$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa File: AS152367.roa (raw, json) Hash identifier: 6fCcdw2KyqejZSj5mdHbOOs9EEHO3l2doMlt+K2ZiTY= Subject key identifier: E3:D8:60:3D:9E:1D:CF:14:82:FE:86:6A:87:09:7E:36:76:07:5A:7B Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 296D5A2B8A60C94DF13F205A69BE9138DE81B1EA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa Signing time: Thu 06 Feb 2025 10:44:53 +0000 ROA not before: Thu 06 Feb 2025 10:39:53 +0000 ROA not after: Thu 05 Feb 2026 10:44:53 +0000 asID: 152367 IP address blocks: 157.15.78.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:6d:5a:2b:8a:60:c9:4d:f1:3f:20:5a:69:be:91:38:de:81:b1:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:53 2025 GMT Not After : Feb 5 10:44:53 2026 GMT Subject: CN=E3D8603D9E1DCF1482FE866A87097E3676075A7B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:26:e7:8f:31:80:48:21:4a:05:c2:6e:a3:c2: 55:88:59:5f:9f:ca:4b:2c:58:45:83:9e:c8:a9:8b: 39:c7:ac:30:36:9f:d2:5b:57:a5:bb:c6:fa:27:c3: 5a:22:6d:24:c5:91:ea:47:00:44:6b:ce:1e:5b:9a: 70:3c:3f:35:d0:d2:5f:40:59:9f:7e:e1:90:c6:7d: b8:38:f4:96:fd:f8:f5:97:24:30:86:e3:77:c2:7f: 94:92:7a:04:6c:6b:23:90:e2:cd:cb:2b:2b:39:55: e6:f4:98:7d:16:7f:a4:d9:41:4f:c5:8e:d5:9d:d5: 43:e2:ba:85:a5:f3:44:84:ef:32:e9:5f:31:8d:84: d1:69:3f:d8:2e:d7:38:f9:a3:02:60:9e:91:91:ae: 78:18:91:a5:90:b9:5d:75:a5:1a:dc:97:09:df:a0: c2:65:33:68:4d:7e:51:ed:c2:ee:ae:9f:17:24:b6: f7:47:f5:c7:51:2c:48:53:01:ce:43:d7:4a:a3:96: 3c:4c:1f:a1:cf:57:f9:02:c5:4a:9a:60:80:c6:4f: 45:2c:7f:93:8e:d0:3f:48:5c:47:0a:a4:b0:8e:1a: d3:52:f6:14:32:9d:b7:0c:7a:28:43:9e:a4:20:cb: 97:97:e8:29:8d:0f:a2:9f:21:83:3e:62:e4:6a:42: a1:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D8:60:3D:9E:1D:CF:14:82:FE:86:6A:87:09:7E:36:76:07:5A:7B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152367.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.78.0/23 Signature Algorithm: sha256WithRSAEncryption 2a:2c:d9:34:1b:9c:92:68:1a:72:e7:2b:bb:8e:66:2a:ec:55: b8:4f:85:08:ed:57:2d:09:8c:52:57:09:c4:0b:4a:31:69:3a: 17:34:ec:8b:de:57:68:22:f5:70:9c:24:37:9a:cc:2e:bd:31: 6d:81:ca:f0:0c:d2:36:e6:c4:44:68:3a:d2:9b:b4:cd:f0:da: c5:bc:c0:be:b2:8b:37:52:ee:70:c4:49:37:32:e6:ef:3d:0d: d6:ce:b6:d8:d8:f3:db:d8:49:f4:d9:8b:00:f0:25:e8:be:a6: 86:68:63:9c:7f:f3:aa:08:09:42:0a:b5:87:32:1c:77:f8:b7: 49:51:1d:b6:54:83:5d:12:40:7f:10:f3:e2:9d:3e:df:2d:2a: 63:15:6b:9b:fc:ca:a6:5f:88:24:d3:05:46:d3:7b:ce:74:19: 1e:b4:e6:87:27:7b:2c:f8:8e:67:c3:69:b2:a1:7d:be:9d:8a: c8:2f:36:95:71:bd:10:9d:cb:c4:e6:ba:2f:95:2c:b4:21:1d: 4f:f4:13:50:7e:b2:17:df:35:5a:98:2b:e5:de:14:6a:99:2c: 29:35:68:99:b6:90:86:6a:d4:7e:56:4b:6d:8f:ef:b5:0d:33: 81:af:8a:41:d2:b5:7c:d3:ed:55:53:d5:0b:33:8e:87:de:dc: 84:4c:fc:65 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUKW1aK4pgyU3xPyBaab6RON6BseowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1M1oX DTI2MDIwNTEwNDQ1M1owMzExMC8GA1UEAxMoRTNEODYwM0Q5RTFEQ0YxNDgyRkU4 NjZBODcwOTdFMzY3NjA3NUE3QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsm548xgEghSgXCbqPCVYhZX5/KSyxYRYOeyKmLOcesMDaf0ltXpbvG+ifD WiJtJMWR6kcARGvOHluacDw/NdDSX0BZn37hkMZ9uDj0lv349ZckMIbjd8J/lJJ6 BGxrI5DizcsrKzlV5vSYfRZ/pNlBT8WO1Z3VQ+K6haXzRITvMulfMY2E0Wk/2C7X OPmjAmCekZGueBiRpZC5XXWlGtyXCd+gwmUzaE1+Ue3C7q6fFyS290f1x1EsSFMB zkPXSqOWPEwfoc9X+QLFSppggMZPRSx/k47QP0hcRwqksI4a01L2FDKdtwx6KEOe pCDLl5foKY0Pop8hgz5i5GpCoZsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTj2GA9 nh3PFIL+hmqHCX42dgdaezAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0PTjANBgkqhkiG9w0BAQsFAAOCAQEAKizZNBuckmgacucru45m KuxVuE+FCO1XLQmMUlcJxAtKMWk6FzTsi95XaCL1cJwkN5rMLr0xbYHK8AzSNubE RGg60pu0zfDaxbzAvrKLN1LucMRJNzLm7z0N1s622Njz29hJ9NmLAPAl6L6mhmhj nH/zqggJQgq1hzIcd/i3SVEdtlSDXRJAfxDz4p0+3y0qYxVrm/zKpl+IJNMFRtN7 znQZHrTmhyd7LPiOZ8NpsqF9vp2KyC82lXG9EJ3LxOa6L5UstCEdT/QTUH6yF981 Wpgr5d4UapksKTVombaQhmrUflZLbY/vtQ0zga+KQdK1fNPtVVPVCzOOh97chEz8 ZQ== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net