$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153985.roa File: AS153985.roa (raw, json) Hash identifier: v2zENeDOMFxyN/XKhy+GO7gXHGSfcbG7ngGSMdwvDrs= Subject key identifier: B3:25:EA:3F:35:0F:A6:B7:8A:A7:26:5B:0B:CF:A3:FB:FE:A8:D9:28 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4E39A0BD2B286E7017828ACBB86662C45D41568A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153985.roa Signing time: Mon 11 Aug 2025 02:51:09 +0000 ROA not before: Mon 11 Aug 2025 02:46:09 +0000 ROA not after: Mon 10 Aug 2026 02:51:09 +0000 asID: 153985 IP address blocks: 165.101.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 10:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:39:a0:bd:2b:28:6e:70:17:82:8a:cb:b8:66:62:c4:5d:41:56:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 11 02:46:09 2025 GMT Not After : Aug 10 02:51:09 2026 GMT Subject: CN=B325EA3F350FA6B78AA7265B0BCFA3FBFEA8D928 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:88:33:a6:54:7e:56:65:84:af:c6:75:6b:86: e6:06:76:c1:f2:49:70:60:81:34:8d:59:e3:93:54: 4a:d4:6a:87:14:b7:18:ef:75:fe:59:88:c7:32:1d: b8:04:a4:0b:d7:a0:9d:2c:a1:27:1d:ba:fc:75:56: 7c:77:ac:77:19:58:3d:71:05:bb:8e:57:cc:b1:2d: fd:68:17:fb:9f:b8:0f:dc:91:a5:66:6e:6c:7d:83: 84:4d:84:f0:10:61:7e:86:f4:1e:82:ad:f9:95:55: 7b:32:69:da:58:ab:0d:5e:13:be:94:18:ce:c8:fd: f8:5c:5b:5e:7f:39:5d:50:9f:a9:e2:73:38:ec:16: a3:c8:0e:d0:00:29:02:c7:34:77:9a:e5:75:dd:6b: 15:e6:a0:d3:a4:bd:40:94:57:ac:18:10:e1:0f:fe: 40:5f:99:df:80:2e:69:d9:71:5f:6e:9f:da:f2:c2: 72:50:80:bc:86:f7:de:7b:a5:27:84:3e:32:21:8e: 54:9e:51:61:9b:50:58:f4:1f:3b:45:6f:5a:ac:68: c6:5c:0d:36:7a:4b:d3:fd:c5:0e:18:0b:3e:cb:c1: fa:81:3f:bd:eb:91:93:e6:d7:4c:d7:13:aa:94:80: 33:63:38:42:25:47:2c:94:9b:05:fc:0c:98:c0:02: c3:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:25:EA:3F:35:0F:A6:B7:8A:A7:26:5B:0B:CF:A3:FB:FE:A8:D9:28 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153985.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.18.0/24 Signature Algorithm: sha256WithRSAEncryption 15:8d:4a:50:bd:58:bb:02:fe:fd:0d:31:ae:22:3e:26:aa:49: 06:30:98:fd:0e:ef:93:bb:74:6c:4a:2a:8b:e6:1d:71:7c:90: 3f:9e:25:38:d1:91:81:9c:91:ed:2c:9a:df:a2:b0:52:63:c1: f7:40:8b:f9:04:25:2f:72:3f:cd:16:1c:58:a0:72:35:15:4a: be:bd:93:ed:76:cf:70:c3:a2:6d:b8:ca:32:60:a3:c3:c3:63: b0:25:6a:04:fd:db:b4:b3:9a:ba:50:71:ec:5e:da:02:37:cb: 56:f2:01:5e:f2:01:8c:62:fc:c9:93:8c:f4:10:27:88:c3:29: 54:d9:0d:4b:fb:96:16:0b:7a:1e:f8:ec:83:68:4e:5b:9a:34: aa:1b:40:b0:6a:27:60:bc:da:e3:0a:e5:38:e5:32:18:d8:bb: e6:c9:c4:c0:db:20:19:c5:f0:c9:1e:23:d8:a3:a3:8e:94:67: ff:35:a9:22:60:a5:f4:a0:f0:6a:f7:4f:d3:18:dd:eb:94:b8: 36:8a:63:72:cd:bf:d5:db:8a:6d:9d:c5:43:6e:de:66:65:84: 73:f4:2d:d3:ea:3b:4b:fa:4d:5f:a5:a4:b3:22:05:3c:76:38: 6b:e2:a3:46:86:bf:52:82:fe:8a:50:2f:9c:43:76:3f:9d:18: 46:4e:8c:75 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUTjmgvSsobnAXgorLuGZixF1BVoowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgxMTAyNDYwOVoX DTI2MDgxMDAyNTEwOVowMzExMC8GA1UEAxMoQjMyNUVBM0YzNTBGQTZCNzhBQTcy NjVCMEJDRkEzRkJGRUE4RDkyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPOIM6ZUflZlhK/GdWuG5gZ2wfJJcGCBNI1Z45NUStRqhxS3GO91/lmIxzId uASkC9egnSyhJx26/HVWfHesdxlYPXEFu45XzLEt/WgX+5+4D9yRpWZubH2DhE2E 8BBhfob0HoKt+ZVVezJp2lirDV4TvpQYzsj9+FxbXn85XVCfqeJzOOwWo8gO0AAp Asc0d5rldd1rFeag06S9QJRXrBgQ4Q/+QF+Z34AuadlxX26f2vLCclCAvIb33nul J4Q+MiGOVJ5RYZtQWPQfO0VvWqxoxlwNNnpL0/3FDhgLPsvB+oE/veuRk+bXTNcT qpSAM2M4QiVHLJSbBfwMmMACw0sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSzJeo/ NQ+mt4qnJlsLz6P7/qjZKDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk4NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVlEjANBgkqhkiG9w0BAQsFAAOCAQEAFY1KUL1YuwL+/Q0xriI+ JqpJBjCY/Q7vk7t0bEoqi+YdcXyQP54lONGRgZyR7Sya36KwUmPB90CL+QQlL3I/ zRYcWKByNRVKvr2T7XbPcMOibbjKMmCjw8NjsCVqBP3btLOaulBx7F7aAjfLVvIB XvIBjGL8yZOM9BAniMMpVNkNS/uWFgt6Hvjsg2hOW5o0qhtAsGonYLza4wrlOOUy GNi75snEwNsgGcXwyR4j2KOjjpRn/zWpImCl9KDwavdP0xjd65S4Nopjcs2/1duK bZ3FQ27eZmWEc/Qt0+o7S/pNX6WksyIFPHY4a+KjRoa/UoL+ilAvnEN2P50YRk6M dQ== -----END CERTIFICATE-----Generated at Wed Nov 5 10:42:38 2025 by rpki-client