$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153093.roa File: AS153093.roa (raw, json) Hash identifier: oXjONMDjpDy7ZIbVywAxkA56OKrHeX9xl+iwiuYy8NI= Subject key identifier: FB:61:BA:DA:9E:6B:9D:B9:84:EC:DD:E7:F6:80:E7:8D:88:F4:C5:0B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4C1E6F372E33C8DC9D1D75F66445E91591885CBF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153093.roa Signing time: Thu 24 Jul 2025 07:19:15 +0000 ROA not before: Thu 24 Jul 2025 07:14:15 +0000 ROA not after: Thu 23 Jul 2026 07:19:15 +0000 asID: 153093 IP address blocks: 160.25.158.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 08:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:1e:6f:37:2e:33:c8:dc:9d:1d:75:f6:64:45:e9:15:91:88:5c:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 24 07:14:15 2025 GMT Not After : Jul 23 07:19:15 2026 GMT Subject: CN=FB61BADA9E6B9DB984ECDDE7F680E78D88F4C50B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9b:60:f0:79:f4:ce:b2:97:b9:51:63:06:2b: af:8e:74:bb:95:22:07:db:ff:c3:2f:c3:c1:ad:3c: 13:3a:b7:98:7f:6c:bf:13:4f:18:10:0a:44:f0:c9: f8:c9:58:4a:f8:0f:0e:f9:ac:0e:99:46:56:80:51: 4b:fd:c9:c2:5e:b9:b9:32:89:da:64:38:3c:d7:89: e7:12:b5:5e:d9:51:23:e9:7c:3d:e7:f2:48:2d:03: 55:70:a9:a9:00:90:ad:b0:c8:12:20:60:9a:3e:b7: b9:f9:ab:4b:55:eb:f9:8e:7f:83:c3:9c:db:4f:11: ea:c4:46:46:d6:86:cb:eb:d6:09:6d:b6:bb:85:e6: da:e7:df:d7:35:ec:0a:63:95:06:da:d1:2b:5a:2d: b1:24:bd:13:27:0f:4b:ec:0f:5a:b3:e4:2d:da:80: 15:7a:f0:7e:61:b5:fc:5a:ef:35:4f:12:19:9a:a7: bc:89:0a:06:8e:20:69:59:9a:0f:74:88:19:43:65: a3:19:dd:37:db:17:66:79:1c:98:8b:80:84:34:03: 68:2d:96:e1:4a:09:9b:57:e8:12:40:ae:fe:de:09: 2c:77:c0:a4:5e:0c:f0:06:2c:a9:7e:ff:4b:09:43: 73:41:ad:05:98:55:0b:ff:1a:6d:4f:9e:5b:d0:f6: 7d:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:61:BA:DA:9E:6B:9D:B9:84:EC:DD:E7:F6:80:E7:8D:88:F4:C5:0B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153093.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.158.0/23 Signature Algorithm: sha256WithRSAEncryption 7a:ab:33:30:7b:ad:ca:2f:b6:42:20:a1:90:17:98:4a:d0:5d: 89:2a:2f:20:80:c7:9f:43:cb:01:04:b3:ed:34:24:f5:db:ea: 7a:2a:7c:d4:40:3c:b3:70:97:72:fc:37:5f:42:1d:26:28:d7: 48:6b:8e:65:4f:a4:14:28:a4:28:fd:07:b2:92:61:83:4c:36: 73:eb:26:0d:1b:4f:c1:f1:65:a4:0d:d7:6f:2a:e0:ba:1e:d4: 5a:31:f3:09:e8:dc:b2:fa:44:c9:82:5e:cc:64:20:f2:d0:02: af:9d:9c:98:13:ce:54:47:c7:c1:60:30:e9:16:cc:48:a7:e3: 21:87:ee:ec:18:23:23:2b:ea:ff:4a:f0:e8:f6:f5:83:a2:ce: c6:16:2d:47:51:82:a8:b1:23:5c:51:e6:b3:3a:5b:ed:04:eb: 3f:47:d3:96:f7:94:6b:2e:62:bd:48:d9:f0:27:81:10:8b:54: c9:50:c7:c0:41:eb:84:ef:32:f9:2a:d1:ef:78:71:c8:20:10: 60:77:b8:31:87:d3:83:58:3e:a6:48:2d:1d:e9:2a:82:03:bc: 70:82:a9:39:0c:9a:d3:e5:c4:1b:4b:37:29:e8:1b:7b:c7:45: 38:a1:e0:b7:be:46:73:40:be:f5:85:ba:a1:15:51:4a:c4:e6: 65:ab:c3:3a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUTB5vNy4zyNydHXX2ZEXpFZGIXL8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcyNDA3MTQxNVoX DTI2MDcyMzA3MTkxNVowMzExMC8GA1UEAxMoRkI2MUJBREE5RTZCOURCOTg0RUNE REU3RjY4MEU3OEQ4OEY0QzUwQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMqbYPB59M6yl7lRYwYrr450u5UiB9v/wy/Dwa08Ezq3mH9svxNPGBAKRPDJ +MlYSvgPDvmsDplGVoBRS/3Jwl65uTKJ2mQ4PNeJ5xK1XtlRI+l8PefySC0DVXCp qQCQrbDIEiBgmj63ufmrS1Xr+Y5/g8Oc208R6sRGRtaGy+vWCW22u4Xm2uff1zXs CmOVBtrRK1otsSS9EycPS+wPWrPkLdqAFXrwfmG1/FrvNU8SGZqnvIkKBo4gaVma D3SIGUNloxndN9sXZnkcmIuAhDQDaC2W4UoJm1foEkCu/t4JLHfApF4M8AYsqX7/ SwlDc0GtBZhVC/8abU+eW9D2fVsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT7Ybra nmuduYTs3ef2gOeNiPTFCzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzA5My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZnjANBgkqhkiG9w0BAQsFAAOCAQEAeqszMHutyi+2QiChkBeY StBdiSovIIDHn0PLAQSz7TQk9dvqeip81EA8s3CXcvw3X0IdJijXSGuOZU+kFCik KP0HspJhg0w2c+smDRtPwfFlpA3Xbyrguh7UWjHzCejcsvpEyYJezGQg8tACr52c mBPOVEfHwWAw6RbMSKfjIYfu7BgjIyvq/0rw6Pb1g6LOxhYtR1GCqLEjXFHmszpb 7QTrP0fTlveUay5ivUjZ8CeBEItUyVDHwEHrhO8y+SrR73hxyCAQYHe4MYfTg1g+ pkgtHekqggO8cIKpOQya0+XEG0s3Kegbe8dFOKHgt75Gc0C+9YW6oRVRSsTmZavD Og== -----END CERTIFICATE-----Generated at Tue Aug 5 08:18:03 2025 by rpki-client