$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152394.roa File: AS152394.roa (raw, json) Hash identifier: m5DZjTVabojL1v5RiQMAYiDbZaWrVIC30OGldlvzjlY= Subject key identifier: AA:B3:E5:35:91:9C:7D:DF:A9:46:E2:49:85:BA:FA:05:9D:53:9B:28 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 03126940C719D988384FFA3BE4E3A57528C6087E Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152394.roa Signing time: Thu 06 Feb 2025 10:44:47 +0000 ROA not before: Thu 06 Feb 2025 10:39:47 +0000 ROA not after: Thu 05 Feb 2026 10:44:47 +0000 asID: 152394 IP address blocks: 157.20.46.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:12:69:40:c7:19:d9:88:38:4f:fa:3b:e4:e3:a5:75:28:c6:08:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:47 2025 GMT Not After : Feb 5 10:44:47 2026 GMT Subject: CN=AAB3E535919C7DDFA946E24985BAFA059D539B28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1f:d3:93:ea:34:e9:41:c4:6f:c9:de:80:b3: b5:8c:4d:b5:64:57:fc:ba:aa:6d:50:f8:96:cd:c2: 84:59:b1:d4:b4:15:ee:24:08:33:d8:9a:4c:5e:ca: b8:f0:1a:5d:d3:2b:3f:5a:8b:a3:3a:bb:da:41:c6: 82:37:67:91:cb:56:c3:62:ea:e2:7f:96:0b:00:4c: b9:04:0d:d9:66:e1:f9:64:f7:61:40:66:8c:1a:a6: f8:c8:c1:0c:87:61:04:1f:9c:43:b5:15:d6:98:b7: ec:19:a2:23:6d:b3:a6:9a:7e:51:ac:68:81:ab:8d: 06:d8:cc:34:12:36:3e:e9:1b:31:4e:14:28:13:e7: 0f:d9:81:1c:b9:87:a6:61:0b:4b:8a:9f:10:bf:0f: 52:3a:c5:ae:11:c4:49:7d:b0:0e:8f:8f:65:54:1b: b3:f0:25:89:2c:b6:25:32:61:55:79:db:ac:5a:9e: 6f:18:fa:69:9e:f5:6e:32:5e:75:e8:83:26:b2:78: 42:e6:e4:1f:e6:cd:05:c3:4f:46:cb:a0:73:33:2c: c4:67:ac:5e:2d:60:d0:db:99:f9:2c:61:79:bf:81: a5:5e:ef:16:c9:fd:ad:75:2b:9d:0c:de:13:ae:b3: 29:57:62:45:f1:36:d0:43:02:38:f3:6d:37:f3:33: e4:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:B3:E5:35:91:9C:7D:DF:A9:46:E2:49:85:BA:FA:05:9D:53:9B:28 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152394.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.46.0/23 Signature Algorithm: sha256WithRSAEncryption 23:05:56:70:91:3f:a1:b2:6e:dc:19:0a:7e:1c:32:c0:36:f1: 8e:40:90:23:2f:4b:08:8c:8e:9c:a6:ae:63:34:ef:21:47:f6: 95:4a:8e:8b:77:10:cc:7c:1f:85:2b:89:09:75:d8:74:25:8d: 43:40:da:42:9a:64:a7:5e:45:1d:41:80:4b:91:44:ed:31:e4: ce:53:9e:e5:7e:28:24:8d:0b:d7:97:19:0b:6b:4c:19:a6:3b: f3:cb:fc:07:49:e7:0f:c8:c9:29:22:8c:be:90:0f:37:15:61: 77:02:b8:e3:e4:fa:8a:f7:4f:31:3a:15:e0:04:3e:00:7a:76: e2:b8:9a:67:32:a6:15:78:cc:c1:b7:42:4b:d2:ef:40:c9:e5: 11:6b:22:9b:fb:bb:fa:fc:be:d8:9a:00:92:1a:c6:fa:2e:a9: 85:77:f6:a2:3c:b9:dd:82:2c:37:93:18:cd:78:39:61:a3:c5: b0:95:f2:6e:58:6c:48:af:90:56:36:3a:be:36:34:fd:cf:11: fb:fe:41:dd:9a:d3:f8:95:fc:82:f1:08:bc:cf:8e:c0:44:ad: bb:d7:df:23:62:3a:4b:56:68:db:c6:fc:d5:30:f1:49:19:36: 6f:ab:d1:7b:c2:e3:2f:8c:f5:cd:7e:fd:00:32:b6:39:ee:9f: a9:f2:d9:e9 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUAxJpQMcZ2Yg4T/o75OOldSjGCH4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk0N1oX DTI2MDIwNTEwNDQ0N1owMzExMC8GA1UEAxMoQUFCM0U1MzU5MTlDN0RERkE5NDZF MjQ5ODVCQUZBMDU5RDUzOUIyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUf05PqNOlBxG/J3oCztYxNtWRX/LqqbVD4ls3ChFmx1LQV7iQIM9iaTF7K uPAaXdMrP1qLozq72kHGgjdnkctWw2Lq4n+WCwBMuQQN2Wbh+WT3YUBmjBqm+MjB DIdhBB+cQ7UV1pi37BmiI22zppp+UaxogauNBtjMNBI2PukbMU4UKBPnD9mBHLmH pmELS4qfEL8PUjrFrhHESX2wDo+PZVQbs/AliSy2JTJhVXnbrFqebxj6aZ71bjJe deiDJrJ4QubkH+bNBcNPRsugczMsxGesXi1g0NuZ+Sxheb+BpV7vFsn9rXUrnQze E66zKVdiRfE20EMCOPNtN/Mz5KECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSqs+U1 kZx936lG4kmFuvoFnVObKDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjM5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0ULjANBgkqhkiG9w0BAQsFAAOCAQEAIwVWcJE/obJu3BkKfhwy wDbxjkCQIy9LCIyOnKauYzTvIUf2lUqOi3cQzHwfhSuJCXXYdCWNQ0DaQppkp15F HUGAS5FE7THkzlOe5X4oJI0L15cZC2tMGaY788v8B0nnD8jJKSKMvpAPNxVhdwK4 4+T6ivdPMToV4AQ+AHp24riaZzKmFXjMwbdCS9LvQMnlEWsim/u7+vy+2JoAkhrG +i6phXf2ojy53YIsN5MYzXg5YaPFsJXyblhsSK+QVjY6vjY0/c8R+/5B3ZrT+JX8 gvEIvM+OwEStu9ffI2I6S1Zo28b81TDxSRk2b6vRe8LjL4z1zX79ADK2Oe6fqfLZ 6Q== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net