$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151992.roa File: AS151992.roa (raw, json) Hash identifier: Dq/VCXyQFdY0iYC9annMRlwm6Uh199Je8dfrwYj/xU8= Subject key identifier: 5A:1F:E3:DE:3C:81:C9:1F:18:90:21:3F:99:BE:5B:C5:A6:BF:A9:DB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 15EB6665D072B3BA77912BFB5AC1A2EE2262C53B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151992.roa Signing time: Fri 24 Oct 2025 04:00:00 +0000 ROA not before: Fri 24 Oct 2025 03:55:00 +0000 ROA not after: Fri 23 Oct 2026 04:00:00 +0000 asID: 151992 IP address blocks: 103.42.242.0/24 maxlen: 24 2001:df3:4b40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:eb:66:65:d0:72:b3:ba:77:91:2b:fb:5a:c1:a2:ee:22:62:c5:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 24 03:55:00 2025 GMT Not After : Oct 23 04:00:00 2026 GMT Subject: CN=5A1FE3DE3C81C91F1890213F99BE5BC5A6BFA9DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:59:63:f7:89:7b:62:48:8c:30:89:24:d1:79: 58:fb:fc:b0:3b:6e:fa:84:bb:07:34:98:74:e1:e8: d3:0e:d4:18:57:de:35:84:18:c6:0c:fa:6e:28:45: 10:12:df:69:46:40:20:59:55:a8:2d:a8:0b:ae:c4: ac:be:fc:f4:0f:ca:43:eb:0e:c2:3a:3b:ae:61:d1: 1d:2a:a2:b7:f7:e5:90:6d:25:c1:a2:16:f8:06:c2: ff:c4:b9:6e:61:ca:e7:71:f7:89:6d:f9:c9:ce:a4: 52:b7:23:34:32:e4:95:02:13:ae:a5:8c:e5:ec:dd: a4:aa:bf:61:59:7a:1a:5c:85:4a:34:7a:f1:b5:8e: af:34:c8:93:6f:15:b7:ea:c8:04:7e:17:8e:81:94: 6a:65:6b:06:4d:38:6a:bb:34:20:39:6b:17:20:cd: e2:17:96:01:6f:03:c0:94:7d:f9:4f:cd:7f:ce:a9: e9:01:c9:29:b0:73:34:0f:af:31:5b:8b:d1:f3:5b: 72:fa:b7:ac:79:c2:de:46:7d:6b:13:9a:dd:2d:b4: 99:b1:bf:37:11:29:9a:7c:14:2e:35:5d:95:fe:fa: 34:4c:bb:ad:ae:6b:91:27:f7:62:5c:d2:c1:66:d6: fe:dd:f8:5e:b7:69:40:e1:a1:49:89:d9:a3:ca:0f: e1:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:1F:E3:DE:3C:81:C9:1F:18:90:21:3F:99:BE:5B:C5:A6:BF:A9:DB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151992.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.42.242.0/24 IPv6: 2001:df3:4b40::/48 Signature Algorithm: sha256WithRSAEncryption 8c:53:1d:f8:c8:e7:d9:ec:99:65:e7:2e:ad:4a:49:01:3e:e7: 75:5d:b4:00:39:b2:d4:3b:fb:3b:6d:ae:2c:f7:2d:3e:79:b3: e2:7d:4c:b8:84:50:a4:83:47:42:18:0f:a0:aa:50:78:a0:74: 55:da:e7:63:82:6e:76:da:c7:27:33:bf:87:c9:ba:ed:95:69: fd:b2:07:b3:e0:39:34:f2:09:ce:69:6e:06:af:e4:3f:5f:0d: 3d:63:c8:ee:3d:31:64:b0:93:ce:f0:aa:3e:6f:2a:5b:1c:79: dc:98:c6:5b:b7:b9:78:08:11:b6:be:c4:79:6d:12:52:0d:70: 1c:63:c1:fa:d7:3d:90:a0:cd:bf:08:0f:f5:0a:b9:2d:d3:20: 06:4a:27:12:d4:cc:0c:ea:68:4d:24:2d:e1:4c:e7:4b:44:2d: fa:27:cb:57:ac:85:86:51:f2:ba:6d:c8:47:4d:85:91:fb:ed: 33:f1:3d:c9:85:54:95:0b:9f:1b:ff:45:6b:26:f1:c8:31:e6: 3e:39:f2:47:ba:6d:00:74:e1:82:99:66:1f:ea:ab:f5:fb:08: 48:38:64:df:e3:22:f9:46:c7:39:4e:10:8a:d4:9c:42:d0:13: 2d:37:cc:e5:20:87:b6:29:29:69:3c:e2:25:fc:0e:5a:06:45: 94:41:9a:dc -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUFetmZdBys7p3kSv7WsGi7iJixTswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAyNDAzNTUwMFoX DTI2MTAyMzA0MDAwMFowMzExMC8GA1UEAxMoNUExRkUzREUzQzgxQzkxRjE4OTAy MTNGOTlCRTVCQzVBNkJGQTlEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZZY/eJe2JIjDCJJNF5WPv8sDtu+oS7BzSYdOHo0w7UGFfeNYQYxgz6bihF EBLfaUZAIFlVqC2oC67ErL789A/KQ+sOwjo7rmHRHSqit/flkG0lwaIW+AbC/8S5 bmHK53H3iW35yc6kUrcjNDLklQITrqWM5ezdpKq/YVl6GlyFSjR68bWOrzTIk28V t+rIBH4XjoGUamVrBk04ars0IDlrFyDN4heWAW8DwJR9+U/Nf86p6QHJKbBzNA+v MVuL0fNbcvq3rHnC3kZ9axOa3S20mbG/NxEpmnwULjVdlf76NEy7ra5rkSf3YlzS wWbW/t34XrdpQOGhSYnZo8oP4ZECAwEAAaOCAeEwggHdMB0GA1UdDgQWBBRaH+Pe PIHJHxiQIT+ZvlvFpr+p2zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTk5Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGcq8jAPBAIAAjAJAwcAIAEN80tAMA0GCSqGSIb3DQEBCwUAA4IB AQCMUx34yOfZ7Jll5y6tSkkBPud1XbQAObLUO/s7ba4s9y0+ebPifUy4hFCkg0dC GA+gqlB4oHRV2udjgm522scnM7+HybrtlWn9sgez4Dk08gnOaW4Gr+Q/Xw09Y8ju PTFksJPO8Ko+bypbHHncmMZbt7l4CBG2vsR5bRJSDXAcY8H61z2QoM2/CA/1Crkt 0yAGSicS1MwM6mhNJC3hTOdLRC36J8tXrIWGUfK6bchHTYWR++0z8T3JhVSVC58b /0VrJvHIMeY+OfJHum0AdOGCmWYf6qv1+whIOGTf4yL5Rsc5ThCK1JxC0BMtN8zl IIe2KSlpPOIl/A5aBkWUQZrc -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:24 2025 by rpki-client