$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24534.roa File: AS24534.roa (raw, json) Hash identifier: 7HdyZT/NO2zO709x3bBEhxgHhnv3XuSavApVKFrAxwY= Subject key identifier: 8D:E7:D5:88:1B:80:AF:6C:4C:F1:BC:D4:78:BD:2A:6E:B2:F3:D0:3D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6105EEED743136173CC9CD305CE413743DB87593 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24534.roa Signing time: Thu 19 Jun 2025 11:26:19 +0000 ROA not before: Thu 19 Jun 2025 11:21:19 +0000 ROA not after: Thu 18 Jun 2026 11:26:19 +0000 asID: 24534 IP address blocks: 103.52.68.0/23 maxlen: 24 103.136.78.0/23 maxlen: 24 103.149.14.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:05:ee:ed:74:31:36:17:3c:c9:cd:30:5c:e4:13:74:3d:b8:75:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 19 11:21:19 2025 GMT Not After : Jun 18 11:26:19 2026 GMT Subject: CN=8DE7D5881B80AF6C4CF1BCD478BD2A6EB2F3D03D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:98:76:d2:19:d0:b5:01:dc:89:06:ac:a5:b2: 16:9c:54:5c:2c:d2:02:22:39:1c:36:ac:70:88:8c: 9f:26:b4:b6:a9:6b:08:87:87:d2:ac:6a:30:0f:4f: b3:7c:9c:70:12:33:ba:a1:fd:1f:06:c6:ea:e7:ad: 17:e6:ac:e9:a1:76:39:e0:a8:f3:64:a4:fa:8d:68: 46:17:68:3e:76:58:cf:aa:2d:54:c8:09:49:1d:04: 7d:84:4b:f8:14:18:93:5c:ab:9a:c8:15:02:12:97: 9a:b4:67:62:bf:95:b8:07:87:5a:1c:81:20:66:d5: b2:46:f0:30:a9:ee:8b:73:8d:2d:a3:a5:3b:17:ba: 10:c8:ad:05:57:21:34:bb:f8:51:bb:33:29:7b:d4: ee:aa:3a:1e:a6:57:ca:f8:1f:8f:81:28:10:f3:b5: 8e:60:83:1d:11:cc:98:b7:36:1b:c0:90:f4:11:cc: c4:ab:f1:0f:fc:3a:1d:be:b8:ac:7c:e8:a5:4e:55: 3a:fe:7a:2d:f8:37:e9:7f:b6:a4:8d:8e:db:81:68: c1:26:8b:6a:21:10:90:c5:b7:bd:c4:89:88:d7:62: 99:42:2e:be:4c:d7:85:71:29:91:af:2a:c7:ad:a6: 84:ae:e2:46:5d:14:ad:89:e2:eb:42:18:2b:bc:7d: ee:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:E7:D5:88:1B:80:AF:6C:4C:F1:BC:D4:78:BD:2A:6E:B2:F3:D0:3D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS24534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.52.68.0/23 103.136.78.0/23 103.149.14.0/23 Signature Algorithm: sha256WithRSAEncryption 22:f5:73:0f:00:a6:1b:57:60:9c:0d:bb:82:f4:4e:86:80:c1: 23:e4:f9:f4:c6:cb:16:a9:4a:be:95:8f:09:eb:cb:a3:cd:0a: ec:6b:08:b3:1f:b7:6b:13:34:2e:5c:b3:de:a9:3d:89:7a:8f: 2f:41:fe:a0:2f:14:57:a8:ec:43:d1:14:b3:4b:69:5c:b7:1a: 27:82:4a:49:85:7c:cc:ad:21:57:10:60:c3:3f:76:96:a2:b4: d2:c6:cf:71:cf:d5:3d:35:58:09:c7:fa:0b:12:3d:8c:bc:8b: 7d:a1:76:f6:fe:f5:b6:7f:ad:7e:78:14:e8:fe:1c:f6:1a:aa: 6b:5b:2b:74:61:73:fb:de:7f:67:59:a1:d1:58:f7:5c:5b:79: 86:53:c7:6c:33:4f:58:aa:d1:98:9d:34:67:2a:27:38:ba:ff: 03:12:6d:1b:f3:df:dd:24:26:1f:b5:f0:76:1a:00:77:85:7f: e1:71:e7:65:9a:7f:36:c0:7e:f4:41:a6:82:92:2d:ff:f2:8d: ab:9c:1f:45:a5:4b:2e:ff:2a:03:71:c2:e1:d5:c4:37:6a:43: d7:36:81:97:27:03:30:14:a6:b6:c6:91:0d:17:21:62:88:77: 64:e0:af:62:66:45:59:1d:80:91:72:bf:79:30:41:98:5d:f9: e1:55:e9:18 -----BEGIN CERTIFICATE----- MIIE6DCCA9CgAwIBAgIUYQXu7XQxNhc8yc0wXOQTdD24dZMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYxOTExMjExOVoX DTI2MDYxODExMjYxOVowMzExMC8GA1UEAxMoOERFN0Q1ODgxQjgwQUY2QzRDRjFC Q0Q0NzhCRDJBNkVCMkYzRDAzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKYdtIZ0LUB3IkGrKWyFpxUXCzSAiI5HDascIiMnya0tqlrCIeH0qxqMA9P s3yccBIzuqH9HwbG6uetF+as6aF2OeCo82Sk+o1oRhdoPnZYz6otVMgJSR0EfYRL +BQYk1yrmsgVAhKXmrRnYr+VuAeHWhyBIGbVskbwMKnui3ONLaOlOxe6EMitBVch NLv4UbszKXvU7qo6HqZXyvgfj4EoEPO1jmCDHRHMmLc2G8CQ9BHMxKvxD/w6Hb64 rHzopU5VOv56Lfg36X+2pI2O24FowSaLaiEQkMW3vcSJiNdimUIuvkzXhXEpka8q x62mhK7iRl0UrYni60IYK7x97nECAwEAAaOCAdswggHXMB0GA1UdDgQWBBSN59WI G4CvbEzxvNR4vSpusvPQPTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzI0NTM0LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAY BAIAATASAwQBZzREAwQBZ4hOAwQBZ5UOMA0GCSqGSIb3DQEBCwUAA4IBAQAi9XMP AKYbV2CcDbuC9E6GgMEj5Pn0xssWqUq+lY8J68ujzQrsawizH7drEzQuXLPeqT2J eo8vQf6gLxRXqOxD0RSzS2lctxongkpJhXzMrSFXEGDDP3aWorTSxs9xz9U9NVgJ x/oLEj2MvIt9oXb2/vW2f61+eBTo/hz2GqprWyt0YXP73n9nWaHRWPdcW3mGU8ds M09YqtGYnTRnKic4uv8DEm0b89/dJCYftfB2GgB3hX/hcedlmn82wH70QaaCki3/ 8o2rnB9FpUsu/yoDccLh1cQ3akPXNoGXJwMwFKa2xpENFyFiiHdk4K9iZkVZHYCR cr95MEGYXfnhVekY -----END CERTIFICATE-----Generated at Sun Jun 29 12:15:09 2025 by rpki-client