$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153144.roa File: AS153144.roa (raw, json) Hash identifier: mO97Eq+rDQlMvyzhXGrSlWQY3wbqhYzGyNtmVv5U6eI= Subject key identifier: 48:6C:BE:A7:B9:80:6F:66:A1:6A:FC:A9:4F:19:5E:AC:C2:E4:58:90 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 42D802A409B024A39B887E222CC1E4113D03543A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153144.roa Signing time: Thu 06 Feb 2025 10:44:49 +0000 ROA not before: Thu 06 Feb 2025 10:39:49 +0000 ROA not after: Thu 05 Feb 2026 10:44:49 +0000 asID: 153144 IP address blocks: 160.187.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:d8:02:a4:09:b0:24:a3:9b:88:7e:22:2c:c1:e4:11:3d:03:54:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:49 2025 GMT Not After : Feb 5 10:44:49 2026 GMT Subject: CN=486CBEA7B9806F66A16AFCA94F195EACC2E45890 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:c3:83:d3:11:d3:40:a7:c6:e2:e4:ce:45:87: aa:e9:34:9f:7a:f7:b6:4d:fa:50:9d:bc:3f:27:e4: 91:35:45:e4:bc:e6:f3:0d:06:76:8d:d9:55:ee:58: 30:6c:15:54:1d:23:7a:d9:10:ba:b7:5f:ad:59:61: 3c:90:d0:96:93:31:fd:3b:08:86:dc:aa:81:e0:98: b6:69:c3:e9:80:a2:ff:2d:73:df:02:ca:44:83:5b: 76:07:fa:9d:b8:93:81:e2:ff:5b:55:9a:e5:fb:75: 19:02:67:e3:65:cf:d3:d3:d5:67:49:e6:0e:08:34: f7:c6:b7:cf:66:4b:b7:e7:a8:a4:dd:d3:79:fe:49: de:92:26:92:00:fa:b3:10:d1:63:d2:0e:45:53:bd: 6a:e8:e1:e2:ea:d0:ec:63:b6:bf:50:b0:82:ca:3d: 45:3d:fe:b9:74:d1:f6:73:fb:99:8b:10:d2:a1:b8: 5e:a8:04:e5:c4:c8:c0:1a:98:5b:ad:44:04:aa:9f: 23:73:45:37:8f:a3:e2:1b:8f:7e:9e:2d:46:2e:df: 6f:d1:58:b9:dc:58:48:84:43:cd:2b:d5:49:c6:0b: 6d:59:09:de:18:0e:dc:8f:1d:0b:49:b6:7d:f8:c2: 7b:4f:3f:fc:f9:bc:90:36:0e:8c:21:51:4d:bb:21: 9c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:6C:BE:A7:B9:80:6F:66:A1:6A:FC:A9:4F:19:5E:AC:C2:E4:58:90 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153144.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.187.204.0/23 Signature Algorithm: sha256WithRSAEncryption 5c:4a:42:1f:10:54:aa:c4:15:0d:fa:39:13:8c:ba:5c:9b:8f: 00:51:32:89:01:93:14:cc:85:18:1a:32:ae:57:e2:5d:01:18: 97:4f:d6:5e:d7:0c:a9:8e:c0:d1:4f:68:74:10:fb:dc:a5:f7: f0:8b:8b:fc:82:50:8f:68:4f:37:7a:f3:ee:7d:38:45:d5:fe: 9e:9c:bd:73:6a:cf:c9:ea:94:f6:05:d0:15:f6:fa:29:9f:1b: 65:75:21:3f:06:d0:6d:cf:17:ec:82:a2:76:8b:d3:2b:c0:00: d1:84:03:73:43:14:75:cb:30:58:3e:35:61:69:f0:b5:1c:e5: f6:9d:8b:17:a6:98:2d:c7:d6:1c:19:ac:4e:f6:2d:8b:9d:b7: d1:c8:31:c1:ad:b8:10:87:81:ac:78:eb:58:17:41:03:26:d0: e4:17:3c:99:62:d7:8c:ef:46:d4:f7:8c:a7:21:ea:69:39:7c: cb:02:be:03:b4:15:86:cd:f1:c0:e7:41:1b:19:97:45:1d:10: 72:7f:65:e0:14:5c:06:8b:cb:b1:86:f4:84:44:35:16:3e:40: 43:a9:4d:39:c9:4e:d7:71:19:6e:c6:a0:d5:22:d5:c1:b0:3e: 02:ed:f6:24:66:bb:f3:47:bd:34:a2:48:d2:cc:f1:21:18:ab: 5a:11:2f:64 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQtgCpAmwJKObiH4iLMHkET0DVDowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OVoX DTI2MDIwNTEwNDQ0OVowMzExMC8GA1UEAxMoNDg2Q0JFQTdCOTgwNkY2NkExNkFG Q0E5NEYxOTVFQUNDMkU0NTg5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN7Dg9MR00CnxuLkzkWHquk0n3r3tk36UJ28PyfkkTVF5Lzm8w0Gdo3ZVe5Y MGwVVB0jetkQurdfrVlhPJDQlpMx/TsIhtyqgeCYtmnD6YCi/y1z3wLKRINbdgf6 nbiTgeL/W1Wa5ft1GQJn42XP09PVZ0nmDgg098a3z2ZLt+eopN3Tef5J3pImkgD6 sxDRY9IORVO9aujh4urQ7GO2v1Cwgso9RT3+uXTR9nP7mYsQ0qG4XqgE5cTIwBqY W61EBKqfI3NFN4+j4huPfp4tRi7fb9FYudxYSIRDzSvVScYLbVkJ3hgO3I8dC0m2 ffjCe08//Pm8kDYOjCFRTbshnEkCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRIbL6n uYBvZqFq/KlPGV6swuRYkDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzE0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaC7zDANBgkqhkiG9w0BAQsFAAOCAQEAXEpCHxBUqsQVDfo5E4y6 XJuPAFEyiQGTFMyFGBoyrlfiXQEYl0/WXtcMqY7A0U9odBD73KX38IuL/IJQj2hP N3rz7n04RdX+npy9c2rPyeqU9gXQFfb6KZ8bZXUhPwbQbc8X7IKidovTK8AA0YQD c0MUdcswWD41YWnwtRzl9p2LF6aYLcfWHBmsTvYti5230cgxwa24EIeBrHjrWBdB AybQ5Bc8mWLXjO9G1PeMpyHqaTl8ywK+A7QVhs3xwOdBGxmXRR0Qcn9l4BRcBovL sYb0hEQ1Fj5AQ6lNOclO13EZbsag1SLVwbA+Au32JGa780e9NKJI0szxIRirWhEv ZA== -----END CERTIFICATE-----Generated at Tue Nov 4 18:39:14 2025 by rpki-client