$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153835.roa File: AS153835.roa (raw, json) Hash identifier: UCyQKQFklS2N5IisRySqeSjoqjZxNe9sOUngesba+mg= Subject key identifier: 3D:49:EF:AC:5F:FC:54:C5:CB:5F:98:A6:D1:CE:CB:BF:8F:A6:A2:3C Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5266C60EC07DAD7E969A79E20F0EB0F81084761A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153835.roa Signing time: Mon 28 Jul 2025 03:55:38 +0000 ROA not before: Mon 28 Jul 2025 03:50:38 +0000 ROA not after: Mon 27 Jul 2026 03:55:38 +0000 asID: 153835 IP address blocks: 163.227.113.0/24 maxlen: 24 2001:df5:65c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 Aug 2025 13:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:66:c6:0e:c0:7d:ad:7e:96:9a:79:e2:0f:0e:b0:f8:10:84:76:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 28 03:50:38 2025 GMT Not After : Jul 27 03:55:38 2026 GMT Subject: CN=3D49EFAC5FFC54C5CB5F98A6D1CECBBF8FA6A23C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:e9:42:93:97:bf:cd:5e:52:07:5b:ef:94:9f: 91:4a:a5:62:70:18:dc:5e:7d:1b:d9:e3:f7:82:6e: 54:ca:ab:c6:d8:a3:00:79:e7:fc:09:89:a9:1e:1b: d8:55:39:0f:b6:27:84:c7:ac:cb:92:18:e8:0d:30: f3:55:03:89:f8:2a:f1:33:24:92:2b:44:0e:82:bd: 7d:17:96:06:71:1c:f1:2a:42:d3:b9:dc:fb:de:f5: 65:cc:8d:82:6b:a2:cc:89:aa:e7:4d:fd:b1:32:36: d8:a1:c3:fb:45:98:ac:60:4b:bb:c3:a0:50:59:94: e2:45:87:97:af:c2:a1:06:14:8d:2a:bc:94:05:e3: 81:d2:e7:39:c6:45:40:47:ee:34:08:9a:2a:97:4f: 0a:d1:0c:a6:de:37:b5:c7:6c:33:cc:bf:f7:e4:26: 75:5e:91:74:02:56:fe:68:c8:b0:2f:be:23:b4:95: e9:f9:be:1f:bc:c8:6e:d9:cf:9e:09:45:c9:b5:95: 4a:8e:77:7f:ec:bd:ef:e9:78:06:9b:59:60:fe:dd: 57:0c:52:ed:20:41:75:cb:2b:0e:2a:6e:08:5c:e9: 8d:21:29:58:08:c1:f4:9b:dc:c3:41:5d:94:bf:c9: f8:6c:31:d3:96:2c:82:b6:42:6d:d1:01:a8:78:e2: 2a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:49:EF:AC:5F:FC:54:C5:CB:5F:98:A6:D1:CE:CB:BF:8F:A6:A2:3C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153835.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.113.0/24 IPv6: 2001:df5:65c0::/48 Signature Algorithm: sha256WithRSAEncryption 1d:86:82:a3:d7:01:80:fa:ae:58:46:2b:d3:b7:e8:38:40:e8: e6:0a:2d:13:c5:4d:fa:2c:80:17:4b:32:dc:8b:2b:e7:97:16: bf:f4:86:0d:97:0e:b5:60:94:bd:2d:40:c7:e5:eb:c5:f7:dd: 50:5d:49:86:b5:58:2e:39:28:ff:8c:ba:10:19:81:0a:c5:39: 98:81:7b:eb:93:02:4a:8e:7e:a3:62:1b:3b:0d:e1:24:73:28: aa:37:0f:90:86:8f:39:e7:60:4d:8f:7f:37:06:ee:98:61:5e: 2d:f6:52:17:92:e0:0c:42:95:95:9b:c6:21:57:d9:a3:5a:b7: bd:cc:ba:15:1b:df:02:5e:b2:e5:0e:3c:9a:b4:a2:b0:5b:74: c3:af:34:9a:60:1d:a3:19:50:6a:46:e2:73:5b:11:9a:a8:8a: a4:d2:a1:d0:a4:1b:ee:a7:6c:b6:4a:3c:df:a2:a9:35:00:b8: 21:1a:2d:28:95:5d:a7:fb:70:32:bd:fc:5f:10:5a:9c:ad:76: 19:5c:57:c0:57:cb:9e:dd:d8:29:53:2e:62:8f:39:b8:a1:dc: 18:d3:b1:9f:d8:e3:fd:e4:ff:6d:79:d4:1c:3a:96:50:76:fe: 42:9b:92:f6:c3:54:ef:f1:aa:ab:88:ec:2c:8c:ae:55:de:dd: 6c:a3:7e:05 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUUmbGDsB9rX6WmnniDw6w+BCEdhowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyODAzNTAzOFoX DTI2MDcyNzAzNTUzOFowMzExMC8GA1UEAxMoM0Q0OUVGQUM1RkZDNTRDNUNCNUY5 OEE2RDFDRUNCQkY4RkE2QTIzQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOvpQpOXv81eUgdb75SfkUqlYnAY3F59G9nj94JuVMqrxtijAHnn/AmJqR4b 2FU5D7YnhMesy5IY6A0w81UDifgq8TMkkitEDoK9fReWBnEc8SpC07nc+971ZcyN gmuizImq5039sTI22KHD+0WYrGBLu8OgUFmU4kWHl6/CoQYUjSq8lAXjgdLnOcZF QEfuNAiaKpdPCtEMpt43tcdsM8y/9+QmdV6RdAJW/mjIsC++I7SV6fm+H7zIbtnP nglFybWVSo53f+y97+l4BptZYP7dVwxS7SBBdcsrDipuCFzpjSEpWAjB9Jvcw0Fd lL/J+Gwx05YsgrZCbdEBqHjiKpMCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQ9Se+s X/xUxctfmKbRzsu/j6aiPDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzgzNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAKPjcTAPBAIAAjAJAwcAIAEN9WXAMA0GCSqGSIb3DQEBCwUAA4IB AQAdhoKj1wGA+q5YRivTt+g4QOjmCi0TxU36LIAXSzLciyvnlxa/9IYNlw61YJS9 LUDH5evF991QXUmGtVguOSj/jLoQGYEKxTmYgXvrkwJKjn6jYhs7DeEkcyiqNw+Q ho8552BNj383Bu6YYV4t9lIXkuAMQpWVm8YhV9mjWre9zLoVG98CXrLlDjyatKKw W3TDrzSaYB2jGVBqRuJzWxGaqIqk0qHQpBvup2y2Sjzfoqk1ALghGi0olV2n+3Ay vfxfEFqcrXYZXFfAV8ue3dgpUy5ijzm4odwY07Gf2OP95P9tedQcOpZQdv5Cm5L2 w1Tv8aqriOwsjK5V3t1so34F -----END CERTIFICATE-----Generated at Wed Aug 6 03:57:32 2025 by rpki-client