$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153924.roa File: AS153924.roa (raw, json) Hash identifier: v/f+jVrFg53VCSDeY/lIcS2wq4Hi2CxWMWcMVeZa1PQ= Subject key identifier: 9C:41:89:8F:83:57:D2:20:16:43:98:A3:7B:03:8F:5F:25:7E:0D:29 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0188E9CB49A42BC3071299D8D7D1DF3FF7CDC2FE Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153924.roa Signing time: Mon 04 Aug 2025 04:03:13 +0000 ROA not before: Mon 04 Aug 2025 03:58:13 +0000 ROA not after: Mon 03 Aug 2026 04:03:13 +0000 asID: 153924 IP address blocks: 165.99.118.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 08:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:88:e9:cb:49:a4:2b:c3:07:12:99:d8:d7:d1:df:3f:f7:cd:c2:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 4 03:58:13 2025 GMT Not After : Aug 3 04:03:13 2026 GMT Subject: CN=9C41898F8357D220164398A37B038F5F257E0D29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2f:a9:98:d3:bb:f5:80:31:2c:c1:94:ba:99: 62:b5:b0:1e:f6:ed:c6:e0:a9:5b:c4:ad:30:9c:04: 1d:3c:e8:11:f3:51:8e:68:44:7e:28:0f:81:f3:57: a3:ce:1c:3d:c9:b4:03:68:61:7e:17:48:e6:14:b1: 8b:85:6a:54:fe:f6:7c:35:cb:21:a5:3a:aa:03:df: f0:7a:13:6c:41:c0:5c:94:ff:4c:9f:ce:95:fc:2a: d5:c2:d4:46:5e:53:26:af:b5:a8:9d:9f:b2:a2:76: bc:75:ce:22:27:2b:3e:16:fc:94:e7:44:59:d3:52: 3a:45:dd:a5:7d:49:a5:82:29:fa:53:d5:bf:45:8b: 0b:84:86:d3:5c:ed:6c:eb:7e:b8:b0:06:1d:69:49: df:c4:6c:45:b0:f8:f5:3e:37:c8:24:77:51:d1:fe: 2b:69:f0:4b:fd:26:55:e6:22:47:5d:e9:42:76:d5: 00:ce:00:82:47:f6:b7:41:69:6f:6d:5a:e7:df:2a: c6:65:53:f6:bb:b9:a7:43:c9:71:ef:1e:94:3e:14: 61:ec:44:71:47:f2:14:8b:8f:8f:82:87:d4:8e:c3: 4e:aa:44:5c:b6:90:e8:dd:a9:60:12:9a:66:d2:57: 0b:f6:71:6a:f1:50:93:44:97:3f:9a:98:cf:97:c9: ba:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:41:89:8F:83:57:D2:20:16:43:98:A3:7B:03:8F:5F:25:7E:0D:29 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153924.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.118.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:05:e5:1c:1d:f9:f7:d9:e0:d4:03:cf:3d:07:89:6c:44:df: 77:05:8a:d4:19:df:87:80:1f:60:27:9a:fc:92:73:71:19:87: 9f:54:29:26:15:50:19:18:28:96:ba:c7:be:bd:a0:9c:77:5f: 98:05:7c:8b:92:5a:f9:8c:71:1d:d9:12:fd:e3:73:3d:66:5b: 62:c8:12:d5:06:e8:2f:47:cd:1d:ab:8d:d0:35:85:68:3b:c5: a8:d1:02:9e:49:23:09:2e:93:44:6d:ff:df:b4:bb:7d:30:38: e3:69:78:c7:ab:06:00:42:a1:d7:dd:64:62:a0:4d:4a:8b:cb: bc:08:9f:f3:c7:28:d6:09:e7:3d:f3:55:ad:3c:a9:91:22:f3: 6d:0b:04:92:bb:75:bf:af:26:38:76:65:d1:ed:5a:ff:79:ae: aa:da:a3:31:af:ed:35:d5:bf:7e:60:0b:19:15:39:3b:cd:3b: 26:5e:1b:34:ab:a2:b4:5a:fe:d5:8a:6d:bf:d8:d7:41:c4:0e: 9e:a1:f2:20:0d:0a:5d:78:2e:aa:74:1b:80:49:45:a3:2a:7e: 8c:2b:a6:58:ec:06:24:c8:fa:07:a1:c3:ae:b4:aa:14:fd:8e: 92:c2:aa:a8:1d:0a:5b:15:73:9c:79:81:74:2e:0d:89:ba:20: 00:76:58:ec -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAYjpy0mkK8MHEpnY19HfP/fNwv4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgwNDAzNTgxM1oX DTI2MDgwMzA0MDMxM1owMzExMC8GA1UEAxMoOUM0MTg5OEY4MzU3RDIyMDE2NDM5 OEEzN0IwMzhGNUYyNTdFMEQyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALgvqZjTu/WAMSzBlLqZYrWwHvbtxuCpW8StMJwEHTzoEfNRjmhEfigPgfNX o84cPcm0A2hhfhdI5hSxi4VqVP72fDXLIaU6qgPf8HoTbEHAXJT/TJ/Olfwq1cLU Rl5TJq+1qJ2fsqJ2vHXOIicrPhb8lOdEWdNSOkXdpX1JpYIp+lPVv0WLC4SG01zt bOt+uLAGHWlJ38RsRbD49T43yCR3UdH+K2nwS/0mVeYiR13pQnbVAM4Agkf2t0Fp b21a598qxmVT9ru5p0PJce8elD4UYexEcUfyFIuPj4KH1I7DTqpEXLaQ6N2pYBKa ZtJXC/ZxavFQk0SXP5qYz5fJum0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBScQYmP g1fSIBZDmKN7A49fJX4NKTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzkyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaVjdjANBgkqhkiG9w0BAQsFAAOCAQEAfwXlHB3599ng1APPPQeJ bETfdwWK1Bnfh4AfYCea/JJzcRmHn1QpJhVQGRgolrrHvr2gnHdfmAV8i5Ja+Yxx HdkS/eNzPWZbYsgS1QboL0fNHauN0DWFaDvFqNECnkkjCS6TRG3/37S7fTA442l4 x6sGAEKh191kYqBNSovLvAif88co1gnnPfNVrTypkSLzbQsEkrt1v68mOHZl0e1a /3muqtqjMa/tNdW/fmALGRU5O807Jl4bNKuitFr+1Yptv9jXQcQOnqHyIA0KXXgu qnQbgElFoyp+jCumWOwGJMj6B6HDrrSqFP2OksKqqB0KWxVznHmBdC4NibogAHZY 7A== -----END CERTIFICATE-----Generated at Tue Aug 5 08:09:19 2025 by rpki-client