$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59132.roa File: AS59132.roa (raw, json) Hash identifier: +bGdpSGHFcrnADz47IHMPRzz0t3JyDNMJjipfIHBwsg= Subject key identifier: A5:B6:65:B1:AC:D3:A8:F0:EA:E1:EF:7D:49:C7:DA:68:0A:F0:17:D9 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5F06095A37D3571FD224D1457E3CD1663F263E6E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59132.roa Signing time: Thu 18 Sep 2025 04:20:33 +0000 ROA not before: Thu 18 Sep 2025 04:15:33 +0000 ROA not after: Thu 17 Sep 2026 04:20:33 +0000 asID: 59132 IP address blocks: 157.85.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:06:09:5a:37:d3:57:1f:d2:24:d1:45:7e:3c:d1:66:3f:26:3e:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 18 04:15:33 2025 GMT Not After : Sep 17 04:20:33 2026 GMT Subject: CN=A5B665B1ACD3A8F0EAE1EF7D49C7DA680AF017D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:7d:1a:71:41:c4:53:20:0e:55:64:b0:5e:ed: 6b:39:d5:06:73:53:08:b0:7b:a6:2e:3a:09:66:71: 67:ac:2c:90:a4:ee:4b:51:cc:46:29:f6:b9:a5:c9: 0b:14:18:ef:20:a2:10:6f:d3:68:aa:16:38:0e:22: dd:dc:56:b0:ad:36:24:82:a7:a2:d1:ab:3c:a9:43: d5:88:0b:51:f9:b4:94:92:3a:e9:0c:86:33:31:bf: c5:b1:6c:cc:06:b9:c5:7f:17:ed:6a:8d:fd:57:8c: 5e:59:17:3a:84:9b:0b:8d:45:ec:c6:9b:55:ed:a6: 3c:17:7a:80:ca:eb:14:28:2e:19:b5:73:1e:6b:0b: 3f:a5:39:27:76:d4:79:d0:08:87:b9:41:6b:84:28: 6e:62:73:42:e4:63:1e:c3:66:1b:67:1e:4f:ad:8c: 1b:01:fb:43:71:44:ca:e1:54:75:0f:aa:08:3a:c2: ce:40:68:37:dd:d7:bd:f2:48:2b:c2:0d:fd:f9:c9: 6e:40:2d:b6:68:8a:d9:59:e5:4a:3c:7c:b5:a5:d9: 13:41:05:60:c1:3f:34:6a:6d:b8:c7:bf:b3:2b:2d: f3:c8:cc:d5:fc:0e:81:fc:fa:dc:b5:83:5d:ea:5b: d9:4d:e5:ca:89:f9:16:ca:9c:4f:47:92:b2:4d:41: 6e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:B6:65:B1:AC:D3:A8:F0:EA:E1:EF:7D:49:C7:DA:68:0A:F0:17:D9 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS59132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.85.223.0/24 Signature Algorithm: sha256WithRSAEncryption 92:33:72:b4:70:0c:c2:a5:6e:b4:ab:4e:41:72:3b:91:00:bd: b7:d9:36:57:4e:08:95:9b:74:de:8d:3c:37:2c:c5:00:bd:8a: 91:d3:75:77:33:ed:b3:db:f7:f5:2d:f6:52:60:6f:44:4b:17: 90:6f:99:8a:ea:ff:b8:fc:db:5d:10:5e:b3:f2:8e:91:35:5a: e2:1b:e4:1a:2c:b6:e2:a9:39:20:5e:1e:db:0e:f5:8b:7a:5f: 85:f0:97:08:e5:7f:a9:17:40:e8:3e:20:ac:0b:c3:7f:22:b3: 7e:c1:49:8e:8f:b4:60:54:c1:99:20:01:46:3c:bb:d6:48:4e: 2c:02:f6:76:b0:4d:0a:42:47:aa:52:f6:07:4c:af:32:2e:49: 87:50:7e:ee:a5:13:f4:be:13:44:c7:13:f3:a5:4b:e0:86:f6: 82:46:0b:88:3b:5a:bf:94:89:23:31:63:1a:3e:65:45:04:4b: ff:6c:fa:46:8a:ea:25:c2:8f:e9:1b:36:b4:0a:0c:b8:67:8c: c2:eb:42:41:f1:2e:82:fa:e7:4e:81:4f:0f:04:e6:2e:eb:db: b0:20:35:27:d0:42:d3:7f:82:27:1b:da:c4:1d:17:62:a1:bb: e2:c7:fb:c3:e2:30:b1:b8:0c:0f:1c:30:e5:a6:91:dd:b0:60: 6c:cd:4b:7a -----BEGIN CERTIFICATE----- MIIE3DCCA8SgAwIBAgIUXwYJWjfTVx/SJNFFfjzRZj8mPm4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkxODA0MTUzM1oX DTI2MDkxNzA0MjAzM1owMzExMC8GA1UEAxMoQTVCNjY1QjFBQ0QzQThGMEVBRTFF RjdENDlDN0RBNjgwQUYwMTdEOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOZ9GnFBxFMgDlVksF7taznVBnNTCLB7pi46CWZxZ6wskKTuS1HMRin2uaXJ CxQY7yCiEG/TaKoWOA4i3dxWsK02JIKnotGrPKlD1YgLUfm0lJI66QyGMzG/xbFs zAa5xX8X7WqN/VeMXlkXOoSbC41F7MabVe2mPBd6gMrrFCguGbVzHmsLP6U5J3bU edAIh7lBa4QobmJzQuRjHsNmG2ceT62MGwH7Q3FEyuFUdQ+qCDrCzkBoN93XvfJI K8IN/fnJbkAttmiK2VnlSjx8taXZE0EFYME/NGptuMe/syst88jM1fwOgfz63LWD Xepb2U3lyon5FsqcT0eSsk1Bbt8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBSltmWx rNOo8Orh731Jx9poCvAX2TAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzU5MTMyLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAnVXfMA0GCSqGSIb3DQEBCwUAA4IBAQCSM3K0cAzCpW60q05BcjuR AL232TZXTgiVm3TejTw3LMUAvYqR03V3M+2z2/f1LfZSYG9ESxeQb5mK6v+4/Ntd EF6z8o6RNVriG+QaLLbiqTkgXh7bDvWLel+F8JcI5X+pF0DoPiCsC8N/IrN+wUmO j7RgVMGZIAFGPLvWSE4sAvZ2sE0KQkeqUvYHTK8yLkmHUH7upRP0vhNExxPzpUvg hvaCRguIO1q/lIkjMWMaPmVFBEv/bPpGiuolwo/pGza0Cgy4Z4zC60JB8S6C+udO gU8PBOYu69uwIDUn0ELTf4InG9rEHRdiobvix/vD4jCxuAwPHDDlppHdsGBszUt6 -----END CERTIFICATE-----Generated at Mon Oct 20 20:27:02 2025 by rpki-client