$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa File: AS153553.roa (raw, json) Hash identifier: fz3UtSDide33pm8arzrNZG7/3zyyD40Ig1Tejf/gOOE= Subject key identifier: 02:F9:8C:61:BC:8A:A9:CD:35:09:92:69:30:39:6E:FD:46:AC:E8:9A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 08A26E1051AD580F7B71DD46F1ABAE37858760C9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa Signing time: Tue 18 Feb 2025 01:54:28 +0000 ROA not before: Tue 18 Feb 2025 01:49:28 +0000 ROA not after: Tue 17 Feb 2026 01:54:28 +0000 asID: 153553 IP address blocks: 2001:df4:e440::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:a2:6e:10:51:ad:58:0f:7b:71:dd:46:f1:ab:ae:37:85:87:60:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 18 01:49:28 2025 GMT Not After : Feb 17 01:54:28 2026 GMT Subject: CN=02F98C61BC8AA9CD3509926930396EFD46ACE89A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:5d:a5:c7:59:b0:9a:60:d5:a2:e3:4a:28:e2: ba:75:ce:b9:51:56:56:8c:88:ce:16:19:f4:0d:34: 33:e5:66:8d:2c:25:4c:00:0c:88:78:c7:4e:6b:4e: 7a:ac:ac:60:39:7c:6c:18:d1:cf:83:5f:a7:9c:e4: 19:98:21:60:ec:49:50:21:fc:58:69:b7:d9:75:b7: ba:32:50:67:ac:57:c8:3d:61:17:0e:c0:1b:2f:2e: 01:df:19:c4:ba:66:23:37:5d:c0:00:63:e8:8d:57: f8:ee:a4:1c:3b:c1:0e:ef:3d:6b:c3:d1:53:6e:29: ac:37:0d:c4:ff:39:98:80:67:77:4b:f7:76:d8:ed: 26:08:65:64:c6:7c:46:58:29:27:90:04:e7:e5:de: bd:cc:dd:8c:bd:ff:34:c7:fb:b1:13:10:3a:f5:c9: 71:cc:8f:d6:6d:c7:a5:d8:12:3c:4f:dd:ef:68:1d: 17:2d:17:a9:d6:5b:64:74:44:d6:d9:af:61:94:8a: fb:21:0f:f0:42:76:b4:2e:a0:a9:7c:a6:a0:02:ef: b5:30:ba:f4:d8:c4:1f:49:2f:a0:14:59:98:1c:f3: b1:a5:71:d2:4e:1f:4f:be:6d:ce:43:cf:ce:37:b4: ac:df:aa:72:b3:1a:87:1b:c1:4f:1b:7f:39:d9:db: bf:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:F9:8C:61:BC:8A:A9:CD:35:09:92:69:30:39:6E:FD:46:AC:E8:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153553.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:e440::/48 Signature Algorithm: sha256WithRSAEncryption 56:c2:b9:8e:55:bd:0a:3c:1d:27:fb:a5:c6:54:5c:de:ac:6a: d9:b8:50:4b:f4:49:74:66:e0:39:19:2b:f0:b8:d2:91:c4:e3: f4:f5:50:0e:67:02:48:47:89:f8:51:30:39:05:9e:2b:41:7b: 81:4d:be:85:c0:60:24:13:73:3e:1d:55:8c:1a:81:2f:4c:0f: 24:a8:99:df:c6:fc:7e:83:a2:6f:54:3d:f1:62:b6:fe:39:30: 95:06:d3:93:bb:9c:3e:e2:e2:d3:af:24:4d:f4:bc:36:2a:e9: 01:c6:d2:02:c3:10:34:52:d1:77:98:cf:bb:69:b3:54:2b:a3: ed:a5:17:1a:a6:89:d8:7d:d7:6e:04:2b:52:9b:a8:f8:e2:15: db:b7:43:65:f3:34:35:81:42:60:6c:03:7e:6e:75:74:ed:00: 94:15:6d:f7:76:62:d5:f0:71:4f:fc:51:9c:62:0d:ef:63:9c: 00:8a:be:9f:82:43:44:2e:73:a8:f4:34:f9:a5:43:b8:e5:59: 02:41:22:fe:ca:05:cc:8c:6d:ab:a6:e7:0c:8f:48:ae:e0:d5: 98:c1:87:7b:75:6c:a3:d9:cc:f6:bf:d9:4a:58:a9:31:5c:00: 84:29:ba:b8:18:fd:ec:77:1a:a7:96:e9:17:0d:35:81:62:bb: 98:6f:d5:3b -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUCKJuEFGtWA97cd1G8auuN4WHYMkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIxODAxNDkyOFoX DTI2MDIxNzAxNTQyOFowMzExMC8GA1UEAxMoMDJGOThDNjFCQzhBQTlDRDM1MDk5 MjY5MzAzOTZFRkQ0NkFDRTg5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANRdpcdZsJpg1aLjSijiunXOuVFWVoyIzhYZ9A00M+VmjSwlTAAMiHjHTmtO eqysYDl8bBjRz4Nfp5zkGZghYOxJUCH8WGm32XW3ujJQZ6xXyD1hFw7AGy8uAd8Z xLpmIzddwABj6I1X+O6kHDvBDu89a8PRU24prDcNxP85mIBnd0v3dtjtJghlZMZ8 RlgpJ5AE5+XevczdjL3/NMf7sRMQOvXJccyP1m3HpdgSPE/d72gdFy0XqdZbZHRE 1tmvYZSK+yEP8EJ2tC6gqXymoALvtTC69NjEH0kvoBRZmBzzsaVx0k4fT75tzkPP zje0rN+qcrMahxvBTxt/OdnbvwcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQC+Yxh vIqpzTUJkmkwOW79RqzomjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzU1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfTkQDANBgkqhkiG9w0BAQsFAAOCAQEAVsK5jlW9CjwdJ/ul xlRc3qxq2bhQS/RJdGbgORkr8LjSkcTj9PVQDmcCSEeJ+FEwOQWeK0F7gU2+hcBg JBNzPh1VjBqBL0wPJKiZ38b8foOib1Q98WK2/jkwlQbTk7ucPuLi068kTfS8Nirp AcbSAsMQNFLRd5jPu2mzVCuj7aUXGqaJ2H3XbgQrUpuo+OIV27dDZfM0NYFCYGwD fm51dO0AlBVt93Zi1fBxT/xRnGIN72OcAIq+n4JDRC5zqPQ0+aVDuOVZAkEi/soF zIxtq6bnDI9IruDVmMGHe3Vso9nM9r/ZSlipMVwAhCm6uBj97Hcap5bpFw01gWK7 mG/VOw== -----END CERTIFICATE-----Generated at Tue May 6 01:56:33 2025 by rpki-client