$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa File: AS152839.roa (raw, json) Hash identifier: X9V/cidJuPKz9N3T5x9BHf4tA244pNQ2XHHVnBN0lF8= Subject key identifier: CE:5B:15:13:A2:61:D6:8E:76:96:51:B2:92:13:84:8B:E9:C4:25:DE Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4181C78F84317B4FE4826840F60FF38846DB2E3E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa Signing time: Thu 06 Feb 2025 10:44:49 +0000 ROA not before: Thu 06 Feb 2025 10:39:49 +0000 ROA not after: Thu 05 Feb 2026 10:44:49 +0000 asID: 152839 IP address blocks: 160.22.240.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 03:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:81:c7:8f:84:31:7b:4f:e4:82:68:40:f6:0f:f3:88:46:db:2e:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:49 2025 GMT Not After : Feb 5 10:44:49 2026 GMT Subject: CN=CE5B1513A261D68E769651B29213848BE9C425DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f8:f3:0f:b2:5b:b8:62:03:68:23:06:aa:f7: 8c:5d:e1:78:80:fa:aa:b1:95:a4:3e:60:fb:84:1e: b2:97:50:f8:ad:0f:ac:5d:f9:c2:29:0b:44:e3:11: 49:41:67:97:88:49:96:c8:dd:09:3b:ff:64:bc:ee: d6:3f:76:d6:1d:4d:76:06:10:bf:a6:0d:24:7b:1e: 9b:29:4b:8d:59:ad:c3:0c:36:69:27:81:5e:d1:64: ae:2b:93:e3:26:12:7b:db:c8:2b:e8:f1:4a:df:28: 6e:6b:7f:10:e7:2f:f3:99:61:83:9e:83:91:4c:39: 5e:0e:a6:01:ed:6c:b5:1e:f6:95:a0:ca:81:e0:f3: 15:27:0a:c8:fa:57:66:28:5e:0c:6c:3a:e6:74:30: 53:12:ec:ff:f9:02:62:2e:7d:52:38:78:cb:f2:02: 01:4a:75:be:72:12:71:04:7f:33:3b:1b:24:02:a1: 3a:01:88:d6:fc:00:32:56:9e:a3:ef:7b:9d:fa:5e: ed:87:49:02:e5:bb:71:de:2a:28:20:3c:5e:26:a0: 94:82:93:24:6a:06:b6:32:bb:de:66:16:29:2b:72: 4e:b2:c2:23:98:b2:e3:94:60:ab:3b:1a:3b:3a:50: ee:da:74:0e:df:2c:b2:46:e0:39:4b:4e:1a:5e:f8: f1:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:5B:15:13:A2:61:D6:8E:76:96:51:B2:92:13:84:8B:E9:C4:25:DE X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152839.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.240.0/23 Signature Algorithm: sha256WithRSAEncryption 27:70:36:6d:f2:00:90:54:a7:37:d9:fd:55:8b:42:f0:46:50: b2:ec:4f:db:b4:10:28:f4:43:8e:dd:bb:ac:e4:d3:2a:14:f8: 03:82:31:e2:b6:21:fc:24:a9:f3:82:73:17:f3:10:f7:0a:f9: 98:48:1f:30:b1:c5:18:6e:b4:2a:82:e1:a3:45:9e:45:fb:7d: cd:25:9b:ba:fa:85:4b:09:3f:8a:49:7e:08:76:3b:ee:91:a8: 5a:1a:7d:a4:b3:9e:9a:5e:25:e5:77:c0:00:d6:e1:a1:35:28: f6:8d:97:e6:f6:2d:0b:9a:96:eb:2f:dd:67:08:d2:3c:5a:eb: 42:bc:10:82:e3:b8:65:ee:ac:d5:bd:c1:c8:00:98:9a:58:ad: e2:2d:0c:cd:91:c8:6b:d9:ce:0a:da:15:9b:de:3f:85:70:ce: 2e:ad:59:0c:e3:67:ce:8e:4b:c8:db:f6:27:9d:a2:85:bc:bd: 15:3e:49:e0:47:56:ea:56:41:29:15:d7:3b:34:a7:5a:8c:77: 77:d8:d3:24:74:e9:c0:7d:5a:24:7d:3a:76:7e:6d:48:c2:53: c1:b4:1a:fa:69:c5:54:73:72:40:fb:d3:da:de:d2:d9:23:01: 19:dc:47:bf:a1:d1:e6:88:ec:fe:ab:1a:7e:e0:b3:d5:dc:0e: bb:7a:75:c3 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQYHHj4Qxe0/kgmhA9g/ziEbbLj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OVoX DTI2MDIwNTEwNDQ0OVowMzExMC8GA1UEAxMoQ0U1QjE1MTNBMjYxRDY4RTc2OTY1 MUIyOTIxMzg0OEJFOUM0MjVERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALf48w+yW7hiA2gjBqr3jF3heID6qrGVpD5g+4QespdQ+K0PrF35wikLROMR SUFnl4hJlsjdCTv/ZLzu1j921h1NdgYQv6YNJHsemylLjVmtwww2aSeBXtFkriuT 4yYSe9vIK+jxSt8obmt/EOcv85lhg56DkUw5Xg6mAe1stR72laDKgeDzFScKyPpX ZiheDGw65nQwUxLs//kCYi59Ujh4y/ICAUp1vnIScQR/MzsbJAKhOgGI1vwAMlae o+97nfpe7YdJAuW7cd4qKCA8XiaglIKTJGoGtjK73mYWKStyTrLCI5iy45Rgqzsa OzpQ7tp0Dt8sskbgOUtOGl748Y0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTOWxUT omHWjnaWUbKSE4SL6cQl3jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjgzOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAW8DANBgkqhkiG9w0BAQsFAAOCAQEAJ3A2bfIAkFSnN9n9VYtC 8EZQsuxP27QQKPRDjt27rOTTKhT4A4Ix4rYh/CSp84JzF/MQ9wr5mEgfMLHFGG60 KoLho0WeRft9zSWbuvqFSwk/ikl+CHY77pGoWhp9pLOeml4l5XfAANbhoTUo9o2X 5vYtC5qW6y/dZwjSPFrrQrwQguO4Ze6s1b3ByACYmlit4i0MzZHIa9nOCtoVm94/ hXDOLq1ZDONnzo5LyNv2J52ihby9FT5J4EdW6lZBKRXXOzSnWox3d9jTJHTpwH1a JH06dn5tSMJTwbQa+mnFVHNyQPvT2t7S2SMBGdxHv6HR5ojs/qsafuCz1dwOu3p1 ww== -----END CERTIFICATE-----Generated at Sun Apr 27 08:43:36 2025 by rpki-client