$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152377.roa File: AS152377.roa (raw, json) Hash identifier: kPunPUy9SepwuEvKcHJdf3b/QLg9pfxMdGHHIyQ32Gc= Subject key identifier: 05:AD:21:EF:C9:BB:1F:6F:D6:72:70:E1:C3:73:49:49:DF:1C:ED:81 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4ED7B7AA02662683794301F27ECEFE8C17901A7D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152377.roa Signing time: Tue 05 Aug 2025 07:25:21 +0000 ROA not before: Tue 05 Aug 2025 07:20:21 +0000 ROA not after: Tue 04 Aug 2026 07:25:21 +0000 asID: 152377 IP address blocks: 2402:1aa0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:d7:b7:aa:02:66:26:83:79:43:01:f2:7e:ce:fe:8c:17:90:1a:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 5 07:20:21 2025 GMT Not After : Aug 4 07:25:21 2026 GMT Subject: CN=05AD21EFC9BB1F6FD67270E1C3734949DF1CED81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:93:3c:a6:e2:23:39:8e:d7:58:54:26:52:8c: 8b:66:29:ab:4f:78:3a:48:01:80:94:a4:1c:68:54: 6d:39:63:58:bb:79:52:3a:9d:4f:97:49:8a:a5:f0: 9d:26:bf:86:0a:6f:5c:d3:36:77:dc:84:ae:32:04: 32:70:5d:2f:84:70:0e:d0:46:15:6a:ee:01:99:e3: c1:39:b7:db:09:80:46:ab:3d:f8:14:bf:df:2d:4c: dd:4b:8d:4e:9c:9f:11:72:3e:18:2e:39:39:58:20: 72:98:22:b6:7f:94:68:99:ac:63:ff:90:ef:54:27: 4f:73:c6:7c:fa:e8:5a:de:ff:2e:4d:f5:f2:aa:eb: fa:f0:91:0d:1d:56:43:d2:87:22:70:2e:28:3b:a1: df:62:67:a0:a0:09:ed:12:25:0a:2d:86:f1:ef:33: 3a:76:ed:61:a8:fa:4e:f6:ce:ff:78:9a:71:28:4b: bc:d5:16:c2:d4:a5:73:9a:f9:88:6e:8b:88:0b:c6: 6f:3b:2f:b3:52:fd:11:69:09:e3:7b:27:10:39:23: 2f:48:6d:35:66:c1:ce:a4:0d:68:23:db:e0:92:a0: 91:77:62:e0:25:3e:df:96:04:91:78:1b:86:0f:c1: 48:0e:c9:3b:b9:1b:dc:c5:66:77:62:45:d4:0f:c9: 7f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:AD:21:EF:C9:BB:1F:6F:D6:72:70:E1:C3:73:49:49:DF:1C:ED:81 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152377.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:1aa0::/32 Signature Algorithm: sha256WithRSAEncryption 70:78:e7:a3:e5:fb:b3:10:07:32:2b:a1:b7:b0:da:7c:c9:db: b6:47:14:3f:9d:21:22:27:09:18:27:51:e9:ad:66:73:3e:64: 77:3f:6e:14:1c:23:65:4b:09:26:df:06:90:1e:1e:c6:54:15: 95:95:21:7c:53:31:12:e8:2f:89:2b:7e:54:8e:ed:d3:c0:17: 9f:08:49:26:24:c5:7a:91:54:b6:50:80:49:f5:b0:51:9b:9f: 03:85:97:d1:5f:78:ca:55:93:de:54:a3:89:3b:67:69:73:f4: c9:6d:2b:bf:23:11:a6:6d:c1:24:12:c1:ef:77:4b:e3:ec:0a: 0e:d5:68:0a:7f:2f:2a:ca:76:e1:31:ed:d8:bc:45:a8:5e:7e: f4:95:9f:6d:fd:c2:35:a7:c8:ab:83:83:4c:88:3f:86:29:0d: 88:1c:0b:2f:98:75:79:ff:88:70:9d:a0:2f:5c:45:c6:a2:8f: 79:28:0f:89:5b:da:65:5d:20:e3:34:dc:54:9f:cf:ba:65:48: c1:b8:b4:15:cb:fb:89:4f:88:4f:8f:6c:7b:14:4e:94:70:22: 33:be:d5:18:18:0c:97:10:b1:7b:c4:5e:05:fb:69:a4:14:19: d5:a4:5e:04:01:ac:b6:c5:9b:bf:67:f0:c1:18:42:ee:8d:c0: bb:fb:f0:d2 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUTte3qgJmJoN5QwHyfs7+jBeQGn0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgwNTA3MjAyMVoX DTI2MDgwNDA3MjUyMVowMzExMC8GA1UEAxMoMDVBRDIxRUZDOUJCMUY2RkQ2NzI3 MEUxQzM3MzQ5NDlERjFDRUQ4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKuTPKbiIzmO11hUJlKMi2Ypq094OkgBgJSkHGhUbTljWLt5UjqdT5dJiqXw nSa/hgpvXNM2d9yErjIEMnBdL4RwDtBGFWruAZnjwTm32wmARqs9+BS/3y1M3UuN TpyfEXI+GC45OVggcpgitn+UaJmsY/+Q71QnT3PGfProWt7/Lk318qrr+vCRDR1W Q9KHInAuKDuh32JnoKAJ7RIlCi2G8e8zOnbtYaj6TvbO/3iacShLvNUWwtSlc5r5 iG6LiAvGbzsvs1L9EWkJ43snEDkjL0htNWbBzqQNaCPb4JKgkXdi4CU+35YEkXgb hg/BSA7JO7kb3MVmd2JF1A/Jf8MCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBQFrSHv ybsfb9ZycOHDc0lJ3xztgTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM3Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQCGqAwDQYJKoZIhvcNAQELBQADggEBAHB456Pl+7MQBzIrobew 2nzJ27ZHFD+dISInCRgnUemtZnM+ZHc/bhQcI2VLCSbfBpAeHsZUFZWVIXxTMRLo L4krflSO7dPAF58ISSYkxXqRVLZQgEn1sFGbnwOFl9FfeMpVk95Uo4k7Z2lz9Mlt K78jEaZtwSQSwe93S+PsCg7VaAp/LyrKduEx7di8RahefvSVn239wjWnyKuDg0yI P4YpDYgcCy+YdXn/iHCdoC9cRcaij3koD4lb2mVdIOM03FSfz7plSMG4tBXL+4lP iE+PbHsUTpRwIjO+1RgYDJcQsXvEXgX7aaQUGdWkXgQBrLbFm79n8MEYQu6NwLv7 8NI= -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:25 2025 by rpki-client