$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23952.roa File: AS23952.roa (raw, json) Hash identifier: udfds512FIG1qjqJt5QVIX1PPnvbjktQiScw6cdzaFk= Subject key identifier: 25:90:8A:7C:1A:61:59:FB:BE:99:1B:B3:FC:0B:FB:F1:E8:96:EA:2D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5F6BA79FA275F8741DA483AF166A880D29DED4F4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23952.roa Signing time: Thu 23 Oct 2025 01:11:51 +0000 ROA not before: Thu 23 Oct 2025 01:06:51 +0000 ROA not after: Thu 22 Oct 2026 01:11:51 +0000 asID: 23952 IP address blocks: 2402:23a0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:6b:a7:9f:a2:75:f8:74:1d:a4:83:af:16:6a:88:0d:29:de:d4:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 23 01:06:51 2025 GMT Not After : Oct 22 01:11:51 2026 GMT Subject: CN=25908A7C1A6159FBBE991BB3FC0BFBF1E896EA2D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8b:f9:44:3c:d2:11:7e:bb:6e:2d:5f:dc:fa: 68:0e:2e:60:d8:1c:ef:3c:ad:67:4d:4e:b8:51:63: b1:4e:79:6f:db:bb:c2:26:2f:d8:eb:c1:af:64:fa: 1b:58:10:40:df:37:44:71:30:13:21:d8:47:8f:d4: 46:df:25:22:05:d1:38:67:11:be:4f:1f:bd:b0:68: 29:19:ed:4b:3d:fb:4b:1e:60:bf:59:56:86:24:ba: 88:e6:00:9c:60:17:ab:af:0e:23:d2:89:ce:b6:28: 61:69:5c:ca:d7:4a:a5:05:4d:cf:e1:c3:db:d9:57: 57:80:d6:b8:92:2b:d8:45:90:e9:cf:76:f2:f2:d4: e4:f5:9a:0c:94:31:1b:79:82:ad:0e:9f:96:7b:b8: 4b:43:46:66:59:3d:b9:a6:03:bd:40:43:30:70:c9: 4f:b7:cb:38:eb:ca:24:55:61:35:8b:3b:27:28:a7: 33:75:93:14:ec:5e:62:fe:b7:6c:3d:91:2b:b1:e7: 47:d9:30:2f:61:ee:88:ec:30:3f:49:ea:e8:7e:11: dc:a6:7b:fc:9f:f3:fe:14:b1:27:e5:a9:63:f9:3e: ba:74:6d:93:41:d9:a0:3d:f9:d7:87:49:f8:3e:d2: 35:87:70:21:30:26:6b:9f:06:b9:e4:1e:f9:f8:b7: 39:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:90:8A:7C:1A:61:59:FB:BE:99:1B:B3:FC:0B:FB:F1:E8:96:EA:2D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23952.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2402:23a0::/32 Signature Algorithm: sha256WithRSAEncryption 94:a3:8a:55:73:22:55:f3:b3:07:b3:d2:34:fa:48:ab:84:3c: b5:56:e4:ec:17:3f:45:05:bc:1e:db:b5:30:b1:e1:8e:97:5e: 64:46:7c:bf:89:97:bd:94:6c:e5:a5:ee:75:48:d3:59:24:33: 5f:3f:15:29:7a:0b:65:e9:c1:b9:44:fa:06:2b:ec:bd:54:a9: 6f:a3:18:b5:1e:bb:41:02:57:c6:8c:12:5b:53:89:d0:9a:b8: 8a:72:7a:cf:cc:77:0b:1f:8b:71:50:4c:40:8a:b6:3f:92:79: f9:9e:4f:7e:8f:4c:70:b1:f8:d6:af:ed:ca:39:68:df:77:c9: fb:d5:7c:13:ba:fa:af:df:21:6c:6f:6c:0e:99:cc:4a:39:17: ba:19:a0:b9:7b:84:1f:55:55:ca:60:0b:2a:08:c8:c3:c6:7a: 5e:92:2e:ae:c0:8f:bc:6a:e0:b7:26:83:ff:ce:ec:3c:87:d4: 7b:4a:19:af:6a:9d:1e:1d:46:d3:5a:67:ea:0a:cd:18:4e:a5: d2:df:e7:00:fc:53:de:c4:cb:ad:32:7b:a1:0a:81:1d:84:13: 39:5e:a3:8f:e4:c7:31:d8:a1:aa:88:2e:a0:fb:ca:7e:74:15: ae:94:a8:1c:08:ee:ab:7f:9a:69:05:57:5a:41:df:8a:04:5b: 13:0a:86:da -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUX2unn6J1+HQdpIOvFmqIDSne1PQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAyMzAxMDY1MVoX DTI2MTAyMjAxMTE1MVowMzExMC8GA1UEAxMoMjU5MDhBN0MxQTYxNTlGQkJFOTkx QkIzRkMwQkZCRjFFODk2RUEyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSL+UQ80hF+u24tX9z6aA4uYNgc7zytZ01OuFFjsU55b9u7wiYv2OvBr2T6 G1gQQN83RHEwEyHYR4/URt8lIgXROGcRvk8fvbBoKRntSz37Sx5gv1lWhiS6iOYA nGAXq68OI9KJzrYoYWlcytdKpQVNz+HD29lXV4DWuJIr2EWQ6c928vLU5PWaDJQx G3mCrQ6flnu4S0NGZlk9uaYDvUBDMHDJT7fLOOvKJFVhNYs7JyinM3WTFOxeYv63 bD2RK7HnR9kwL2HuiOwwP0nq6H4R3KZ7/J/z/hSxJ+WpY/k+unRtk0HZoD3514dJ +D7SNYdwITAma58GueQe+fi3OasCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQlkIp8 GmFZ+76ZG7P8C/vx6JbqLTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzIzOTUyLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAIjoDANBgkqhkiG9w0BAQsFAAOCAQEAlKOKVXMiVfOzB7PSNPpI q4Q8tVbk7Bc/RQW8Htu1MLHhjpdeZEZ8v4mXvZRs5aXudUjTWSQzXz8VKXoLZenB uUT6BivsvVSpb6MYtR67QQJXxowSW1OJ0Jq4inJ6z8x3Cx+LcVBMQIq2P5J5+Z5P fo9McLH41q/tyjlo33fJ+9V8E7r6r98hbG9sDpnMSjkXuhmguXuEH1VVymALKgjI w8Z6XpIursCPvGrgtyaD/87sPIfUe0oZr2qdHh1G01pn6grNGE6l0t/nAPxT3sTL rTJ7oQqBHYQTOV6jj+THMdihqoguoPvKfnQVrpSoHAjuq3+aaQVXWkHfigRbEwqG 2g== -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:22 2025 by rpki-client