$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153693.roa File: AS153693.roa (raw, json) Hash identifier: IkOP1f/3SzEKxsdmO49hZjMRMXKkOwkojQ2T+ietAEY= Subject key identifier: 68:D5:C7:0C:92:DB:CE:FE:CD:5F:7C:30:FA:66:D7:92:13:CE:B0:76 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 60A3AD7343B6811CE58EE6D213D05C95B250DFEE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153693.roa Signing time: Wed 12 Mar 2025 07:01:12 +0000 ROA not before: Wed 12 Mar 2025 06:56:12 +0000 ROA not after: Wed 11 Mar 2026 07:01:12 +0000 asID: 153693 IP address blocks: 163.223.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:a3:ad:73:43:b6:81:1c:e5:8e:e6:d2:13:d0:5c:95:b2:50:df:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 12 06:56:12 2025 GMT Not After : Mar 11 07:01:12 2026 GMT Subject: CN=68D5C70C92DBCEFECD5F7C30FA66D79213CEB076 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d9:1e:1a:3f:15:cd:b1:36:de:0d:83:ce:a0: 3d:94:b8:cd:e5:48:47:1c:c4:5e:c5:b6:27:66:db: a6:b6:2f:5e:16:d2:cb:44:ff:9f:d1:bc:4b:e0:80: 18:1b:4a:b9:12:ea:27:47:66:43:bd:d1:f8:10:33: f2:8a:71:1f:0e:81:e6:3a:c0:7e:25:00:df:f1:1d: ce:51:3d:9a:19:05:39:aa:da:fa:b9:00:30:21:63: 8e:8f:20:5d:28:fb:e2:8b:b5:bd:f2:ba:76:a6:93: 9f:7b:13:80:4b:56:3e:0d:92:85:d8:f4:f9:69:f7: d6:3c:9e:45:7e:af:6a:ba:e6:a9:48:c8:3e:72:5d: 1d:dd:6c:86:c4:6b:38:e5:18:9b:54:46:00:9b:ae: 24:05:c4:e0:91:c7:df:ea:2b:17:bb:59:cd:9d:56: bf:eb:c0:eb:4b:cd:71:f7:76:58:26:6c:cd:f0:50: 27:6f:01:53:2b:ca:5d:04:3e:9c:ee:2b:ac:b0:75: cb:9c:94:f4:1b:21:fc:ac:78:8d:72:7a:a2:59:45: a1:4c:ed:49:1e:47:bd:2d:d0:d4:ae:d5:d0:f5:0d: 45:95:f3:24:5b:9d:ab:bb:f9:9f:12:7e:15:f2:c2: 2e:90:21:8a:3d:6b:3a:d9:e4:4d:78:4f:65:3b:18: 80:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D5:C7:0C:92:DB:CE:FE:CD:5F:7C:30:FA:66:D7:92:13:CE:B0:76 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153693.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.25.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:c8:ff:03:56:35:cd:3a:27:cf:71:10:43:ac:97:5c:ac:2e: 21:23:a3:89:db:9c:62:e7:ca:a6:b8:df:aa:f3:25:3f:4a:a9: e7:72:ee:cd:98:09:4e:f8:ee:f6:03:48:a3:ae:26:42:2e:59: 79:42:8b:59:0f:f4:06:d1:e4:14:c1:a6:f8:2b:fd:08:f4:da: 8b:2b:32:e9:74:42:08:48:47:ce:86:3f:b7:fa:a6:21:2e:1d: a7:90:62:72:4d:ad:c3:85:94:c2:42:9e:03:e8:6d:9f:a6:ae: d0:f7:92:7e:18:84:26:79:29:ff:0a:c2:43:4d:96:37:d3:9a: dc:a5:cb:a1:73:c4:29:34:3f:8a:10:99:22:3c:1a:00:8f:69: 1c:55:0f:d8:b5:b5:d6:12:b6:29:86:ef:75:ed:a5:9b:89:78: fd:b9:4c:47:e2:48:92:75:6c:80:af:2a:46:3c:7f:7a:74:7d: 75:50:69:c3:fd:87:1e:f5:e2:17:5b:e7:07:ff:87:29:b1:31: bc:1c:fe:7b:26:ef:a2:11:48:7e:db:f4:90:05:6b:9d:35:c3: b1:e2:49:76:49:4d:dd:8b:cd:05:08:aa:e5:b5:66:9b:05:ab: d0:27:3b:b8:71:c5:3c:ca:fc:6c:d0:52:52:6a:11:81:18:14: 69:80:65:6f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUYKOtc0O2gRzljubSE9BclbJQ3+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMxMjA2NTYxMloX DTI2MDMxMTA3MDExMlowMzExMC8GA1UEAxMoNjhENUM3MEM5MkRCQ0VGRUNENUY3 QzMwRkE2NkQ3OTIxM0NFQjA3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL7ZHho/Fc2xNt4Ng86gPZS4zeVIRxzEXsW2J2bbprYvXhbSy0T/n9G8S+CA GBtKuRLqJ0dmQ73R+BAz8opxHw6B5jrAfiUA3/EdzlE9mhkFOara+rkAMCFjjo8g XSj74ou1vfK6dqaTn3sTgEtWPg2Shdj0+Wn31jyeRX6varrmqUjIPnJdHd1shsRr OOUYm1RGAJuuJAXE4JHH3+orF7tZzZ1Wv+vA60vNcfd2WCZszfBQJ28BUyvKXQQ+ nO4rrLB1y5yU9Bsh/Kx4jXJ6ollFoUztSR5HvS3Q1K7V0PUNRZXzJFudq7v5nxJ+ FfLCLpAhij1rOtnkTXhPZTsYgJECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRo1ccM ktvO/s1ffDD6ZteSE86wdjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzY5My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKPfGTANBgkqhkiG9w0BAQsFAAOCAQEACsj/A1Y1zTonz3EQQ6yX XKwuISOjiducYufKprjfqvMlP0qp53LuzZgJTvju9gNIo64mQi5ZeUKLWQ/0BtHk FMGm+Cv9CPTaiysy6XRCCEhHzoY/t/qmIS4dp5Bick2tw4WUwkKeA+htn6au0PeS fhiEJnkp/wrCQ02WN9Oa3KXLoXPEKTQ/ihCZIjwaAI9pHFUP2LW11hK2KYbvde2l m4l4/blMR+JIknVsgK8qRjx/enR9dVBpw/2HHvXiF1vnB/+HKbExvBz+eybvohFI ftv0kAVrnTXDseJJdklN3YvNBQiq5bVmmwWr0Cc7uHHFPMr8bNBSUmoRgRgUaYBl bw== -----END CERTIFICATE-----Generated at Tue May 6 02:17:10 2025 by rpki-client