$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153820.roa File: AS153820.roa (raw, json) Hash identifier: 8lqdVhKKcZX83sbHfZcnDfGjyXFFYLKBbNBIzDaKtK8= Subject key identifier: F3:07:F8:CA:0C:1B:2A:38:04:D1:53:7C:0F:B4:A7:90:CA:FF:D7:65 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 779778C2468173D88C10E09E869C9CDDE14D2103 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153820.roa Signing time: Fri 02 May 2025 01:23:41 +0000 ROA not before: Fri 02 May 2025 01:18:41 +0000 ROA not after: Fri 01 May 2026 01:23:41 +0000 asID: 153820 IP address blocks: 163.227.146.0/23 maxlen: 24 2001:df5:6ec0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 08 May 2025 14:41:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:97:78:c2:46:81:73:d8:8c:10:e0:9e:86:9c:9c:dd:e1:4d:21:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 2 01:18:41 2025 GMT Not After : May 1 01:23:41 2026 GMT Subject: CN=F307F8CA0C1B2A3804D1537C0FB4A790CAFFD765 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:73:76:72:69:1b:c8:39:53:d8:74:0d:39:36: 87:59:60:64:c3:6d:0b:09:7e:0e:50:f5:dd:01:67: fd:c5:77:90:68:55:23:4c:75:c6:65:75:1b:dc:c2: 79:a2:1b:5a:da:bb:2c:b1:c4:30:dc:a6:35:44:a9: c3:4a:80:28:3c:bf:7c:1b:8e:82:78:66:9e:e2:89: 02:d4:c3:6a:59:48:13:c2:82:02:5c:41:e5:6a:43: c0:73:67:34:82:73:f3:8e:71:c4:2e:db:5f:89:0b: 09:e6:47:b7:d8:f4:16:e7:07:70:a8:86:9e:80:04: cc:e5:80:24:35:2f:97:f5:04:66:0f:27:d1:1b:e6: c3:36:7d:42:1a:dd:f1:ab:71:6a:6b:66:f5:86:6a: 39:97:79:11:66:10:28:a2:95:28:41:62:b4:c4:e2: 4f:49:7d:e3:50:5a:6b:0f:cc:23:ad:7b:d3:b2:f1: ac:c3:79:9e:22:9f:57:d3:ec:30:d7:c1:52:d9:6f: c6:51:5b:25:3d:96:44:fc:8e:47:3f:12:de:8c:9b: 56:99:f0:b3:d2:03:e8:eb:8a:93:14:b3:1f:8f:ce: 27:0b:b2:1c:b1:3f:69:00:2e:e3:d6:79:6c:3b:06: 96:c8:95:59:ad:47:4f:b7:16:1d:9c:5b:b7:3e:34: 2d:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:07:F8:CA:0C:1B:2A:38:04:D1:53:7C:0F:B4:A7:90:CA:FF:D7:65 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153820.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.227.146.0/23 IPv6: 2001:df5:6ec0::/48 Signature Algorithm: sha256WithRSAEncryption 1b:ff:96:34:4a:94:06:60:be:00:fe:4e:a9:e2:c9:28:d4:0d: 1a:90:83:1d:3c:2d:2e:91:c2:9e:6f:85:79:b7:84:1b:3f:30: 71:43:31:8a:04:53:9b:0c:85:45:02:f7:54:6d:41:eb:26:2a: e5:a6:75:6a:20:55:4b:01:b9:a4:cc:6e:60:af:98:70:b4:4a: 02:e1:85:0d:43:f5:2e:43:55:1d:a8:29:96:62:91:e1:04:b5: c7:3d:9b:be:36:52:1c:e8:c1:3e:bd:b0:d6:b3:8b:68:76:03: 82:33:1e:89:80:90:30:2c:16:44:dc:50:7d:b7:d2:5d:5f:49: e5:91:d8:27:03:45:a0:78:62:bf:96:8f:77:e0:06:ed:ed:a3: f7:b0:a8:f3:1e:cc:a1:bc:9b:38:e0:d1:57:ff:50:b9:0a:45: 74:7f:f6:2a:c3:45:5c:c8:44:76:a6:c4:3e:88:08:06:32:9b: d5:3d:ed:6b:85:ff:b6:02:bb:6a:45:e2:cd:20:4a:d9:90:6e: 7e:42:6d:c6:67:c2:15:32:c4:b1:16:d2:8d:0e:15:12:21:d3: 59:dc:4d:db:88:c5:60:ee:27:9c:ab:de:53:18:e4:a1:4a:24: 77:7a:be:bc:97:b2:b7:a9:37:dd:8f:ab:d4:d3:c7:53:cb:f5: c4:11:58:ca -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUd5d4wkaBc9iMEOCehpyc3eFNIQMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwMjAxMTg0MVoX DTI2MDUwMTAxMjM0MVowMzExMC8GA1UEAxMoRjMwN0Y4Q0EwQzFCMkEzODA0RDE1 MzdDMEZCNEE3OTBDQUZGRDc2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOFzdnJpG8g5U9h0DTk2h1lgZMNtCwl+DlD13QFn/cV3kGhVI0x1xmV1G9zC eaIbWtq7LLHEMNymNUSpw0qAKDy/fBuOgnhmnuKJAtTDallIE8KCAlxB5WpDwHNn NIJz845xxC7bX4kLCeZHt9j0FucHcKiGnoAEzOWAJDUvl/UEZg8n0RvmwzZ9Qhrd 8atxamtm9YZqOZd5EWYQKKKVKEFitMTiT0l941Baaw/MI61707LxrMN5niKfV9Ps MNfBUtlvxlFbJT2WRPyORz8S3oybVpnws9ID6OuKkxSzH4/OJwuyHLE/aQAu49Z5 bDsGlsiVWa1HT7cWHZxbtz40LTUCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBTzB/jK DBsqOATRU3wPtKeQyv/XZTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzgyMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAaPjkjAPBAIAAjAJAwcAIAEN9W7AMA0GCSqGSIb3DQEBCwUAA4IB AQAb/5Y0SpQGYL4A/k6p4sko1A0akIMdPC0ukcKeb4V5t4QbPzBxQzGKBFObDIVF AvdUbUHrJirlpnVqIFVLAbmkzG5gr5hwtEoC4YUNQ/UuQ1UdqCmWYpHhBLXHPZu+ NlIc6ME+vbDWs4todgOCMx6JgJAwLBZE3FB9t9JdX0nlkdgnA0WgeGK/lo934Abt 7aP3sKjzHsyhvJs44NFX/1C5CkV0f/Yqw0VcyER2psQ+iAgGMpvVPe1rhf+2Artq ReLNIErZkG5+Qm3GZ8IVMsSxFtKNDhUSIdNZ3E3biMVg7iecq95TGOShSiR3er68 l7K3qTfdj6vU08dTy/XEEVjK -----END CERTIFICATE-----Generated at Mon May 5 16:17:34 2025 by rpki-client