$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151999.roa File: AS151999.roa (raw, json) Hash identifier: BEZwI3nsh5HX03lpCG1vu41YOzPhvaFEqkfDF2bvy/I= Subject key identifier: CE:C7:BD:91:A0:6E:29:35:65:29:0D:0D:57:9E:66:7C:70:90:18:4E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 01E3296EF0DE7729610C5EA8F76199F7E5C254CB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151999.roa Signing time: Thu 18 Sep 2025 05:00:00 +0000 ROA not before: Thu 18 Sep 2025 04:55:00 +0000 ROA not after: Thu 17 Sep 2026 05:00:00 +0000 asID: 151999 IP address blocks: 43.250.182.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:e3:29:6e:f0:de:77:29:61:0c:5e:a8:f7:61:99:f7:e5:c2:54:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 18 04:55:00 2025 GMT Not After : Sep 17 05:00:00 2026 GMT Subject: CN=CEC7BD91A06E293565290D0D579E667C7090184E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:8d:d8:1c:50:82:1c:0a:34:aa:e9:a9:47:03: 82:2f:51:e2:c2:70:0e:2f:b5:8d:bf:67:6c:1c:6d: 96:da:e0:be:b0:c0:0e:9a:2c:89:ee:e2:c4:40:cb: b8:43:64:fb:04:4d:a1:b1:51:97:49:44:25:18:09: a0:af:ff:3e:02:c0:20:49:46:41:5d:b3:91:e1:87: 7d:db:ee:1c:ae:9a:36:66:20:e2:f5:8f:64:79:ec: 43:eb:53:b3:9e:c0:c0:aa:a4:a7:e9:c3:71:45:72: aa:68:10:d5:49:0b:3c:f0:79:1d:2f:a8:fd:db:7d: 05:f2:de:e5:8e:ef:6d:e4:59:4c:38:c0:73:c1:a6: b6:c9:da:ce:bc:9a:ee:d9:b1:aa:99:d8:b3:ed:e2: ed:09:34:66:24:7d:eb:56:df:04:28:9f:28:ae:e3: 29:61:cf:72:36:dc:14:77:8b:bc:64:a4:49:80:f7: b7:4f:be:c3:75:5b:8b:75:60:4e:7c:26:15:fc:29: df:79:b1:ee:e0:99:c4:68:61:0e:e2:77:25:6b:e5: 9d:0b:d1:25:e3:b8:9d:35:0f:fa:bc:e1:46:e8:3b: 51:e6:c6:d5:53:31:6e:cf:c7:bb:54:f9:7c:61:06: c1:14:6f:eb:b6:60:70:82:a0:92:13:d5:03:8d:bd: 03:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:C7:BD:91:A0:6E:29:35:65:29:0D:0D:57:9E:66:7C:70:90:18:4E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151999.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.182.0/23 Signature Algorithm: sha256WithRSAEncryption 13:14:69:64:fe:96:62:02:c0:93:b4:00:21:c4:e4:dc:60:f2: 76:f0:19:10:98:cb:fe:c9:8e:aa:47:c4:c5:92:73:be:1e:3b: 12:85:0f:d4:c6:16:35:6e:19:0a:70:8e:41:5a:cc:f1:71:3b: 3a:ce:59:cd:18:8b:66:27:b2:ca:1f:9b:00:9a:99:98:bf:9a: f8:59:d3:17:32:d3:8b:06:be:8d:f2:62:4e:ba:5c:f7:04:4b: 35:2f:37:f4:30:bf:c7:56:46:48:48:69:d3:b9:b6:bd:c4:aa: 33:9e:f5:76:45:f7:e1:29:b1:dc:3e:a8:f7:b1:a6:64:2d:e7: 09:df:30:c5:42:35:c7:b4:33:10:df:9f:51:ff:79:3f:71:ef: 97:ac:a5:09:e5:30:7d:6d:53:c7:b4:04:f9:de:f9:46:a4:2b: d6:a9:50:f5:c0:55:4c:44:8e:36:88:94:c0:ff:28:b9:94:37: 3b:23:c5:f5:ad:1d:c4:77:b6:fd:b8:f0:54:da:d8:dc:40:48: fd:03:90:85:05:9c:31:0f:d8:28:6c:74:a0:02:b6:44:ca:63: 7c:2b:17:df:9b:5c:1d:de:11:da:f7:cc:d1:40:53:43:1b:b8: 1c:90:6d:c9:fd:71:34:6b:77:77:bb:39:b8:1e:c8:88:05:f9: 9c:26:75:2a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAeMpbvDedylhDF6o92GZ9+XCVMswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkxODA0NTUwMFoX DTI2MDkxNzA1MDAwMFowMzExMC8GA1UEAxMoQ0VDN0JEOTFBMDZFMjkzNTY1Mjkw RDBENTc5RTY2N0M3MDkwMTg0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMaN2BxQghwKNKrpqUcDgi9R4sJwDi+1jb9nbBxtltrgvrDADposie7ixEDL uENk+wRNobFRl0lEJRgJoK//PgLAIElGQV2zkeGHfdvuHK6aNmYg4vWPZHnsQ+tT s57AwKqkp+nDcUVyqmgQ1UkLPPB5HS+o/dt9BfLe5Y7vbeRZTDjAc8Gmtsnazrya 7tmxqpnYs+3i7Qk0ZiR961bfBCifKK7jKWHPcjbcFHeLvGSkSYD3t0++w3Vbi3Vg TnwmFfwp33mx7uCZxGhhDuJ3JWvlnQvRJeO4nTUP+rzhRug7UebG1VMxbs/Hu1T5 fGEGwRRv67ZgcIKgkhPVA429A2UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTOx72R oG4pNWUpDQ1XnmZ8cJAYTjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTk5OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEASv6tjANBgkqhkiG9w0BAQsFAAOCAQEAExRpZP6WYgLAk7QAIcTk 3GDydvAZEJjL/smOqkfExZJzvh47EoUP1MYWNW4ZCnCOQVrM8XE7Os5ZzRiLZiey yh+bAJqZmL+a+FnTFzLTiwa+jfJiTrpc9wRLNS839DC/x1ZGSEhp07m2vcSqM571 dkX34Smx3D6o97GmZC3nCd8wxUI1x7QzEN+fUf95P3Hvl6ylCeUwfW1Tx7QE+d75 RqQr1qlQ9cBVTESONoiUwP8ouZQ3OyPF9a0dxHe2/bjwVNrY3EBI/QOQhQWcMQ/Y KGx0oAK2RMpjfCsX35tcHd4R2vfM0UBTQxu4HJBtyf1xNGt3d7s5uB7IiAX5nCZ1 Kg== -----END CERTIFICATE-----Generated at Mon Nov 3 19:33:17 2025 by rpki-client