$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa File: AS58389.roa (raw, json) Hash identifier: heddE3zpvUIeM+caw5FsQI/7jEwmnpbP3OvvAD3WwIg= Subject key identifier: 08:69:07:14:3B:AD:4E:84:E0:09:FC:7F:BB:6C:8D:42:95:25:AA:46 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 43378B6B17B15AE3E0AF3FFC12A064BD897851BF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa Signing time: Tue 15 Jul 2025 02:41:08 +0000 ROA not before: Tue 15 Jul 2025 02:36:08 +0000 ROA not after: Tue 14 Jul 2026 02:41:08 +0000 asID: 58389 IP address blocks: 114.198.240.0/21 maxlen: 24 114.198.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 20:03:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:37:8b:6b:17:b1:5a:e3:e0:af:3f:fc:12:a0:64:bd:89:78:51:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 15 02:36:08 2025 GMT Not After : Jul 14 02:41:08 2026 GMT Subject: CN=086907143BAD4E84E009FC7FBB6C8D429525AA46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:89:ff:fd:1b:f3:ea:7a:4f:63:2c:57:82:3f: 21:f5:5b:ee:a5:7b:20:fc:b0:99:d8:1d:cf:c4:13: ed:de:0c:bc:6a:c5:9c:82:e0:9a:11:ec:b5:d5:db: 9d:f0:24:78:60:6d:5f:e6:2a:bf:69:be:ea:c6:18: d4:08:ad:da:9e:bf:75:61:16:ab:1c:ed:37:a9:29: 11:e5:d3:8d:db:bf:7e:5e:6f:b1:36:17:56:45:61: cf:d3:b6:66:82:1e:14:e1:66:4a:75:77:46:2a:74: 44:b9:29:de:9c:c6:c3:20:c7:16:66:1f:4a:5c:e0: 92:13:f5:c3:07:bc:83:ae:49:ed:2e:62:de:ab:25: 87:4d:de:1d:d0:cb:be:67:55:69:99:17:9d:89:68: 91:29:04:56:ee:7a:54:80:3b:e4:ec:9e:72:d9:91: aa:e2:3e:24:34:17:13:0a:32:21:0c:82:fa:05:1b: f6:6a:31:95:ff:7d:ef:0b:c2:4c:c9:9c:49:08:85: 21:1c:a0:05:cc:b3:1d:47:79:db:e7:6c:a1:fc:e6: 00:d7:56:94:9d:83:c7:ab:b7:90:1b:0c:32:31:ba: 98:3b:c5:7f:84:72:19:3c:46:b7:39:55:dc:08:ec: 8e:1a:82:6b:46:9b:32:2b:99:eb:98:c8:6c:a3:4b: de:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:69:07:14:3B:AD:4E:84:E0:09:FC:7F:BB:6C:8D:42:95:25:AA:46 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS58389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 114.198.240.0/21 Signature Algorithm: sha256WithRSAEncryption 8b:5c:c3:f9:d5:18:eb:34:26:93:82:58:d6:fe:02:1f:89:88: 65:f3:3a:ad:9a:30:51:93:c0:d8:d0:a2:70:39:09:81:48:cd: b4:64:a6:82:58:0d:73:27:98:91:b5:15:66:0f:dc:47:02:c1: 2e:df:67:30:9a:79:94:1a:3d:79:a3:98:5c:d0:81:c9:56:bd: 22:4c:32:95:e6:5f:29:9d:10:76:5b:c7:5b:f0:50:09:8a:0a: 94:6b:bb:66:73:a2:22:7b:06:e9:ad:02:94:00:18:f2:ed:5a: 58:18:56:26:bb:a3:44:36:f8:6f:f7:70:21:8d:00:6f:ae:ea: 42:d5:a6:d1:25:71:45:c8:8d:cb:22:52:d4:12:fc:3a:b9:59: 28:b8:fa:df:74:03:33:39:fb:d1:c7:d2:67:19:e5:48:bd:9e: 3b:9b:f8:e5:69:0c:19:f5:6c:aa:a8:ab:b7:40:7f:f8:1a:4d: ee:11:2c:3a:dd:df:e1:f8:fd:83:94:14:9d:3a:87:26:a4:ad: ff:96:da:2d:96:33:e2:22:bb:ea:14:a2:d2:34:0c:28:47:8f: 6e:bd:2f:92:46:b6:9c:05:83:90:de:6a:ef:dc:cc:c9:11:c2: 61:1e:ef:5f:01:c1:86:a7:61:62:f4:c2:00:b2:1e:a0:fc:67: 0d:61:17:af -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUQzeLaxexWuPgrz/8EqBkvYl4Ub8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxNTAyMzYwOFoX DTI2MDcxNDAyNDEwOFowMzExMC8GA1UEAxMoMDg2OTA3MTQzQkFENEU4NEUwMDlG QzdGQkI2QzhENDI5NTI1QUE0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJaJ//0b8+p6T2MsV4I/IfVb7qV7IPywmdgdz8QT7d4MvGrFnILgmhHstdXb nfAkeGBtX+Yqv2m+6sYY1Ait2p6/dWEWqxztN6kpEeXTjdu/fl5vsTYXVkVhz9O2 ZoIeFOFmSnV3Rip0RLkp3pzGwyDHFmYfSlzgkhP1wwe8g65J7S5i3qslh03eHdDL vmdVaZkXnYlokSkEVu56VIA75OyectmRquI+JDQXEwoyIQyC+gUb9moxlf997wvC TMmcSQiFIRygBcyzHUd52+dsofzmANdWlJ2Dx6u3kBsMMjG6mDvFf4RyGTxGtzlV 3AjsjhqCa0abMiuZ65jIbKNL3osCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBQIaQcU O61OhOAJ/H+7bI1ClSWqRjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzU4Mzg5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDcsbwMA0GCSqGSIb3DQEBCwUAA4IBAQCLXMP51RjrNCaTgljW/gIf iYhl8zqtmjBRk8DY0KJwOQmBSM20ZKaCWA1zJ5iRtRVmD9xHAsEu32cwmnmUGj15 o5hc0IHJVr0iTDKV5l8pnRB2W8db8FAJigqUa7tmc6IiewbprQKUABjy7VpYGFYm u6NENvhv93AhjQBvrupC1abRJXFFyI3LIlLUEvw6uVkouPrfdAMzOfvRx9JnGeVI vZ47m/jlaQwZ9WyqqKu3QH/4Gk3uESw63d/h+P2DlBSdOocmpK3/ltotljPiIrvq FKLSNAwoR49uvS+SRracBYOQ3mrv3MzJEcJhHu9fAcGGp2Fi9MIAsh6g/GcNYRev -----END CERTIFICATE-----Generated at Mon Aug 4 18:18:46 2025 by rpki-client