$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147089.roa File: AS147089.roa (raw, json) Hash identifier: xzaEtCJyJ9Z1rxLZqguyW306jNt8jH3aREwdxOlq4QU= Subject key identifier: 2B:2C:7D:C8:AB:66:CE:78:32:46:87:3B:8E:8A:6C:E9:D8:34:EF:64 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 586F4966D36B2A3572B3F6A95CCF3E3BFC2ACF5C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147089.roa Signing time: Mon 28 Apr 2025 04:00:00 +0000 ROA not before: Mon 28 Apr 2025 03:55:00 +0000 ROA not after: Mon 27 Apr 2026 04:00:00 +0000 asID: 147089 IP address blocks: 103.173.232.0/24 maxlen: 24 103.173.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:6f:49:66:d3:6b:2a:35:72:b3:f6:a9:5c:cf:3e:3b:fc:2a:cf:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 28 03:55:00 2025 GMT Not After : Apr 27 04:00:00 2026 GMT Subject: CN=2B2C7DC8AB66CE783246873B8E8A6CE9D834EF64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d2:c9:22:45:d6:90:fb:13:40:cc:46:ac:6d: a1:2e:b0:13:01:8f:1b:72:60:bb:4b:15:43:d9:86: f8:b8:b8:ac:b0:f8:ad:8f:47:a5:cb:dc:c3:0e:95: a2:d9:7c:d8:37:7d:28:ec:3b:4f:38:7c:ff:e0:ed: 02:04:17:e5:2a:b8:e5:f2:f7:43:e3:09:a6:d9:3d: 03:ad:21:5c:e4:dc:1d:7e:90:3d:6f:41:f9:96:ff: f6:95:89:7e:73:b1:c7:51:6b:0c:6b:62:78:1f:d1: 4b:2c:74:a3:74:af:4a:3d:8c:58:5a:b5:f9:bb:0c: 0b:67:da:51:75:e4:b8:0d:f3:75:f6:ac:d5:8f:6c: 4d:b1:7a:ca:f4:cb:d4:94:84:e1:f4:35:34:37:cc: dd:dd:0a:69:67:e4:ce:53:37:85:a2:91:b3:4a:9c: a0:8d:5f:bc:8a:88:7d:63:4c:97:23:56:87:42:f0: 72:dd:e0:ab:f6:92:0c:ab:75:0a:52:f6:71:fe:d5: fd:1c:4f:e4:73:1f:ba:08:f6:cc:c7:cb:52:e7:8c: f8:92:73:37:34:2a:6d:12:a5:cb:ec:55:a3:4e:b1: 48:ac:be:18:06:a6:65:5d:d6:73:08:5e:97:c0:8f: ea:40:63:e3:6b:93:61:c9:6b:76:84:a0:b6:6c:88: b1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:2C:7D:C8:AB:66:CE:78:32:46:87:3B:8E:8A:6C:E9:D8:34:EF:64 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.173.232.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:67:dd:92:3c:72:cb:bb:67:ac:bc:61:97:22:31:e3:55:62: 99:b5:1a:74:d1:71:c9:75:a7:c0:49:bb:9f:dd:de:6d:9b:a2: 0b:78:9a:18:8d:90:fe:24:b0:63:84:9f:5a:25:10:89:10:11: a3:83:39:c7:b8:f0:71:5a:17:b3:2c:57:d2:ad:f8:64:20:8e: 65:48:a7:fd:ca:da:b8:91:e6:10:a5:6b:bc:67:16:32:01:a0: d1:f2:63:f5:26:7b:26:8d:5e:08:7e:92:12:4c:aa:02:ed:09: a9:6d:6d:61:1a:46:9c:b0:a9:75:76:77:e4:37:da:4e:9c:ec: e4:95:7c:d7:47:35:69:28:af:41:7c:5e:3d:f4:5b:1e:86:f2: 47:2b:48:0b:9d:2c:bb:9d:04:c6:d0:70:69:40:e4:49:c6:e4: d4:ff:f3:7e:b0:19:eb:69:78:5c:49:d6:c1:6d:ff:fa:42:e8: d6:45:44:4a:76:d7:1f:99:ed:81:ce:00:bf:ef:b1:d0:42:44: cd:bf:ee:0c:f6:81:54:33:3b:05:45:02:13:28:3f:ed:ac:1c: bf:a7:ab:e6:25:c0:e7:43:0e:07:48:95:27:ec:b3:d8:9c:30: b7:21:38:fa:2f:fc:2e:f4:a2:83:23:d8:31:5a:6a:d2:e4:7b: 60:a3:b5:47 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWG9JZtNrKjVys/apXM8+O/wqz1wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQyODAzNTUwMFoX DTI2MDQyNzA0MDAwMFowMzExMC8GA1UEAxMoMkIyQzdEQzhBQjY2Q0U3ODMyNDY4 NzNCOEU4QTZDRTlEODM0RUY2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPSySJF1pD7E0DMRqxtoS6wEwGPG3Jgu0sVQ9mG+Li4rLD4rY9Hpcvcww6V otl82Dd9KOw7Tzh8/+DtAgQX5Sq45fL3Q+MJptk9A60hXOTcHX6QPW9B+Zb/9pWJ fnOxx1FrDGtieB/RSyx0o3SvSj2MWFq1+bsMC2faUXXkuA3zdfas1Y9sTbF6yvTL 1JSE4fQ1NDfM3d0KaWfkzlM3haKRs0qcoI1fvIqIfWNMlyNWh0Lwct3gq/aSDKt1 ClL2cf7V/RxP5HMfugj2zMfLUueM+JJzNzQqbRKly+xVo06xSKy+GAamZV3Wcwhe l8CP6kBj42uTYclrdoSgtmyIsasCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQrLH3I q2bOeDJGhzuOimzp2DTvZDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzA4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWet6DANBgkqhkiG9w0BAQsFAAOCAQEADmfdkjxyy7tnrLxhlyIx 41VimbUadNFxyXWnwEm7n93ebZuiC3iaGI2Q/iSwY4SfWiUQiRARo4M5x7jwcVoX syxX0q34ZCCOZUin/crauJHmEKVrvGcWMgGg0fJj9SZ7Jo1eCH6SEkyqAu0JqW1t YRpGnLCpdXZ35DfaTpzs5JV810c1aSivQXxePfRbHobyRytIC50su50ExtBwaUDk Scbk1P/zfrAZ62l4XEnWwW3/+kLo1kVESnbXH5ntgc4Av++x0EJEzb/uDPaBVDM7 BUUCEyg/7awcv6er5iXA50MOB0iVJ+yz2JwwtyE4+i/8LvSigyPYMVpq0uR7YKO1 Rw== -----END CERTIFICATE-----Generated at Mon May 5 19:14:06 2025 by rpki-client