8D+DD7pll9cdRjrRRQDf8OP6JJCauW+xxP84gvOypRbPjlfIzqGi4E7ApeJM/ kTtsDNtmn734KQXlVUGgYTtO1QOTGn5eulD3uIkszrSS6+wUAwbUsmV13TwebGta nG20jB9O5sU35kd4Wi6xLctmsRQGiqrYe+/X62dw3JCrWETqwVBUz8OFvFynH+Up +bTeEtrEy6mnHlb7C9xD3dmDSZ1W3cs0WuGaffxW65F+bscTYSuTdvOUxHyySQkn WQ== -----END CERTIFICATE-----Generated at Tue Nov 4 18:37:18 2025 by rpki-client