$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153485.roa File: AS153485.roa (raw, json) Hash identifier: iKKJgsFXPIR+dPi4mzBJZBwmcjgBgs3LmNR3jhmvB4A= Subject key identifier: 91:1B:FC:E2:53:08:64:83:E0:30:AA:E9:5E:4B:B1:67:00:66:76:4E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3CE9C3A97617C204C1FCAD55C416932398900E48 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153485.roa Signing time: Mon 04 Aug 2025 04:20:14 +0000 ROA not before: Mon 04 Aug 2025 04:15:14 +0000 ROA not after: Mon 03 Aug 2026 04:20:14 +0000 asID: 153485 IP address blocks: 160.250.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 08 Aug 2025 09:26:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:e9:c3:a9:76:17:c2:04:c1:fc:ad:55:c4:16:93:23:98:90:0e:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 4 04:15:14 2025 GMT Not After : Aug 3 04:20:14 2026 GMT Subject: CN=911BFCE253086483E030AAE95E4BB1670066764E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:79:7f:1c:46:d1:b3:68:ad:41:83:30:f9:57: 4a:a2:a6:53:f2:77:a7:4a:40:1e:2d:2d:16:5b:7f: 3f:83:90:76:05:ff:61:bf:1d:2d:10:7a:51:b6:27: 4d:70:d0:4e:08:12:b0:1b:34:a8:db:23:21:d2:4e: be:f1:62:ba:ce:19:e1:b7:71:93:23:b0:83:ed:dc: 21:36:06:06:67:ea:b7:a0:e1:6e:70:d3:d3:13:94: 96:5c:87:b9:0f:9e:1d:87:86:aa:99:8e:b6:5c:5f: af:29:48:b0:33:e0:57:86:5d:4f:dd:cf:41:dc:8a: 2d:a0:0b:81:51:33:a8:da:b6:6d:76:44:67:be:89: ea:ce:7d:1b:66:a6:70:7c:19:45:d0:bc:cc:9d:ce: af:d5:ec:7e:52:3e:15:2e:7e:92:65:91:3b:8b:68: f1:82:7b:4b:48:f8:82:05:13:46:3c:92:2e:e5:96: 13:45:09:3a:5f:ef:09:ed:e5:29:57:a5:e2:f3:1c: de:4c:bc:a4:b1:62:ef:9e:70:a0:07:53:9b:e4:51: 05:f0:47:4b:da:5d:09:4c:4e:81:b0:c0:0d:07:6f: 09:3c:89:38:1c:a7:b2:8a:82:16:6b:cd:69:14:db: 86:76:a6:4b:ef:e7:53:42:89:4d:22:02:d5:46:c1: 02:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:1B:FC:E2:53:08:64:83:E0:30:AA:E9:5E:4B:B1:67:00:66:76:4E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153485.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.156.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:e1:bd:e6:42:d2:27:77:b0:68:52:55:63:ea:2c:c0:e5:d9: 40:d2:f7:0e:ba:0c:78:81:96:93:8b:b2:38:18:82:b0:e7:3f: 6e:fc:12:35:8e:48:36:8b:40:f5:ba:cd:f9:e4:e7:5e:be:dc: 25:4d:8b:d8:66:33:6b:10:35:34:81:ac:39:7c:b2:c3:59:a7: d0:7c:8d:58:15:89:cd:f2:94:e1:0b:ea:5a:33:0b:eb:cc:d5: 71:b4:f5:5a:ac:e8:a1:1b:4a:d8:27:6f:11:93:36:b8:6a:7f: 8c:1d:74:9e:55:99:62:06:cd:a4:29:cf:dd:c1:f5:31:f3:47: f1:bf:9d:04:32:80:dc:29:3b:0b:db:e7:46:a2:41:f1:28:fd: b3:50:a6:6f:1d:28:88:4b:12:32:5e:a2:8e:d9:82:53:31:0a: bb:2a:5e:2c:7d:e0:1e:a6:92:a4:41:d1:7b:cf:4f:50:8b:16: b7:68:51:85:7a:5e:b7:73:1f:26:d3:95:83:a5:d2:8e:ae:74: 03:1a:78:cb:8b:b4:29:08:7e:1e:e4:15:7d:e4:45:4a:94:54: 5f:5e:5a:b7:43:e4:f2:e9:0e:23:83:03:10:9b:da:30:1c:e3: f7:11:ef:51:0d:18:a2:70:1c:a7:88:c9:5a:70:49:f8:80:d2: 99:90:6c:f2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUPOnDqXYXwgTB/K1VxBaTI5iQDkgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgwNDA0MTUxNFoX DTI2MDgwMzA0MjAxNFowMzExMC8GA1UEAxMoOTExQkZDRTI1MzA4NjQ4M0UwMzBB QUU5NUU0QkIxNjcwMDY2NzY0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZ5fxxG0bNorUGDMPlXSqKmU/J3p0pAHi0tFlt/P4OQdgX/Yb8dLRB6UbYn TXDQTggSsBs0qNsjIdJOvvFius4Z4bdxkyOwg+3cITYGBmfqt6DhbnDT0xOUllyH uQ+eHYeGqpmOtlxfrylIsDPgV4ZdT93PQdyKLaALgVEzqNq2bXZEZ76J6s59G2am cHwZRdC8zJ3Or9XsflI+FS5+kmWRO4to8YJ7S0j4ggUTRjySLuWWE0UJOl/vCe3l KVel4vMc3ky8pLFi755woAdTm+RRBfBHS9pdCUxOgbDADQdvCTyJOBynsoqCFmvN aRTbhnamS+/nU0KJTSIC1UbBAu8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSRG/zi Uwhkg+AwquleS7FnAGZ2TjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzQ4NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKD6nDANBgkqhkiG9w0BAQsFAAOCAQEAH+G95kLSJ3ewaFJVY+os wOXZQNL3DroMeIGWk4uyOBiCsOc/bvwSNY5INotA9brN+eTnXr7cJU2L2GYzaxA1 NIGsOXyyw1mn0HyNWBWJzfKU4QvqWjML68zVcbT1WqzooRtK2CdvEZM2uGp/jB10 nlWZYgbNpCnP3cH1MfNH8b+dBDKA3Ck7C9vnRqJB8Sj9s1Cmbx0oiEsSMl6ijtmC UzEKuypeLH3gHqaSpEHRe89PUIsWt2hRhXpet3MfJtOVg6XSjq50Axp4y4u0KQh+ HuQVfeRFSpRUX15at0Pk8ukOI4MDEJvaMBzj9xHvUQ0YonAcp4jJWnBJ+IDSmZBs 8g== -----END CERTIFICATE-----Generated at Tue Aug 5 16:34:10 2025 by rpki-client