$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142387.roa File: AS142387.roa (raw, json) Hash identifier: 1Y11Y5iIgJwA1gQ7dQBpDz+axSFh9N+JRRap9UewJII= Subject key identifier: BB:54:7C:F9:4C:54:1C:6A:45:A7:79:53:BB:EB:01:31:E9:AE:DD:E5 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0D536E5B151B851C487255CE91A2C06887317797 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142387.roa Signing time: Fri 10 Oct 2025 02:33:11 +0000 ROA not before: Fri 10 Oct 2025 02:28:11 +0000 ROA not after: Fri 09 Oct 2026 02:33:11 +0000 asID: 142387 IP address blocks: 216.243.112.0/20 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:53:6e:5b:15:1b:85:1c:48:72:55:ce:91:a2:c0:68:87:31:77:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 10 02:28:11 2025 GMT Not After : Oct 9 02:33:11 2026 GMT Subject: CN=BB547CF94C541C6A45A77953BBEB0131E9AEDDE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:9e:f7:c4:0a:63:d8:cc:51:2a:8c:ff:76: a4:5e:d8:99:55:1d:e0:43:e3:43:ba:3d:47:fa:06: 71:d5:3f:c3:14:38:44:c6:6e:bc:24:89:62:6c:c3: a2:6c:53:b6:7f:41:7a:d3:4e:85:7c:1c:f6:76:31: 20:4c:cd:68:ed:ab:5c:52:b8:df:a5:ed:d1:d0:32: c2:92:a0:d8:e6:d8:96:31:df:f2:0b:d7:f9:8b:a8: 4e:4b:b4:f0:32:8a:64:15:db:c9:68:b6:b2:50:2f: 02:de:17:b5:29:36:99:e5:71:8a:41:6c:29:88:f2: 77:fa:cb:71:42:ed:49:7f:5d:ab:c6:1b:e3:8d:98: 55:55:9e:46:cd:65:2f:31:45:5f:b1:14:9d:1b:ea: e5:14:a5:4e:b2:5f:67:f5:41:7b:e9:c7:03:df:13: 45:cf:3f:a2:72:e0:79:2c:78:5e:86:28:03:a6:0f: 1a:c1:64:c2:d7:c5:e0:83:68:18:23:22:f4:13:60: 7c:75:37:c0:dc:b6:e2:27:db:74:d5:6a:12:3f:d3: 32:b5:f3:ad:51:c7:2b:a9:94:d7:4f:84:7e:8a:7c: 7b:3c:e2:5f:d9:e2:40:3f:4f:e6:bd:7f:7b:a5:84: 02:97:c8:1d:70:5e:14:08:01:38:2d:44:7c:12:05: 17:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:54:7C:F9:4C:54:1C:6A:45:A7:79:53:BB:EB:01:31:E9:AE:DD:E5 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS142387.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 216.243.112.0/20 Signature Algorithm: sha256WithRSAEncryption 7c:6c:4d:f7:86:34:4c:d2:72:34:1a:a1:99:dc:1c:96:40:ea: 8b:08:6e:d0:29:40:6e:94:2e:78:06:f2:89:88:cd:af:9f:1a: 9d:a3:ae:3a:40:33:e4:e4:19:ea:70:31:41:0b:c9:4b:88:f3: 39:db:6b:3e:dd:17:5e:35:77:0f:6b:7b:ee:e9:cc:6e:d5:01: 48:99:12:02:70:03:08:4f:9b:c8:dd:1e:84:c2:4b:97:46:f0: 51:81:d5:6e:dc:7c:49:5d:e2:5f:f9:eb:df:a8:c6:e2:f8:3b: e2:11:71:39:a3:45:02:98:0e:ce:65:13:e0:70:ed:85:63:0b: 4d:a3:67:1c:4d:8f:9b:0e:72:5f:43:9f:68:df:ba:72:fc:fc: 51:24:85:b6:8b:a6:19:57:f9:49:f8:c9:f0:7a:10:ac:6f:32: 12:7b:ec:bd:78:9c:b0:e8:55:78:75:a0:9c:9b:85:2f:53:b4: 0e:8d:17:ed:a3:ad:9b:89:61:b0:58:61:18:ee:65:7e:64:98: f3:10:5a:48:25:c8:b3:0e:f0:73:0a:46:9f:ce:5a:96:37:19: 27:07:67:8c:88:09:e0:f1:ce:40:6b:01:59:0e:5f:5d:f8:b7: 8c:04:33:bd:fe:2c:ac:66:48:f2:8c:9c:e8:00:d6:0b:d7:db: 64:a2:62:4f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUDVNuWxUbhRxIclXOkaLAaIcxd5cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxMDAyMjgxMVoX DTI2MTAwOTAyMzMxMVowMzExMC8GA1UEAxMoQkI1NDdDRjk0QzU0MUM2QTQ1QTc3 OTUzQkJFQjAxMzFFOUFFRERFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0bnvfECmPYzFEqjP92pF7YmVUd4EPjQ7o9R/oGcdU/wxQ4RMZuvCSJYmzD omxTtn9BetNOhXwc9nYxIEzNaO2rXFK436Xt0dAywpKg2ObYljHf8gvX+YuoTku0 8DKKZBXbyWi2slAvAt4XtSk2meVxikFsKYjyd/rLcULtSX9dq8Yb442YVVWeRs1l LzFFX7EUnRvq5RSlTrJfZ/VBe+nHA98TRc8/onLgeSx4XoYoA6YPGsFkwtfF4INo GCMi9BNgfHU3wNy24ifbdNVqEj/TMrXzrVHHK6mU10+Efop8ezziX9niQD9P5r1/ e6WEApfIHXBeFAgBOC1EfBIFF80CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS7VHz5 TFQcakWneVO76wEx6a7d5TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE0MjM4Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEBNjzcDANBgkqhkiG9w0BAQsFAAOCAQEAfGxN94Y0TNJyNBqhmdwc lkDqiwhu0ClAbpQueAbyiYjNr58anaOuOkAz5OQZ6nAxQQvJS4jzOdtrPt0XXjV3 D2t77unMbtUBSJkSAnADCE+byN0ehMJLl0bwUYHVbtx8SV3iX/nr36jG4vg74hFx OaNFApgOzmUT4HDthWMLTaNnHE2Pmw5yX0OfaN+6cvz8USSFtoumGVf5SfjJ8HoQ rG8yEnvsvXicsOhVeHWgnJuFL1O0Do0X7aOtm4lhsFhhGO5lfmSY8xBaSCXIsw7w cwpGn85aljcZJwdnjIgJ4PHOQGsBWQ5fXfi3jAQzvf4srGZI8oyc6ADWC9fbZKJi Tw== -----END CERTIFICATE-----Generated at Mon Oct 20 18:11:42 2025 by rpki-client