$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153666.roa File: AS153666.roa (raw, json) Hash identifier: XSMS0Y0+JLkCS3mLDJ14b2WELcwrk2TYYCpkGz3Pm3g= Subject key identifier: 7D:D4:91:BA:5B:F7:41:92:E9:44:95:E4:8E:06:04:40:77:7B:40:68 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7DAB15DEA8593B211E6C12AED4248696B7FCE847 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153666.roa Signing time: Mon 05 May 2025 03:29:27 +0000 ROA not before: Mon 05 May 2025 03:24:27 +0000 ROA not after: Mon 04 May 2026 03:29:27 +0000 asID: 153666 IP address blocks: 163.61.224.0/23 maxlen: 24 2001:df5:23c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:ab:15:de:a8:59:3b:21:1e:6c:12:ae:d4:24:86:96:b7:fc:e8:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 5 03:24:27 2025 GMT Not After : May 4 03:29:27 2026 GMT Subject: CN=7DD491BA5BF74192E94495E48E060440777B4068 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d4:6e:90:90:3e:41:29:36:7d:96:fd:76:4b: 02:5c:78:cd:18:f7:0e:4a:c8:ba:da:46:66:bd:57: d6:6a:c3:fb:60:0f:cc:ca:99:97:67:19:a1:bf:17: 63:0d:b5:7b:c0:e1:cc:d2:bf:5d:5b:42:6b:54:cc: 48:92:19:0d:f8:a9:05:d4:4e:18:aa:9e:74:36:85: 2a:77:e3:01:04:31:48:69:94:46:fa:ef:a7:e4:e6: 27:2d:dc:36:c7:b0:d0:dd:79:9b:31:65:78:ec:aa: 0d:8a:12:44:ae:c9:d6:97:11:52:2f:53:ab:e1:5f: cf:f4:ba:1a:42:ec:d2:39:f8:f3:3d:9b:7d:04:bc: d4:f9:61:2a:f9:c8:be:a1:96:07:65:eb:8c:b2:5c: b3:41:d1:dd:10:d7:f6:de:f4:f9:58:93:5e:13:99: 78:52:d6:a4:8f:3e:42:7a:42:67:72:56:c3:7b:0f: 1f:ba:09:80:98:f7:25:31:b1:e3:cc:34:d2:31:9c: 2b:d2:d3:65:3a:4f:97:8f:be:95:be:62:24:65:ac: f7:b2:12:3f:ef:9c:b9:bf:7a:5d:83:c4:d1:ea:74: 0f:ef:64:fe:e2:9d:34:7f:20:32:90:b6:b4:bc:8f: a6:da:04:1b:e0:da:03:6d:45:0f:71:e4:62:e9:83: 96:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:D4:91:BA:5B:F7:41:92:E9:44:95:E4:8E:06:04:40:77:7B:40:68 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153666.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.61.224.0/23 IPv6: 2001:df5:23c0::/48 Signature Algorithm: sha256WithRSAEncryption 1a:72:41:62:02:a5:dd:a6:d3:be:d9:68:e5:d4:2d:35:f5:e2: ec:a9:7f:a4:ff:e4:1d:18:c7:e7:d2:7c:da:77:90:10:02:76: 8c:75:78:3d:63:90:5f:8e:5e:2b:ea:c7:2f:c7:97:70:0f:eb: 30:71:4f:48:c8:43:ae:cd:c6:ec:81:a7:b6:ac:40:c1:a0:05: 9f:22:f2:3b:c8:ed:1b:4f:39:5e:45:0e:e3:ac:3f:3d:ef:39: 09:d7:b5:ba:08:a8:00:34:46:1d:6c:04:f1:39:2e:51:e2:f3: 3a:84:f0:a5:0c:61:ad:91:99:ee:f3:eb:01:99:44:c6:f4:09: 13:5d:1c:d7:5a:a7:88:46:01:33:6f:49:ae:bc:4f:dd:ab:ff: 91:a7:a1:27:eb:45:38:bb:3f:fa:6a:a0:d9:51:fa:b5:de:d3: 05:6f:03:0b:6f:ae:4f:8c:57:8b:41:f0:8c:0a:d8:a1:91:2a: 59:40:15:e2:f5:a1:c3:3e:98:26:3a:99:14:41:1a:f5:71:e6: 2d:bb:e9:3b:f3:01:bc:aa:c9:13:52:a2:30:1b:d5:53:f6:31: a7:49:5d:8a:67:62:4e:34:04:fb:01:f2:9b:21:8a:af:87:c3: de:58:fb:2c:ec:4d:b1:db:34:8a:c3:11:0e:64:24:0e:52:86: b5:5d:a1:18 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUfasV3qhZOyEebBKu1CSGlrf86EcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwNTAzMjQyN1oX DTI2MDUwNDAzMjkyN1owMzExMC8GA1UEAxMoN0RENDkxQkE1QkY3NDE5MkU5NDQ5 NUU0OEUwNjA0NDA3NzdCNDA2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzUbpCQPkEpNn2W/XZLAlx4zRj3DkrIutpGZr1X1mrD+2APzMqZl2cZob8X Yw21e8DhzNK/XVtCa1TMSJIZDfipBdROGKqedDaFKnfjAQQxSGmURvrvp+TmJy3c Nsew0N15mzFleOyqDYoSRK7J1pcRUi9Tq+Ffz/S6GkLs0jn48z2bfQS81PlhKvnI vqGWB2XrjLJcs0HR3RDX9t70+ViTXhOZeFLWpI8+QnpCZ3JWw3sPH7oJgJj3JTGx 48w00jGcK9LTZTpPl4++lb5iJGWs97ISP++cub96XYPE0ep0D+9k/uKdNH8gMpC2 tLyPptoEG+DaA21FD3HkYumDlqMCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBR91JG6 W/dBkulEleSOBgRAd3tAaDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzY2Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAaM94DAPBAIAAjAJAwcAIAEN9SPAMA0GCSqGSIb3DQEBCwUAA4IB AQAackFiAqXdptO+2Wjl1C019eLsqX+k/+QdGMfn0nzad5AQAnaMdXg9Y5Bfjl4r 6scvx5dwD+swcU9IyEOuzcbsgae2rEDBoAWfIvI7yO0bTzleRQ7jrD897zkJ17W6 CKgANEYdbATxOS5R4vM6hPClDGGtkZnu8+sBmUTG9AkTXRzXWqeIRgEzb0muvE/d q/+Rp6En60U4uz/6aqDZUfq13tMFbwMLb65PjFeLQfCMCtihkSpZQBXi9aHDPpgm OpkUQRr1ceYtu+k78wG8qskTUqIwG9VT9jGnSV2KZ2JONAT7AfKbIYqvh8PeWPss 7E2x2zSKwxEOZCQOUoa1XaEY -----END CERTIFICATE-----Generated at Mon May 5 21:57:24 2025 by rpki-client