$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153992.roa File: AS153992.roa (raw, json) Hash identifier: Trnq5pA5YytC9FD7qWF7YUfgiCOeVOKY5kBz5r1o/zU= Subject key identifier: 58:5C:7F:D0:21:67:79:B7:67:DA:6C:99:9D:AF:66:5B:0B:CA:B3:FC Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1C9C60B81D5846F0CEFC03BF49F82F5C85EFD7A1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153992.roa Signing time: Thu 26 Jun 2025 07:38:50 +0000 ROA not before: Thu 26 Jun 2025 07:33:50 +0000 ROA not after: Thu 25 Jun 2026 07:38:50 +0000 asID: 153992 IP address blocks: 165.99.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 08:16:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:9c:60:b8:1d:58:46:f0:ce:fc:03:bf:49:f8:2f:5c:85:ef:d7:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 26 07:33:50 2025 GMT Not After : Jun 25 07:38:50 2026 GMT Subject: CN=585C7FD0216779B767DA6C999DAF665B0BCAB3FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:2f:aa:fb:f6:50:2c:c5:48:2b:27:1c:58:10: 9a:0f:6f:86:b2:da:1c:f2:1a:68:e7:ac:b0:b1:83: 53:6f:df:6c:cd:39:33:17:dc:16:93:37:b8:46:01: 32:b4:dd:74:bc:fc:8f:48:24:19:c6:a1:7b:00:e6: 21:45:b3:7d:48:c6:41:69:aa:0f:47:9d:b6:e9:f2: a6:e5:fd:48:ec:b3:42:50:5d:56:92:42:68:d6:3d: c5:53:0b:d9:58:5e:a2:c7:3e:64:c4:e3:2d:79:9f: 21:93:8a:c9:1c:54:34:7b:c1:f4:90:9d:a2:d6:19: 7f:6d:ed:a9:8e:30:6d:66:a1:af:59:9a:b0:b4:5d: cf:dc:eb:e6:56:f8:20:7e:aa:63:a7:5e:46:90:02: ce:c1:d1:d5:05:5f:3e:92:95:0e:49:c8:b2:1d:82: 30:5d:8f:0b:b1:ac:13:a6:fc:8e:4a:73:c1:fd:bc: f2:e7:b3:37:a2:a1:ea:16:9a:17:46:2d:2f:2e:64: 0b:15:72:93:25:cb:94:20:82:60:8f:d1:9d:17:c3: 85:b6:d0:ea:e0:61:f5:14:90:a5:9f:34:3a:15:51: 7a:a9:eb:9e:c3:ab:68:cc:d4:d5:91:a1:f7:97:87: bc:ca:a4:c0:de:93:9d:87:69:99:d4:85:6d:75:b5: da:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:5C:7F:D0:21:67:79:B7:67:DA:6C:99:9D:AF:66:5B:0B:CA:B3:FC X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153992.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.99.252.0/24 Signature Algorithm: sha256WithRSAEncryption 46:37:2c:22:3c:5f:b2:85:a2:7e:72:4c:47:1e:a4:6a:d1:98: cc:0c:d0:6e:65:8f:bc:d9:05:b7:de:e7:2d:df:c6:c8:fd:5d: 00:38:b6:65:e3:ea:39:3f:84:83:a8:3e:99:86:da:c1:c0:ae: b6:a5:2e:b4:09:d0:d2:d4:07:8f:3f:ef:8e:28:1d:1d:9b:61: 0c:3f:2d:04:0f:cb:a0:f9:12:e1:b1:58:8d:cb:f5:4d:54:16: 6b:ec:59:bf:09:6b:ff:08:6f:96:35:5e:49:35:cc:9e:ac:65: 82:d0:0d:f8:6f:0c:0f:23:5a:f0:6f:21:3b:0d:6d:ca:b1:c2: 05:00:7b:93:16:d9:7d:a2:fb:9e:95:bd:5e:b3:e6:69:f1:5b: 8f:02:1d:22:2c:56:86:ae:60:df:6f:06:aa:9f:ca:ef:9f:cf: e4:43:b6:a9:07:0d:02:c4:7a:3c:43:f8:c9:71:3a:8f:19:fc: 87:c5:53:9b:b6:30:66:cb:45:27:54:d3:e4:b4:b8:40:da:f5: 6d:d8:84:f5:41:43:bd:86:d7:c8:56:78:69:17:77:9f:87:e8: e6:24:02:e3:5b:1b:b4:c0:9c:8a:68:e6:72:cc:8a:e4:f3:d4: 7f:94:8a:89:72:42:c0:6f:71:02:ab:a5:52:f3:9d:e4:ac:5c: a1:07:da:5a -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUHJxguB1YRvDO/AO/SfgvXIXv16EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYyNjA3MzM1MFoX DTI2MDYyNTA3Mzg1MFowMzExMC8GA1UEAxMoNTg1QzdGRDAyMTY3NzlCNzY3REE2 Qzk5OURBRjY2NUIwQkNBQjNGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPcvqvv2UCzFSCsnHFgQmg9vhrLaHPIaaOessLGDU2/fbM05MxfcFpM3uEYB MrTddLz8j0gkGcahewDmIUWzfUjGQWmqD0edtunypuX9SOyzQlBdVpJCaNY9xVML 2Vheosc+ZMTjLXmfIZOKyRxUNHvB9JCdotYZf23tqY4wbWahr1masLRdz9zr5lb4 IH6qY6deRpACzsHR1QVfPpKVDknIsh2CMF2PC7GsE6b8jkpzwf288uezN6Kh6haa F0YtLy5kCxVykyXLlCCCYI/RnRfDhbbQ6uBh9RSQpZ80OhVReqnrnsOraMzU1ZGh 95eHvMqkwN6TnYdpmdSFbXW12okCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRYXH/Q IWd5t2fabJmdr2ZbC8qz/DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1Mzk5Mi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKVj/DANBgkqhkiG9w0BAQsFAAOCAQEARjcsIjxfsoWifnJMRx6k atGYzAzQbmWPvNkFt97nLd/GyP1dADi2ZePqOT+Eg6g+mYbawcCutqUutAnQ0tQH jz/vjigdHZthDD8tBA/LoPkS4bFYjcv1TVQWa+xZvwlr/whvljVeSTXMnqxlgtAN +G8MDyNa8G8hOw1tyrHCBQB7kxbZfaL7npW9XrPmafFbjwIdIixWhq5g328Gqp/K 75/P5EO2qQcNAsR6PEP4yXE6jxn8h8VTm7YwZstFJ1TT5LS4QNr1bdiE9UFDvYbX yFZ4aRd3n4fo5iQC41sbtMCcimjmcsyK5PPUf5SKiXJCwG9xAqulUvOd5KxcoQfa Wg== -----END CERTIFICATE-----Generated at Sun Jun 29 21:35:43 2025 by rpki-client