$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154008.roa File: AS154008.roa (raw, json) Hash identifier: kvslXkvje2BGHsJVed2LR0pjCSZlMg7fkdNsvCayKsM= Subject key identifier: F0:7A:1B:45:E5:08:85:F4:81:E6:12:FD:4A:85:AC:30:89:22:CC:D8 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 01C6EFFA8D3EFA1C8A001641A590943C00DADCFA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154008.roa Signing time: Tue 29 Jul 2025 02:43:26 +0000 ROA not before: Tue 29 Jul 2025 02:38:26 +0000 ROA not after: Tue 28 Jul 2026 02:43:26 +0000 asID: 154008 IP address blocks: 165.101.84.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 08:17:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:c6:ef:fa:8d:3e:fa:1c:8a:00:16:41:a5:90:94:3c:00:da:dc:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 29 02:38:26 2025 GMT Not After : Jul 28 02:43:26 2026 GMT Subject: CN=F07A1B45E50885F481E612FD4A85AC308922CCD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:14:55:19:13:e9:c8:9f:5d:0d:e6:58:24:72: 8f:72:8e:14:e7:a0:ed:56:cc:6e:a5:f2:35:ad:70: 82:63:f5:c0:ac:1c:5c:18:12:70:7b:98:96:75:cf: 5e:4a:e9:3e:01:34:35:77:65:f6:d7:d1:64:0c:43: 15:11:56:7f:0e:a1:9e:df:37:3f:13:b3:fe:ed:c0: 64:85:03:74:69:7d:85:66:02:ed:53:f2:a3:85:22: 87:d5:9e:3b:50:6d:67:e0:53:fd:f0:29:ef:5b:ee: 6a:95:70:1a:47:91:40:6d:0b:04:c5:0a:04:2d:c7: d9:7d:cb:30:82:81:cc:dd:d2:46:06:d7:f9:42:66: e7:53:7d:ad:cb:49:ca:23:94:4b:92:8d:dd:4f:49: cb:32:18:49:90:e6:a6:dc:0c:10:56:71:2b:fd:c9: 77:51:1b:e2:0c:9d:1d:5c:5e:8f:9c:91:9c:d7:8e: ea:02:e7:0a:f0:cf:2a:ca:72:1b:9d:6d:97:97:49: 27:39:96:68:81:da:f9:b4:68:0a:2e:d6:74:ce:5c: d5:55:26:7b:e3:82:47:fd:5e:06:f5:a5:a9:68:b6: d9:1a:87:28:7f:e7:21:cd:e3:2a:47:7b:fe:e8:92: 63:db:92:c2:ce:43:4d:c8:da:c8:b4:85:dd:9c:6a: 85:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:7A:1B:45:E5:08:85:F4:81:E6:12:FD:4A:85:AC:30:89:22:CC:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS154008.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.84.0/24 Signature Algorithm: sha256WithRSAEncryption 85:ed:d2:4f:8e:a4:d0:5b:72:2e:fe:27:0e:fb:05:41:4d:cc: f5:38:fb:0c:32:fa:5b:73:01:0a:60:fb:9f:15:da:a4:52:7f: 8b:b9:18:0a:30:fb:31:d1:0e:0c:d0:c9:43:01:10:bc:62:90: ac:b4:9a:41:b0:55:26:59:b0:21:d1:17:67:d8:b2:60:3a:11: 29:48:af:02:f6:5f:d2:f4:06:6f:e8:cf:bb:0a:14:be:11:6d: 91:db:20:0d:61:bf:db:e3:ce:a6:d5:a7:6a:d3:96:ca:0a:85: ae:b2:d1:ca:de:e5:31:8c:02:5a:fd:49:41:3d:1e:81:4e:85: 0a:cd:fc:a1:c0:5e:b8:e5:68:61:d5:10:c4:b4:86:7b:07:b5: b8:9d:56:64:18:ae:88:e5:9b:e0:b7:10:f4:82:08:07:46:42: d9:03:08:a5:14:64:64:e9:66:7d:c1:de:77:31:39:14:f3:91: d3:cc:2a:46:93:62:b3:07:d2:51:eb:b8:35:07:98:9b:9a:17: 4e:3f:3a:03:48:2f:9a:96:b8:6a:5d:d2:ec:45:03:97:e6:b1: cb:0f:97:42:2f:f3:46:3c:93:12:a1:99:44:ed:96:d4:80:de: fa:59:df:04:36:5d:4f:79:3a:0c:d7:7b:66:fd:87:df:61:50: aa:10:ab:1f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAcbv+o0++hyKABZBpZCUPADa3PowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcyOTAyMzgyNloX DTI2MDcyODAyNDMyNlowMzExMC8GA1UEAxMoRjA3QTFCNDVFNTA4ODVGNDgxRTYx MkZENEE4NUFDMzA4OTIyQ0NEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANIUVRkT6cifXQ3mWCRyj3KOFOeg7VbMbqXyNa1wgmP1wKwcXBgScHuYlnXP XkrpPgE0NXdl9tfRZAxDFRFWfw6hnt83PxOz/u3AZIUDdGl9hWYC7VPyo4Uih9We O1BtZ+BT/fAp71vuapVwGkeRQG0LBMUKBC3H2X3LMIKBzN3SRgbX+UJm51N9rctJ yiOUS5KN3U9JyzIYSZDmptwMEFZxK/3Jd1Eb4gydHVxej5yRnNeO6gLnCvDPKspy G51tl5dJJzmWaIHa+bRoCi7WdM5c1VUme+OCR/1eBvWlqWi22RqHKH/nIc3jKkd7 /uiSY9uSws5DTcjayLSF3ZxqhbUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTwehtF 5QiF9IHmEv1KhawwiSLM2DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1NDAwOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVlVDANBgkqhkiG9w0BAQsFAAOCAQEAhe3ST46k0FtyLv4nDvsF QU3M9Tj7DDL6W3MBCmD7nxXapFJ/i7kYCjD7MdEODNDJQwEQvGKQrLSaQbBVJlmw IdEXZ9iyYDoRKUivAvZf0vQGb+jPuwoUvhFtkdsgDWG/2+POptWnatOWygqFrrLR yt7lMYwCWv1JQT0egU6FCs38ocBeuOVoYdUQxLSGewe1uJ1WZBiuiOWb4LcQ9III B0ZC2QMIpRRkZOlmfcHedzE5FPOR08wqRpNiswfSUeu4NQeYm5oXTj86A0gvmpa4 al3S7EUDl+axyw+XQi/zRjyTEqGZRO2W1IDe+lnfBDZdT3k6DNd7Zv2H32FQqhCr Hw== -----END CERTIFICATE-----Generated at Tue Aug 5 08:18:31 2025 by rpki-client