$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153940.roa File: AS153940.roa (raw, json) Hash identifier: cxUgKLw+9cMna2AXjfRyBzsQq2xO/9i3daPC9XarapI= Subject key identifier: BF:0B:46:A5:07:3E:6C:E0:C1:BC:BC:6A:6E:8C:01:34:AA:41:8A:51 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 70A63DC80AEF7342BA38D7D995252234A9B71DE1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153940.roa Signing time: Thu 18 Sep 2025 04:41:59 +0000 ROA not before: Thu 18 Sep 2025 04:36:59 +0000 ROA not after: Thu 17 Sep 2026 04:41:59 +0000 asID: 153940 IP address blocks: 165.99.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:a6:3d:c8:0a:ef:73:42:ba:38:d7:d9:95:25:22:34:a9:b7:1d:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 18 04:36:59 2025 GMT Not After : Sep 17 04:41:59 2026 GMT Subject: CN=BF0B46A5073E6CE0C1BCBC6A6E8C0134AA418A51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:13:b7:e2:3c:7e:c4:e0:b0:bb:e9:0c:95:f5: 61:60:3f:1f:70:37:2d:81:d1:5f:1d:2a:a6:c7:ae: 8f:cf:33:be:e1:6f:28:c2:24:64:09:88:6c:98:d6: 4d:33:d7:61:11:95:88:e2:92:aa:f9:e5:14:90:21: 18:c8:91:90:40:66:0d:e2:c6:b9:80:1a:8e:ea:d0: 80:b8:1e:55:5f:00:50:bb:62:48:8d:80:83:c2:3e: bc:b6:86:22:69:e1:89:42:24:9a:16:a3:19:3c:87: 78:7a:be:8f:65:f1:85:8d:90:71:d6:8b:30:54:1f: f2:a5:30:5d:ce:ad:ea:80:ce:72:5a:aa:0d:49:12: 50:21:ba:21:9a:a6:06:41:fb:6d:4e:f2:bd:29:aa: 36:11:78:e9:b3:e6:f4:dc:2b:4a:0a:8d:71:14:05: aa:00:99:24:9f:36:f0:e2:0e:fa:a6:9c:02:d8:de: 50:ea:d0:ba:58:68:eb:b9:c5:48:3d:3d:51:3b:42: 76:d5:fb:b0:78:61:bf:55:ee:ec:a7:5b:b0:8f:81: 81:71:1d:f8:a2:e7:b0:0f:74:76:6c:bb:08:ac:9f: 64:6d:00:15:69:8f:b7:90:4e:fe:83:7a:f8:ad:0a: 39:fb:91:75:63:c8:dc:90:44:3b:ea:48:94:65:fb: 72:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:0B:46:A5:07:3E:6C:E0:C1:BC:BC:6A:6E:8C:01:34:AA:41:8A:51 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153940.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.151.0/24 Signature Algorithm: sha256WithRSAEncryption 80:9f:69:ac:2b:a6:b7:cd:1f:32:89:38:1e:a9:60:ef:b2:e1: 4a:c4:ca:1e:bf:b6:c9:f6:f2:67:97:c7:05:ed:35:96:3e:d8: 4d:eb:e8:fd:1b:68:bb:15:bc:c6:b3:c3:68:32:0f:2b:8b:fe: 91:c3:95:91:85:1a:dd:52:7e:68:c3:8a:a8:8e:21:8a:54:e1: 3c:c7:ec:70:98:e7:fc:af:03:5d:5f:95:e5:aa:ac:e8:00:8e: 06:a9:cb:be:5b:5f:20:d5:b2:7b:4d:b2:ce:9b:7e:78:5d:09: 74:7b:8b:b5:51:62:23:97:96:d4:59:68:ac:01:94:16:f3:da: 82:38:5c:07:85:03:0d:4e:af:34:69:7a:b8:c8:f2:61:cb:b8: 86:bf:56:ca:ae:c7:bd:32:49:0e:d8:eb:c0:b8:d6:fb:f9:bf: a4:a0:18:1d:89:01:3e:ea:ff:1a:9f:b2:79:b7:95:a6:6d:a1: 55:db:43:ab:27:a4:7c:96:be:26:7a:88:e5:a4:6f:5f:df:00: c9:52:0d:00:99:c6:15:b0:75:33:e6:36:98:a9:11:90:71:ff: 7f:a6:da:a9:64:90:cc:36:3d:de:8d:a3:70:9b:2b:67:2f:b4: b1:a8:91:e5:f6:8c:3c:c9:63:20:0e:d2:ba:70:33:89:e8:0f: ca:ba:85:eb -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUcKY9yArvc0K6ONfZlSUiNKm3HeEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkxODA0MzY1OVoX DTI2MDkxNzA0NDE1OVowMzExMC8GA1UEAxMoQkYwQjQ2QTUwNzNFNkNFMEMxQkNC QzZBNkU4QzAxMzRBQTQxOEE1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJkTt+I8fsTgsLvpDJX1YWA/H3A3LYHRXx0qpseuj88zvuFvKMIkZAmIbJjW TTPXYRGViOKSqvnlFJAhGMiRkEBmDeLGuYAajurQgLgeVV8AULtiSI2Ag8I+vLaG ImnhiUIkmhajGTyHeHq+j2XxhY2QcdaLMFQf8qUwXc6t6oDOclqqDUkSUCG6IZqm BkH7bU7yvSmqNhF46bPm9NwrSgqNcRQFqgCZJJ828OIO+qacAtjeUOrQulho67nF SD09UTtCdtX7sHhhv1Xu7KdbsI+BgXEd+KLnsA90dmy7CKyfZG0AFWmPt5BO/oN6 +K0KOfuRdWPI3JBEO+pIlGX7ctMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBS/C0al Bz5s4MG8vGpujAE0qkGKUTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk0MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVjlzANBgkqhkiG9w0BAQsFAAOCAQEAgJ9prCumt80fMok4Hqlg 77LhSsTKHr+2yfbyZ5fHBe01lj7YTevo/RtouxW8xrPDaDIPK4v+kcOVkYUa3VJ+ aMOKqI4hilThPMfscJjn/K8DXV+V5aqs6ACOBqnLvltfINWye02yzpt+eF0JdHuL tVFiI5eW1FlorAGUFvPagjhcB4UDDU6vNGl6uMjyYcu4hr9Wyq7HvTJJDtjrwLjW +/m/pKAYHYkBPur/Gp+yebeVpm2hVdtDqyekfJa+JnqI5aRvX98AyVINAJnGFbB1 M+Y2mKkRkHH/f6baqWSQzDY93o2jcJsrZy+0saiR5faMPMljIA7SunAziegPyrqF 6w== -----END CERTIFICATE-----Generated at Mon Oct 20 20:26:51 2025 by rpki-client