$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa File: AS152389.roa (raw, json) Hash identifier: TQ96RL4Jw7tS+HWvnWa4yCfUGoiyOE4fYZTbOYjpOPE= Subject key identifier: 93:82:28:CD:01:11:74:50:51:EE:70:10:D8:A9:EB:01:73:E1:E3:2D Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6E63BCF2A2733790CA17DF535864B54C1C81CFE2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa Signing time: Thu 06 Feb 2025 10:44:56 +0000 ROA not before: Thu 06 Feb 2025 10:39:56 +0000 ROA not after: Thu 05 Feb 2026 10:44:56 +0000 asID: 152389 IP address blocks: 157.15.216.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:63:bc:f2:a2:73:37:90:ca:17:df:53:58:64:b5:4c:1c:81:cf:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:56 2025 GMT Not After : Feb 5 10:44:56 2026 GMT Subject: CN=938228CD0111745051EE7010D8A9EB0173E1E32D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c8:90:b6:72:77:eb:3c:47:95:02:9d:db:64: cc:5e:d6:7c:c6:28:48:17:70:de:f2:d2:13:5f:30: dc:5d:1b:22:fc:8e:be:29:70:b0:c6:0d:f1:bc:fe: 61:da:8f:ac:e7:81:78:5e:73:1f:c7:05:00:92:94: 2d:82:d8:f3:5b:c3:ec:ab:bf:8a:ec:55:6c:c3:ee: 7f:be:62:be:3f:cd:7a:4c:88:b1:bb:b9:cb:16:da: da:10:79:a8:5c:f1:66:d3:b3:4d:8c:a2:6e:3e:ba: 17:5d:ea:9b:4c:4f:ea:1f:3d:dc:2c:80:b3:ce:ad: 9a:a3:77:9e:72:57:66:20:73:5e:eb:b6:08:43:08: 2b:37:e5:7c:4a:13:a2:2c:77:d2:80:c2:ae:2c:ce: 8f:f2:02:04:47:e1:06:0a:44:1f:71:dd:36:13:98: e7:a1:00:a4:26:2c:3b:4c:af:b4:20:39:88:1b:12: 1c:27:74:a7:68:58:76:72:5c:a9:0d:a2:a2:8a:d6: 5f:ac:be:2d:40:96:04:4d:c8:c1:60:d4:ca:ee:21: 8e:aa:a1:75:f8:63:73:a6:91:05:13:02:95:67:73: 7a:8b:db:26:54:e1:3e:57:27:4b:58:59:2b:bf:d4: 47:e0:5b:47:09:7b:9b:47:6a:2f:d6:21:d9:5e:88: 8b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:82:28:CD:01:11:74:50:51:EE:70:10:D8:A9:EB:01:73:E1:E3:2D X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152389.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.216.0/23 Signature Algorithm: sha256WithRSAEncryption 62:a8:d4:8b:c7:d3:fb:c4:b3:61:26:fc:f1:9d:c6:b7:df:4f: 21:29:7f:0d:0a:9c:da:9b:51:39:3f:eb:e6:56:9c:ab:2b:e8: a4:9c:0d:c9:dd:50:05:85:35:66:bc:da:bd:00:74:54:b9:f3: 2d:63:46:0c:ad:be:83:53:f2:a0:a8:d3:ce:8b:1c:3a:c0:a1: 38:f1:4b:13:e0:e3:42:95:e2:22:ce:cd:51:62:72:17:37:5a: b1:9e:6e:29:f6:0c:d0:2f:59:ce:75:6c:91:08:67:7f:95:78: 53:db:79:e6:52:3e:6d:ec:f4:f7:87:80:2f:70:80:12:57:94: df:5f:7c:71:02:a2:72:b5:da:00:0e:ce:45:de:5a:25:36:33: 72:98:22:45:2d:49:76:20:c1:0e:61:f1:2f:9c:83:3d:01:6a: 49:3b:34:0a:f0:e9:82:c1:49:60:24:e3:e1:31:c6:ac:68:95: 62:f1:a9:78:3d:23:d2:9d:a8:79:14:4b:23:64:88:59:bc:bc: b5:7e:f2:c9:83:65:11:5c:86:62:2e:d2:58:ca:05:e1:49:59: 7b:e9:d1:b7:e3:d4:d0:6a:e2:75:01:e2:65:fe:02:19:55:03: 76:af:2c:2c:18:02:b2:59:cb:51:cb:e7:49:75:e5:be:45:b0: f4:2b:1c:09 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUbmO88qJzN5DKF99TWGS1TByBz+IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NloX DTI2MDIwNTEwNDQ1NlowMzExMC8GA1UEAxMoOTM4MjI4Q0QwMTExNzQ1MDUxRUU3 MDEwRDhBOUVCMDE3M0UxRTMyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHIkLZyd+s8R5UCndtkzF7WfMYoSBdw3vLSE18w3F0bIvyOvilwsMYN8bz+ YdqPrOeBeF5zH8cFAJKULYLY81vD7Ku/iuxVbMPuf75ivj/NekyIsbu5yxba2hB5 qFzxZtOzTYyibj66F13qm0xP6h893CyAs86tmqN3nnJXZiBzXuu2CEMIKzflfEoT oix30oDCrizOj/ICBEfhBgpEH3HdNhOY56EApCYsO0yvtCA5iBsSHCd0p2hYdnJc qQ2ioorWX6y+LUCWBE3IwWDUyu4hjqqhdfhjc6aRBRMClWdzeovbJlThPlcnS1hZ K7/UR+BbRwl7m0dqL9Yh2V6Ii6UCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSTgijN ARF0UFHucBDYqesBc+HjLTAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM4OS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0P2DANBgkqhkiG9w0BAQsFAAOCAQEAYqjUi8fT+8SzYSb88Z3G t99PISl/DQqc2ptROT/r5lacqyvopJwNyd1QBYU1ZrzavQB0VLnzLWNGDK2+g1Py oKjTzoscOsChOPFLE+DjQpXiIs7NUWJyFzdasZ5uKfYM0C9ZznVskQhnf5V4U9t5 5lI+bez094eAL3CAEleU3198cQKicrXaAA7ORd5aJTYzcpgiRS1JdiDBDmHxL5yD PQFqSTs0CvDpgsFJYCTj4THGrGiVYvGpeD0j0p2oeRRLI2SIWby8tX7yyYNlEVyG Yi7SWMoF4UlZe+nRt+PU0GridQHiZf4CGVUDdq8sLBgCslnLUcvnSXXlvkWw9Csc CQ== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net