$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153985.roa File: AS153985.roa (raw, json) Hash identifier: fPQYaC9tX27ZBgYMURKYfrlg+ScbT5f2E4OLUnJcpBs= Subject key identifier: 03:DC:D8:C4:71:E8:50:05:98:8B:C5:6C:D5:6C:F8:87:08:8F:E0:5F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4A219A26B227DDD7E5D5FC69B6929B46DBF9DB27 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153985.roa Signing time: Mon 11 Aug 2025 03:54:37 +0000 ROA not before: Mon 11 Aug 2025 03:49:37 +0000 ROA not after: Mon 10 Aug 2026 03:54:37 +0000 asID: 153985 IP address blocks: 2001:df5:be40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 07:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:21:9a:26:b2:27:dd:d7:e5:d5:fc:69:b6:92:9b:46:db:f9:db:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 11 03:49:37 2025 GMT Not After : Aug 10 03:54:37 2026 GMT Subject: CN=03DCD8C471E85005988BC56CD56CF887088FE05F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1b:43:46:77:c1:da:50:be:f4:fc:ca:d2:36: 9c:22:12:18:90:8b:47:02:a4:3f:b6:b1:ad:31:e4: 49:7e:73:9a:5f:b8:bd:06:07:0c:63:82:86:6e:11: 98:c2:42:5c:d6:f7:21:74:d2:6c:ae:9b:de:72:64: 9e:0b:cc:d3:26:fe:b3:c2:ba:69:4a:16:0a:18:33: 22:f4:9e:94:4c:3f:63:b2:71:c4:a9:85:c7:82:b0: 13:8d:13:bb:da:07:4c:48:16:61:77:6f:4e:33:d6: 88:f3:1d:e2:08:32:12:00:36:c9:e6:62:fc:0e:7e: 4d:4c:40:98:8a:60:d5:d2:dd:98:25:d1:65:cb:c5: 63:71:62:8f:b4:de:fb:da:53:ed:62:cf:db:4c:0b: ef:4d:26:a8:42:86:25:4e:d3:2a:86:ed:4f:3c:6e: 6f:73:b5:da:47:0a:81:95:39:d2:f9:2c:78:df:e4: f7:e2:40:8e:bd:d6:5a:83:57:7c:fa:cf:6b:85:b9: bf:da:d1:f5:be:b1:1e:de:e1:a4:03:ca:4e:4f:72: 6c:a9:a0:b4:04:5d:5f:5c:52:fc:8f:78:d4:23:88: 3c:42:7d:75:99:20:10:1b:ec:ab:d4:46:06:e4:b4: 50:3d:e3:2b:f1:44:19:62:28:78:e2:19:e7:1e:0f: 69:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:DC:D8:C4:71:E8:50:05:98:8B:C5:6C:D5:6C:F8:87:08:8F:E0:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153985.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df5:be40::/48 Signature Algorithm: sha256WithRSAEncryption 74:06:64:05:a4:2c:5a:2b:09:04:d6:99:76:5e:2e:0e:6e:d4: 8f:0b:40:58:bb:1b:fb:d5:55:60:1f:d6:fe:58:d6:09:08:ff: 55:cb:04:6c:7b:28:39:8b:e5:8d:7d:01:7c:f8:03:a4:fa:45: d1:44:ff:d7:a9:5a:23:d7:1a:d5:0e:85:ca:57:5d:a3:68:43: e8:e1:9a:61:d8:9d:fa:03:16:ca:4f:66:1d:1a:97:4d:32:9e: ae:46:d8:e0:b8:5e:44:0f:1a:32:5e:4d:28:f3:66:33:96:48: ff:bf:ec:71:fe:27:90:8f:20:49:a0:81:c3:a1:bc:66:2b:58: 4a:c3:04:aa:81:62:a6:87:42:22:8e:36:fd:63:fb:6e:49:3d: 14:fe:c3:86:21:13:a7:89:97:fd:69:96:e9:49:4d:dd:e0:bf: 61:fc:e0:e9:f9:5d:3e:b7:08:bb:4e:ab:db:7c:e9:a8:7b:20: 02:21:36:e6:38:cd:69:be:09:2d:39:2f:55:d1:f3:2b:ca:ef: ff:26:68:a2:16:f0:0f:f4:5c:74:f6:7d:86:79:a4:0e:3c:00: 21:c3:cb:98:43:d3:0f:94:ee:d8:20:e3:aa:00:1c:c6:41:01: cc:68:51:1f:97:56:ba:76:9d:1a:0c:e5:0e:1e:e6:db:60:1c: e9:ed:77:40 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUSiGaJrIn3dfl1fxptpKbRtv52ycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgxMTAzNDkzN1oX DTI2MDgxMDAzNTQzN1owMzExMC8GA1UEAxMoMDNEQ0Q4QzQ3MUU4NTAwNTk4OEJD NTZDRDU2Q0Y4ODcwODhGRTA1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0bQ0Z3wdpQvvT8ytI2nCISGJCLRwKkP7axrTHkSX5zml+4vQYHDGOChm4R mMJCXNb3IXTSbK6b3nJkngvM0yb+s8K6aUoWChgzIvSelEw/Y7JxxKmFx4KwE40T u9oHTEgWYXdvTjPWiPMd4ggyEgA2yeZi/A5+TUxAmIpg1dLdmCXRZcvFY3Fij7Te +9pT7WLP20wL700mqEKGJU7TKobtTzxub3O12kcKgZU50vkseN/k9+JAjr3WWoNX fPrPa4W5v9rR9b6xHt7hpAPKTk9ybKmgtARdX1xS/I941COIPEJ9dZkgEBvsq9RG BuS0UD3jK/FEGWIoeOIZ5x4PaaUCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQD3NjE cehQBZiLxWzVbPiHCI/gXzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1Mzk4NS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfW+QDANBgkqhkiG9w0BAQsFAAOCAQEAdAZkBaQsWisJBNaZ dl4uDm7UjwtAWLsb+9VVYB/W/ljWCQj/VcsEbHsoOYvljX0BfPgDpPpF0UT/16la I9ca1Q6Fylddo2hD6OGaYdid+gMWyk9mHRqXTTKerkbY4LheRA8aMl5NKPNmM5ZI /7/scf4nkI8gSaCBw6G8ZitYSsMEqoFipodCIo42/WP7bkk9FP7DhiETp4mX/WmW 6UlN3eC/Yfzg6fldPrcIu06r23zpqHsgAiE25jjNab4JLTkvVdHzK8rv/yZoohbw D/RcdPZ9hnmkDjwAIcPLmEPTD5Tu2CDjqgAcxkEBzGhRH5dWunadGgzlDh7m22Ac 6e13QA== -----END CERTIFICATE-----Generated at Sat Aug 23 08:54:23 2025 by rpki-client