$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153961.roa File: AS153961.roa (raw, json) Hash identifier: IEH/o2iD0L5J6hkVSqpIlm0ZUXZO22hyKDeCR0AfY4Y= Subject key identifier: 8B:60:ED:5C:43:8C:C8:B6:A4:E1:5C:08:AF:3D:1E:21:6F:E9:89:CC Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7C7A22A92709CAAE6F6F9ABEEB4E80C0B0A4D4B5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153961.roa Signing time: Tue 17 Jun 2025 03:13:20 +0000 ROA not before: Tue 17 Jun 2025 03:08:20 +0000 ROA not after: Tue 16 Jun 2026 03:13:20 +0000 asID: 153961 IP address blocks: 165.99.202.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 08:16:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:7a:22:a9:27:09:ca:ae:6f:6f:9a:be:eb:4e:80:c0:b0:a4:d4:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 17 03:08:20 2025 GMT Not After : Jun 16 03:13:20 2026 GMT Subject: CN=8B60ED5C438CC8B6A4E15C08AF3D1E216FE989CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:67:1a:30:2a:a3:2b:bc:f1:3e:f7:7a:2c:f3: 6a:e8:c7:2e:26:f4:02:0f:8c:ca:2d:b8:18:c3:8d: 76:5c:49:01:2b:41:6d:1f:2f:28:28:c4:8e:11:5b: f0:5e:a9:70:54:4b:ad:c4:a1:1d:c6:8f:c7:21:e2: 63:d7:a8:96:b2:db:e0:9a:48:c4:96:ba:6d:68:42: cb:79:28:b8:46:17:77:06:08:e0:44:55:a8:17:ae: a7:ca:aa:09:80:c2:74:c1:e1:e3:11:44:3f:29:24: 7e:18:aa:4e:7a:7d:e7:2c:4d:80:09:bf:f4:c1:bd: 7c:36:d6:a0:53:8b:dd:51:90:a5:1c:18:ae:8b:81: c9:b7:ac:45:0d:9a:17:d3:1e:36:c6:04:d6:24:3c: 64:0a:02:e7:a1:00:85:78:39:fc:31:ad:a9:5c:7b: 69:b9:1d:a1:be:3e:1c:c1:2c:4c:03:9b:f5:f3:f4: 61:d0:06:40:36:66:9f:4b:2c:46:a4:be:d0:3c:d6: d0:bd:72:89:7f:c8:6a:18:20:d5:b9:2d:1a:d8:39: 07:1e:32:af:2f:31:2c:cc:9d:da:50:3e:85:9c:8a: 99:c2:63:c8:18:61:00:0e:63:34:0d:ee:67:97:bb: ab:11:6a:9d:17:f2:a4:c3:9b:3d:b7:96:bd:81:9f: 2d:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:60:ED:5C:43:8C:C8:B6:A4:E1:5C:08:AF:3D:1E:21:6F:E9:89:CC X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153961.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.202.0/23 Signature Algorithm: sha256WithRSAEncryption 61:e4:05:db:6f:42:40:d4:87:7a:f8:cf:32:22:f2:6e:a0:87: 9e:cc:cb:05:e4:ee:dd:48:ca:9c:3d:95:db:b8:9e:46:82:45: ad:59:c9:ca:64:fb:79:d7:6c:0f:cf:bd:7a:94:87:a2:61:db: ec:5e:61:92:14:2b:a9:51:ac:cd:46:4c:5c:cf:cd:b1:4a:4f: 92:b9:c5:92:36:2d:a1:54:dd:5b:b3:90:8e:ce:95:fa:a1:a0: e1:35:bc:28:f4:5b:d7:9d:d4:93:57:f2:70:53:7f:21:8e:25: 75:d2:41:bd:f8:18:e7:40:fc:43:de:55:9c:f0:98:c8:d4:a4: 4c:37:3c:78:55:5a:e0:7f:40:8c:75:43:c3:f6:8e:b2:27:b8: de:a3:4c:7e:7c:11:81:c5:0d:ab:76:b5:ad:e8:c2:57:c1:ec: d9:c2:16:b6:6a:4e:32:e6:12:5f:3c:7b:15:11:97:dd:31:83: 81:71:d5:2c:c9:f7:cc:52:6b:62:cc:6f:70:bb:55:db:ff:db: c3:02:f9:05:4b:87:7b:21:bf:7a:77:1e:ae:4e:3e:e8:c6:06: b0:3e:75:f3:e9:9e:b6:81:5a:5f:4f:10:ba:8c:8d:f2:93:6d: ec:e3:85:41:fa:fc:44:fc:52:60:f5:47:29:2a:7e:58:42:3d: b2:03:14:97 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUfHoiqScJyq5vb5q+606AwLCk1LUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYxNzAzMDgyMFoX DTI2MDYxNjAzMTMyMFowMzExMC8GA1UEAxMoOEI2MEVENUM0MzhDQzhCNkE0RTE1 QzA4QUYzRDFFMjE2RkU5ODlDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANFnGjAqoyu88T73eizzaujHLib0Ag+Myi24GMONdlxJAStBbR8vKCjEjhFb 8F6pcFRLrcShHcaPxyHiY9eolrLb4JpIxJa6bWhCy3kouEYXdwYI4ERVqBeup8qq CYDCdMHh4xFEPykkfhiqTnp95yxNgAm/9MG9fDbWoFOL3VGQpRwYrouBybesRQ2a F9MeNsYE1iQ8ZAoC56EAhXg5/DGtqVx7abkdob4+HMEsTAOb9fP0YdAGQDZmn0ss RqS+0DzW0L1yiX/Iahgg1bktGtg5Bx4yry8xLMyd2lA+hZyKmcJjyBhhAA5jNA3u Z5e7qxFqnRfypMObPbeWvYGfLRECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSLYO1c Q4zItqThXAivPR4hb+mJzDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk2MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaVjyjANBgkqhkiG9w0BAQsFAAOCAQEAYeQF229CQNSHevjPMiLy bqCHnszLBeTu3UjKnD2V27ieRoJFrVnJymT7eddsD8+9epSHomHb7F5hkhQrqVGs zUZMXM/NsUpPkrnFkjYtoVTdW7OQjs6V+qGg4TW8KPRb153Uk1fycFN/IY4lddJB vfgY50D8Q95VnPCYyNSkTDc8eFVa4H9AjHVDw/aOsie43qNMfnwRgcUNq3a1rejC V8Hs2cIWtmpOMuYSXzx7FRGX3TGDgXHVLMn3zFJrYsxvcLtV2//bwwL5BUuHeyG/ encerk4+6MYGsD518+metoFaX08QuoyN8pNt7OOFQfr8RPxSYPVHKSp+WEI9sgMU lw== -----END CERTIFICATE-----Generated at Sun Jun 29 21:31:45 2025 by rpki-client