$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153924.roa File: AS153924.roa (raw, json) Hash identifier: Z7sIEnxnWgvN6h/cG0Lqc5qWjun5E8T5MhDw3f017tc= Subject key identifier: 66:59:F8:6E:84:BF:F8:B2:8F:E5:12:1E:0B:C6:00:99:37:9B:59:F4 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 59255A450FD7774170922CE71AE12C5293A35CE0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153924.roa Signing time: Mon 04 Aug 2025 04:06:05 +0000 ROA not before: Mon 04 Aug 2025 04:01:05 +0000 ROA not after: Mon 03 Aug 2026 04:06:05 +0000 asID: 153924 IP address blocks: 2001:df5:9940::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:25:5a:45:0f:d7:77:41:70:92:2c:e7:1a:e1:2c:52:93:a3:5c:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 4 04:01:05 2025 GMT Not After : Aug 3 04:06:05 2026 GMT Subject: CN=6659F86E84BFF8B28FE5121E0BC60099379B59F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:af:5a:53:af:12:f1:28:f6:13:27:9d:d4:93: 60:6c:ee:02:4f:b7:6d:a4:8e:98:42:b9:ce:3d:89: da:8c:99:65:d3:8f:bf:4c:f3:3b:c2:93:fb:28:a2: de:47:86:12:7c:1b:21:bc:0f:a4:b1:71:63:1f:e6: 8f:86:72:8c:96:bc:fc:48:84:3b:67:24:75:79:c7: f3:44:da:4f:81:da:b3:34:72:5b:d9:58:ad:13:fe: d8:62:bd:23:a4:ab:d3:ef:75:77:21:29:aa:f1:3a: 80:51:2f:4a:ef:90:00:78:14:56:96:f0:12:4c:21: 7b:26:c4:82:6c:03:70:48:0a:e3:74:76:2f:5b:5e: 94:cc:2e:00:63:6c:8b:a9:1a:1d:08:e4:df:40:c0: a7:68:eb:51:31:8d:0c:cf:0c:02:56:e4:26:32:bc: ff:eb:88:7b:34:a9:be:f7:b4:7f:18:56:d9:d8:6a: 6f:90:b7:da:3d:b1:96:2e:29:fa:97:6a:2d:e9:af: 39:71:d3:7d:41:57:4d:a6:72:37:cc:ab:1a:2d:e0: bc:83:a3:10:37:49:00:7b:19:9a:fb:51:a3:cc:c3: 10:d4:2a:e4:08:91:2d:40:31:24:e9:08:e1:31:41: b1:64:db:1c:c0:9b:37:8c:3d:e0:2d:bf:44:45:c0: ec:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:59:F8:6E:84:BF:F8:B2:8F:E5:12:1E:0B:C6:00:99:37:9B:59:F4 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153924.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:9940::/48 Signature Algorithm: sha256WithRSAEncryption 16:bb:ff:11:07:16:0a:40:7a:95:60:62:93:8f:73:67:8f:6c: d7:aa:58:96:1b:39:3e:6f:b7:c9:53:6e:3b:6c:ab:52:95:62: 4b:94:22:e6:1f:b8:5b:d9:65:e4:7e:2a:31:a8:31:31:5a:09: cf:79:15:f5:40:b9:95:be:39:5d:e4:5c:56:fb:c5:48:aa:7d: a1:09:41:4b:02:d2:24:d5:9e:6e:3c:f7:22:1e:cf:cb:f8:33: 57:6f:1b:a1:59:4a:f8:de:b2:e8:d2:31:06:81:ff:b7:05:4a: ce:65:86:16:5d:05:7d:84:6a:f3:95:a1:bb:cc:a6:fc:59:d4: 21:6d:cf:91:8e:30:7d:47:9c:7f:d6:8f:68:4c:e7:94:5f:0e: f2:6e:c9:71:08:ff:d9:ff:dd:dc:ba:e3:53:fb:7a:d2:36:83: 08:fd:4f:e0:b8:f8:9f:22:2e:95:5f:6b:9a:ad:a5:77:97:4e: e7:46:64:bb:f1:cd:f3:d7:b0:b0:23:1e:74:ec:5d:77:a7:41: 28:92:b5:8d:85:da:1a:e9:e8:aa:5c:f5:de:f7:83:35:2b:e7: 7c:59:ca:c0:b5:f9:56:f3:d1:85:22:7d:36:cd:ec:95:01:7f: 0b:ed:b3:bd:0a:a3:a5:44:96:17:83:83:17:12:37:6a:39:c9: 61:45:25:3e -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUWSVaRQ/Xd0FwkiznGuEsUpOjXOAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgwNDA0MDEwNVoX DTI2MDgwMzA0MDYwNVowMzExMC8GA1UEAxMoNjY1OUY4NkU4NEJGRjhCMjhGRTUx MjFFMEJDNjAwOTkzNzlCNTlGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKCvWlOvEvEo9hMnndSTYGzuAk+3baSOmEK5zj2J2oyZZdOPv0zzO8KT+yii 3keGEnwbIbwPpLFxYx/mj4ZyjJa8/EiEO2ckdXnH80TaT4HaszRyW9lYrRP+2GK9 I6Sr0+91dyEpqvE6gFEvSu+QAHgUVpbwEkwheybEgmwDcEgK43R2L1telMwuAGNs i6kaHQjk30DAp2jrUTGNDM8MAlbkJjK8/+uIezSpvve0fxhW2dhqb5C32j2xli4p +pdqLemvOXHTfUFXTaZyN8yrGi3gvIOjEDdJAHsZmvtRo8zDENQq5AiRLUAxJOkI 4TFBsWTbHMCbN4w94C2/REXA7LECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRmWfhu hL/4so/lEh4LxgCZN5tZ9DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzkyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfWZQDANBgkqhkiG9w0BAQsFAAOCAQEAFrv/EQcWCkB6lWBi k49zZ49s16pYlhs5Pm+3yVNuO2yrUpViS5Qi5h+4W9ll5H4qMagxMVoJz3kV9UC5 lb45XeRcVvvFSKp9oQlBSwLSJNWebjz3Ih7Py/gzV28boVlK+N6y6NIxBoH/twVK zmWGFl0FfYRq85Whu8ym/FnUIW3PkY4wfUecf9aPaEznlF8O8m7JcQj/2f/d3Lrj U/t60jaDCP1P4Lj4nyIulV9rmq2ld5dO50Zku/HN89ewsCMedOxdd6dBKJK1jYXa Gunoqlz13veDNSvnfFnKwLX5VvPRhSJ9Ns3slQF/C+2zvQqjpUSWF4ODFxI3ajnJ YUUlPg== -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:34 2025 by rpki-client