$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa File: AS152386.roa (raw, json) Hash identifier: KgbaA131LPKSggEFqZTrsyA4r9QsiYTuUw9QZst3FtA= Subject key identifier: 25:F6:08:4C:7B:0C:BD:05:5A:F4:64:C3:58:17:C1:97:7C:31:F3:A8 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7D35C9218DF0AAF42ECDAC323B37DC3E227DEB8D Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa Signing time: Thu 06 Feb 2025 10:44:48 +0000 ROA not before: Thu 06 Feb 2025 10:39:48 +0000 ROA not after: Thu 05 Feb 2026 10:44:48 +0000 asID: 152386 IP address blocks: 157.20.30.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:35:c9:21:8d:f0:aa:f4:2e:cd:ac:32:3b:37:dc:3e:22:7d:eb:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:48 2025 GMT Not After : Feb 5 10:44:48 2026 GMT Subject: CN=25F6084C7B0CBD055AF464C35817C1977C31F3A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c4:5b:0e:b9:e6:1f:3c:29:d1:a7:bb:1b:51: 80:45:67:87:da:75:d2:5b:27:f7:c2:b4:48:9d:1f: 29:79:76:ed:90:2b:f6:45:36:74:b6:49:66:25:f3: 61:7f:eb:ca:db:5a:d7:bd:44:71:fe:bd:54:f1:e3: da:64:bd:31:d0:2d:9d:f7:3e:45:6d:71:39:56:4c: c3:84:57:34:6a:af:7f:1c:b5:df:87:b9:e5:17:e0: 33:83:31:76:be:22:f2:63:cd:6e:d6:7f:c6:b2:71: 70:1b:d2:3b:59:7e:4c:ed:75:90:ec:fd:d5:76:a3: c2:5f:4c:9c:9e:fd:28:73:7c:80:a5:1b:7e:ef:e0: e0:0e:3d:fb:fe:c6:1d:cb:49:78:fe:b1:83:2c:c6: d2:df:b2:3b:ce:f0:af:dd:b2:a1:31:63:10:c3:fd: 9a:6e:03:9c:8b:18:55:46:a7:81:13:c8:6f:3b:c1: 50:79:84:8c:05:16:5f:66:5d:c1:06:e0:42:25:23: e2:c8:1a:b4:9a:5d:b0:b9:f7:2c:6f:b7:1d:a5:c1: 71:20:f2:e2:6a:8e:44:f9:d7:43:c5:13:5a:d3:7c: cf:d9:cd:79:e7:94:fb:84:d9:40:82:e5:cf:85:b3: 87:44:80:66:32:cb:01:3a:a2:99:8e:bd:24:7c:4a: 1d:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:F6:08:4C:7B:0C:BD:05:5A:F4:64:C3:58:17:C1:97:7C:31:F3:A8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152386.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.30.0/23 Signature Algorithm: sha256WithRSAEncryption 6a:1b:27:66:f3:73:28:dc:f0:01:72:68:22:60:9c:4b:7c:64: 3c:c4:d6:9e:17:7c:51:9f:7b:aa:4f:2b:c7:5c:92:f8:55:7e: ee:f9:1c:bd:5f:c2:11:25:18:1c:b5:b6:f8:fd:91:c8:44:42: da:a4:12:3b:47:4d:02:ce:38:5d:58:3e:50:e9:db:87:aa:da: 08:52:f0:04:be:6d:82:c2:6b:6b:d7:ab:9e:cb:20:b1:4e:40: 47:f5:c6:7f:5f:45:6e:c5:f5:0a:54:55:ed:dd:2c:14:45:25: 01:61:59:67:40:f5:06:7a:7e:5b:f7:05:93:32:56:1f:71:f2: 32:9e:50:a8:74:a4:f9:2d:a5:b5:4d:3a:75:01:10:9d:77:99: 7f:6d:c2:a8:ba:8e:ee:5a:19:a3:2a:ae:9f:9c:12:75:bf:bf: a7:a2:65:69:fa:96:8d:9e:30:70:0a:af:f5:cd:21:8d:e2:82: 04:76:82:eb:12:ee:b0:ed:3c:cd:4f:25:03:0f:8e:62:f5:d0: 5a:0f:9a:29:01:98:1c:1e:47:7b:ab:db:ff:54:e3:12:75:20: ae:74:a7:a0:06:e8:92:6f:7f:ba:91:98:40:c7:c1:63:87:86: 13:a6:8e:6e:0d:28:a3:62:be:57:9d:52:5a:a6:dd:07:91:ff: d3:44:01:a9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUfTXJIY3wqvQuzawyOzfcPiJ9640wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0OFoX DTI2MDIwNTEwNDQ0OFowMzExMC8GA1UEAxMoMjVGNjA4NEM3QjBDQkQwNTVBRjQ2 NEMzNTgxN0MxOTc3QzMxRjNBODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK3EWw655h88KdGnuxtRgEVnh9p10lsn98K0SJ0fKXl27ZAr9kU2dLZJZiXz YX/rytta171Ecf69VPHj2mS9MdAtnfc+RW1xOVZMw4RXNGqvfxy134e55RfgM4Mx dr4i8mPNbtZ/xrJxcBvSO1l+TO11kOz91Xajwl9MnJ79KHN8gKUbfu/g4A49+/7G HctJeP6xgyzG0t+yO87wr92yoTFjEMP9mm4DnIsYVUangRPIbzvBUHmEjAUWX2Zd wQbgQiUj4sgatJpdsLn3LG+3HaXBcSDy4mqORPnXQ8UTWtN8z9nNeeeU+4TZQILl z4Wzh0SAZjLLATqimY69JHxKHfsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQl9ghM ewy9BVr0ZMNYF8GXfDHzqDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UHjANBgkqhkiG9w0BAQsFAAOCAQEAahsnZvNzKNzwAXJoImCc S3xkPMTWnhd8UZ97qk8rx1yS+FV+7vkcvV/CESUYHLW2+P2RyERC2qQSO0dNAs44 XVg+UOnbh6raCFLwBL5tgsJra9ernssgsU5AR/XGf19FbsX1ClRV7d0sFEUlAWFZ Z0D1Bnp+W/cFkzJWH3HyMp5QqHSk+S2ltU06dQEQnXeZf23CqLqO7loZoyqun5wS db+/p6JlafqWjZ4wcAqv9c0hjeKCBHaC6xLusO08zU8lAw+OYvXQWg+aKQGYHB5H e6vb/1TjEnUgrnSnoAbokm9/upGYQMfBY4eGE6aObg0oo2K+V51SWqbdB5H/00QB qQ== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net