$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS58821.roa File: AS58821.roa (raw, json) Hash identifier: 7xki7srcyqeC2mrCrrZ/NSc6MlxmRkry/3RbgM0b7A0= Subject key identifier: 7D:DD:E2:CD:3C:A3:52:15:1D:0B:A6:7C:10:EF:77:ED:0F:73:AB:D8 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3C2520B0526A7DABF847B350F926DE7D1566D4DA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS58821.roa Signing time: Thu 07 Aug 2025 01:44:44 +0000 ROA not before: Thu 07 Aug 2025 01:39:44 +0000 ROA not after: Thu 06 Aug 2026 01:44:44 +0000 asID: 58821 IP address blocks: 165.101.42.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 10:24:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:25:20:b0:52:6a:7d:ab:f8:47:b3:50:f9:26:de:7d:15:66:d4:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 7 01:39:44 2025 GMT Not After : Aug 6 01:44:44 2026 GMT Subject: CN=7DDDE2CD3CA352151D0BA67C10EF77ED0F73ABD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:59:7a:ba:2e:9a:3b:99:71:dd:8f:08:55:39: 72:1b:33:40:5b:94:d1:dc:60:1a:36:8e:5f:f6:bd: 2d:ca:7c:ce:79:79:be:0f:b5:79:d5:ff:2d:be:dc: c0:6a:4b:18:13:5d:a6:5e:c5:bf:e4:59:34:aa:d6: 35:9d:81:27:34:6c:41:37:2c:b5:66:e3:e3:b7:62: c8:f4:a0:fe:f0:2b:fc:8f:1e:da:d8:64:0a:96:e1: cc:7c:64:f0:b9:34:dd:f5:b7:db:fc:09:b1:42:1b: eb:0a:de:15:41:d1:e2:d0:b2:8b:4c:87:6e:c0:ec: 4c:2c:00:e8:03:5d:e7:d4:6e:67:fc:e6:e7:5d:be: a5:e4:8f:ab:9d:6f:db:39:a2:cb:6a:cd:c0:0f:82: 04:22:a1:56:11:e8:e8:5b:ec:61:d1:3e:78:b6:84: 20:b7:71:53:95:db:62:45:7f:a2:28:a8:33:c6:f1: e5:77:94:94:13:2a:0c:8d:f9:e5:fb:4d:fa:6f:23: fd:2b:90:68:97:13:cb:f4:b4:f0:21:ec:bf:b2:dd: 91:c9:36:0a:b9:55:31:1a:c5:87:01:22:e6:27:a5: 51:68:ea:0d:59:d3:b5:53:6f:e1:6a:41:dc:ba:e5: b4:0c:a6:fd:a8:9b:26:db:34:89:5a:c1:70:f8:64: 6d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:DD:E2:CD:3C:A3:52:15:1D:0B:A6:7C:10:EF:77:ED:0F:73:AB:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS58821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 165.101.42.0/23 Signature Algorithm: sha256WithRSAEncryption 34:25:87:f7:a3:46:9b:15:e3:49:74:86:41:11:a0:86:11:6e: 85:0b:66:3d:b6:7d:73:40:6b:d6:f7:0d:95:f5:64:2c:2f:ba: 7d:07:8f:5d:c3:0f:9c:41:c9:9e:4b:ac:96:2e:d2:ac:8b:33: 4c:a4:1f:e8:38:1f:94:fd:6d:23:bc:c9:01:21:e6:bd:7a:ce: 2c:95:04:ce:70:e2:6c:2f:49:90:60:49:87:ab:57:25:ec:ba: 78:c6:b1:0d:5e:9d:54:63:8b:ed:e5:cc:e9:4b:a4:57:62:57: fa:01:91:57:51:9e:e8:90:b0:71:35:20:3a:38:8c:cd:12:14: 89:0c:b4:43:98:e4:00:3c:3a:48:8e:ac:70:5c:66:2a:a6:1a: 9f:1c:d4:19:35:21:a7:8e:bc:5b:e7:f7:6f:c6:d0:1d:4d:01: 51:05:7d:a2:f0:a0:bf:90:47:90:2f:f3:93:38:15:68:9b:1d: 50:1a:f1:4a:98:28:03:cc:dc:6d:59:1a:ce:8f:f9:07:97:98: fa:cf:92:49:8c:55:84:ba:fd:2a:24:4f:b2:01:fb:d2:e4:de: 56:c5:97:16:2b:93:47:a4:f7:64:e5:1b:8f:4b:b1:66:99:c2: 11:d4:ba:92:e4:f7:e2:94:31:ed:28:b6:f9:5a:c2:86:28:c1: 88:da:47:24 -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUPCUgsFJqfav4R7NQ+SbefRVm1NowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDgwNzAxMzk0NFoX DTI2MDgwNjAxNDQ0NFowMzExMC8GA1UEAxMoN0REREUyQ0QzQ0EzNTIxNTFEMEJB NjdDMTBFRjc3RUQwRjczQUJEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOhZeroumjuZcd2PCFU5chszQFuU0dxgGjaOX/a9Lcp8znl5vg+1edX/Lb7c wGpLGBNdpl7Fv+RZNKrWNZ2BJzRsQTcstWbj47diyPSg/vAr/I8e2thkCpbhzHxk 8Lk03fW32/wJsUIb6wreFUHR4tCyi0yHbsDsTCwA6ANd59RuZ/zm512+peSPq51v 2zmiy2rNwA+CBCKhVhHo6FvsYdE+eLaEILdxU5XbYkV/oiioM8bx5XeUlBMqDI35 5ftN+m8j/SuQaJcTy/S08CHsv7Ldkck2CrlVMRrFhwEi5ielUWjqDVnTtVNv4WpB 3LrltAym/aibJts0iVrBcPhkbXcCAwEAAaOCAc8wggHLMB0GA1UdDgQWBBR93eLN PKNSFR0LpnwQ73ftD3Or2DAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzU4ODIxLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBpWUqMA0GCSqGSIb3DQEBCwUAA4IBAQA0JYf3o0abFeNJdIZBEaCG EW6FC2Y9tn1zQGvW9w2V9WQsL7p9B49dww+cQcmeS6yWLtKsizNMpB/oOB+U/W0j vMkBIea9es4slQTOcOJsL0mQYEmHq1cl7Lp4xrENXp1UY4vt5czpS6RXYlf6AZFX UZ7okLBxNSA6OIzNEhSJDLRDmOQAPDpIjqxwXGYqphqfHNQZNSGnjrxb5/dvxtAd TQFRBX2i8KC/kEeQL/OTOBVomx1QGvFKmCgDzNxtWRrOj/kHl5j6z5JJjFWEuv0q JE+yAfvS5N5WxZcWK5NHpPdk5RuPS7FmmcIR1LqS5PfilDHtKLb5WsKGKMGI2kck -----END CERTIFICATE-----Generated at Sat Aug 23 15:22:59 2025 by rpki-client