$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa File: AS151009.roa (raw, json) Hash identifier: eYhVgBHqKFp67z0YUZSeK41lWUTOi95Tps/u+LiKPi4= Subject key identifier: A3:1F:A9:1D:B5:34:1C:9B:8C:D2:2A:DC:B8:0A:66:10:2E:3D:30:DB Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1557875369F10E191A87BA06D6576CCA7B9BF274 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa Signing time: Fri 06 Jun 2025 09:00:00 +0000 ROA not before: Fri 06 Jun 2025 08:55:00 +0000 ROA not after: Fri 05 Jun 2026 09:00:00 +0000 asID: 151009 IP address blocks: 103.214.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:57:87:53:69:f1:0e:19:1a:87:ba:06:d6:57:6c:ca:7b:9b:f2:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 6 08:55:00 2025 GMT Not After : Jun 5 09:00:00 2026 GMT Subject: CN=A31FA91DB5341C9B8CD22ADCB80A66102E3D30DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:f8:e5:e3:38:f8:bc:2f:4e:2c:c2:e3:1e:5f: e5:d6:76:a5:b1:e1:ec:3a:81:f1:f5:32:0c:eb:77: 66:c7:be:30:3d:9c:03:4b:87:91:13:98:5c:2c:64: 66:51:83:22:19:14:8a:e8:ee:63:aa:bd:29:e6:cb: de:68:cb:37:aa:ac:a0:98:a7:59:31:24:d0:39:60: 41:82:1a:21:54:ff:9c:d2:d2:89:67:bd:88:c4:f2: e6:fd:97:a0:d7:7b:38:ba:2f:d5:ce:5d:01:85:cc: 8c:9e:a3:71:d6:cd:ac:3b:4f:82:82:a1:ab:87:7a: 4b:9b:a5:bf:08:19:09:51:22:d0:56:15:88:41:86: f4:28:e1:81:9a:ad:b5:a1:b4:57:b1:2f:7b:39:3c: 0f:99:51:be:05:dd:ee:39:b6:6b:79:08:26:51:3f: eb:94:42:a7:cd:3c:17:56:c9:f0:cb:80:28:ff:e5: 74:fb:2d:1d:a5:d5:9c:8d:14:bd:93:9b:a2:37:13: b2:36:6a:67:5c:ed:14:b4:ce:21:1e:8e:ef:48:e5: ef:68:33:4e:1d:8f:37:3b:fd:66:20:d3:cb:f9:af: d4:e2:f5:16:e5:f0:6f:67:ff:68:47:66:9d:08:a2: dd:a3:21:fc:9b:47:01:a5:0a:d9:d1:31:c8:17:6a: da:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:1F:A9:1D:B5:34:1C:9B:8C:D2:2A:DC:B8:0A:66:10:2E:3D:30:DB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.214.251.0/24 Signature Algorithm: sha256WithRSAEncryption 46:7c:ae:7f:a1:7f:71:1e:06:6a:40:ff:a7:ba:aa:36:49:77: 62:ba:ce:43:96:a3:af:b2:80:36:c9:8c:eb:e4:7b:87:9d:4c: 6c:7e:45:ff:31:c0:b8:13:e6:19:c9:1c:f8:df:78:6d:b2:f9: a8:75:00:88:2b:00:2d:63:59:f1:34:4d:01:61:a2:24:34:ae: 8b:be:a8:ab:b6:7f:28:28:41:59:f7:b1:88:ac:d0:15:f0:c2: 41:bf:92:5d:cd:cc:ff:96:5e:40:82:12:bd:d7:e2:c3:cc:59: 0c:34:87:08:0f:be:ad:53:1a:ef:14:b2:8a:fe:a4:a9:2d:5c: 03:44:64:ae:6e:77:ca:58:39:4f:d0:99:17:9c:c9:e2:76:62: 60:48:a8:27:06:ab:0e:90:99:86:c1:e5:cf:21:cd:aa:66:1b: ba:2c:79:7b:13:46:b2:a5:b8:e2:ca:11:10:2a:c0:a6:10:cd: 87:38:c7:13:73:57:5b:fb:c2:61:46:78:61:45:c5:85:d2:71: a7:a1:24:73:79:da:11:49:b0:27:39:62:5a:38:ba:37:cf:a0: 51:92:b8:c2:d6:d5:e2:4e:12:8f:ab:87:7a:7d:23:88:8f:80: 93:47:49:46:5c:7b:a2:f3:bc:8b:eb:c0:73:eb:28:c6:f1:f3: 15:ec:92:c2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFVeHU2nxDhkah7oG1ldsynub8nQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwNjA4NTUwMFoX DTI2MDYwNTA5MDAwMFowMzExMC8GA1UEAxMoQTMxRkE5MURCNTM0MUM5QjhDRDIy QURDQjgwQTY2MTAyRTNEMzBEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPX45eM4+LwvTizC4x5f5dZ2pbHh7DqB8fUyDOt3Zse+MD2cA0uHkROYXCxk ZlGDIhkUiujuY6q9KebL3mjLN6qsoJinWTEk0DlgQYIaIVT/nNLSiWe9iMTy5v2X oNd7OLov1c5dAYXMjJ6jcdbNrDtPgoKhq4d6S5ulvwgZCVEi0FYViEGG9CjhgZqt taG0V7Evezk8D5lRvgXd7jm2a3kIJlE/65RCp808F1bJ8MuAKP/ldPstHaXVnI0U vZObojcTsjZqZ1ztFLTOIR6O70jl72gzTh2PNzv9ZiDTy/mv1OL1FuXwb2f/aEdm nQii3aMh/JtHAaUK2dExyBdq2lcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSjH6kd tTQcm4zSKty4CmYQLj0w2zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTAwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGfW+zANBgkqhkiG9w0BAQsFAAOCAQEARnyuf6F/cR4GakD/p7qq Nkl3YrrOQ5ajr7KANsmM6+R7h51MbH5F/zHAuBPmGckc+N94bbL5qHUAiCsALWNZ 8TRNAWGiJDSui76oq7Z/KChBWfexiKzQFfDCQb+SXc3M/5ZeQIISvdfiw8xZDDSH CA++rVMa7xSyiv6kqS1cA0Rkrm53ylg5T9CZF5zJ4nZiYEioJwarDpCZhsHlzyHN qmYbuix5exNGsqW44soRECrAphDNhzjHE3NXW/vCYUZ4YUXFhdJxp6Ekc3naEUmw JzliWji6N8+gUZK4wtbV4k4Sj6uHen0jiI+Ak0dJRlx7ovO8i+vAc+soxvHzFeyS wg== -----END CERTIFICATE-----Generated at Sun Jun 29 12:17:07 2025 by rpki-client