$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa File: AS147131.roa (raw, json) Hash identifier: 3E5X5Pw4vDWEKgxSRz5jcs197/cP0pNnU9FC7u/fEhU= Subject key identifier: 85:2C:A5:FD:6A:26:35:17:38:A1:82:61:04:27:E2:51:3D:36:0D:9C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0598B1EA2F5225DF006CADE2B91A86A67FE48F5A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa Signing time: Thu 22 May 2025 08:00:00 +0000 ROA not before: Thu 22 May 2025 07:55:00 +0000 ROA not after: Thu 21 May 2026 08:00:00 +0000 asID: 147131 IP address blocks: 2001:df1:1ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 08:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:98:b1:ea:2f:52:25:df:00:6c:ad:e2:b9:1a:86:a6:7f:e4:8f:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 22 07:55:00 2025 GMT Not After : May 21 08:00:00 2026 GMT Subject: CN=852CA5FD6A26351738A182610427E2513D360D9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e7:08:7d:a0:61:ee:b9:e3:d5:89:7b:0e:aa: 21:67:66:60:c7:54:cc:30:27:6a:40:5d:d5:31:78: 44:50:91:61:ac:40:f6:7f:be:ac:33:51:b4:16:bc: 9a:c4:a3:51:44:c5:ee:79:03:bc:fd:dc:b2:12:62: fb:d5:3d:4b:f6:db:5d:56:95:80:a5:58:99:c9:69: 30:e9:29:ae:07:98:af:e4:28:d0:2b:c0:d4:2c:19: c9:8c:95:91:c6:e9:e9:d2:cd:92:de:67:68:70:f4: 12:29:de:b2:ad:ad:c6:34:84:fc:5c:a7:f8:55:b1: 8e:a9:fc:b8:4a:e8:39:02:f4:95:e5:51:1f:4e:18: e8:9e:6a:6d:64:76:9c:bf:ab:34:b7:c5:b2:22:77: e3:f5:70:51:23:ef:46:0c:e4:3c:ba:15:99:d1:85: 78:ac:a8:d9:61:ef:8c:5d:e3:82:a1:cb:f6:cc:44: 28:44:7e:d4:82:68:9b:5a:d9:b8:1b:9e:22:e3:86: a7:a3:ad:d2:f7:7a:6a:59:c9:74:00:ed:9d:d1:da: 4b:46:8c:4d:0f:9d:af:af:f0:3a:c0:d4:9b:ba:f8: ab:64:e0:47:70:92:4d:af:7f:5c:83:71:64:bf:d5: fc:0d:2e:b1:ba:52:1d:24:e1:0a:91:aa:59:4e:d3: 7a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:2C:A5:FD:6A:26:35:17:38:A1:82:61:04:27:E2:51:3D:36:0D:9C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:1ac0::/48 Signature Algorithm: sha256WithRSAEncryption 98:6a:c1:ec:4a:34:98:ad:7f:b8:31:12:39:42:fa:fe:1d:f8: 8f:14:c4:0d:f0:f6:4b:9a:f0:1b:ad:3d:f0:44:d5:4d:13:39: e4:89:06:2a:2a:3c:7d:a1:76:a6:ef:f7:de:f5:88:30:96:fa: 02:bf:e5:4d:b4:c1:88:de:00:4d:87:93:8d:b6:1d:d9:71:a1: 0c:4e:3f:de:db:0c:6e:c1:c2:71:6f:4f:09:d5:4b:14:c5:ac: 14:1a:86:6b:0b:94:28:2b:5a:f0:68:47:16:d2:d4:39:6d:b5: ab:0a:73:a1:0e:28:7f:07:0c:8e:a9:c7:8a:ca:39:7c:76:c1: 1c:aa:da:ea:58:66:5c:41:29:65:64:1a:c5:06:71:eb:9d:0f: 4e:f7:3c:e1:d7:8e:aa:ff:10:a0:70:ec:a4:64:dc:97:68:fb: 69:89:90:f8:0b:5d:94:81:bd:a4:cc:f0:f5:fa:95:58:34:bd: a8:9f:39:27:67:90:e2:2b:21:6f:9f:89:08:f6:5b:be:80:ec: 81:67:84:ff:36:5a:c4:c6:41:82:a0:de:a6:96:ea:43:a7:3f: 15:ba:62:30:f1:19:d3:e9:47:c5:c0:34:22:5f:dc:97:eb:44: 2f:97:40:9b:72:18:a7:3a:67:5f:bd:c5:4f:e1:08:60:f1:8c: f8:a8:7b:bd -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUBZix6i9SJd8AbK3iuRqGpn/kj1owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyMjA3NTUwMFoX DTI2MDUyMTA4MDAwMFowMzExMC8GA1UEAxMoODUyQ0E1RkQ2QTI2MzUxNzM4QTE4 MjYxMDQyN0UyNTEzRDM2MEQ5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPnCH2gYe6549WJew6qIWdmYMdUzDAnakBd1TF4RFCRYaxA9n++rDNRtBa8 msSjUUTF7nkDvP3cshJi+9U9S/bbXVaVgKVYmclpMOkprgeYr+Qo0CvA1CwZyYyV kcbp6dLNkt5naHD0Einesq2txjSE/Fyn+FWxjqn8uEroOQL0leVRH04Y6J5qbWR2 nL+rNLfFsiJ34/VwUSPvRgzkPLoVmdGFeKyo2WHvjF3jgqHL9sxEKER+1IJom1rZ uBueIuOGp6Ot0vd6alnJdADtndHaS0aMTQ+dr6/wOsDUm7r4q2TgR3CSTa9/XINx ZL/V/A0usbpSHSThCpGqWU7TevECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSFLKX9 aiY1FzihgmEEJ+JRPTYNnDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzEzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEawDANBgkqhkiG9w0BAQsFAAOCAQEAmGrB7Eo0mK1/uDES OUL6/h34jxTEDfD2S5rwG6098ETVTRM55IkGKio8faF2pu/33vWIMJb6Ar/lTbTB iN4ATYeTjbYd2XGhDE4/3tsMbsHCcW9PCdVLFMWsFBqGawuUKCta8GhHFtLUOW21 qwpzoQ4ofwcMjqnHiso5fHbBHKra6lhmXEEpZWQaxQZx650PTvc84deOqv8QoHDs pGTcl2j7aYmQ+AtdlIG9pMzw9fqVWDS9qJ85J2eQ4ishb5+JCPZbvoDsgWeE/zZa xMZBgqDeppbqQ6c/FbpiMPEZ0+lHxcA0Il/cl+tEL5dAm3IYpzpnX73FT+EIYPGM +Kh7vQ== -----END CERTIFICATE-----Generated at Mon Jun 16 04:30:02 2025 by rpki-client