$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa File: AS152414.roa (raw, json) Hash identifier: geRwXmDAQHWvCjve+wuxJ0wzsjYloEdIQ07CEWd+84M= Subject key identifier: 40:8B:83:51:38:4E:F2:33:B7:27:5E:B0:EA:04:9A:65:1E:E9:B0:53 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 056033A00044B370B16692E0D57DD15DAB29FA47 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa Signing time: Thu 06 Feb 2025 10:44:57 +0000 ROA not before: Thu 06 Feb 2025 10:39:57 +0000 ROA not after: Thu 05 Feb 2026 10:44:57 +0000 asID: 152414 IP address blocks: 157.20.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:60:33:a0:00:44:b3:70:b1:66:92:e0:d5:7d:d1:5d:ab:29:fa:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:57 2025 GMT Not After : Feb 5 10:44:57 2026 GMT Subject: CN=408B8351384EF233B7275EB0EA049A651EE9B053 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:0a:99:47:1f:d1:5d:96:ff:fb:13:4a:5a:f6: a0:f8:77:5c:67:ef:7d:df:50:b8:83:4d:90:f2:bb: 0c:90:92:43:97:3f:16:3e:ac:dc:0c:a6:2d:42:48: 75:80:d5:61:95:9f:1c:6c:ef:4d:8d:b7:65:b3:1a: 93:a9:1b:fb:90:96:c6:47:de:b8:51:90:9e:13:b9: 5b:ac:db:e6:ad:1c:25:af:95:d8:a1:ca:6c:d3:f3: a8:2e:34:df:d2:3f:32:b2:bb:35:52:3b:49:0c:2a: 89:f8:30:79:ba:93:b0:67:17:ce:07:e6:60:ec:31: b0:3b:ce:df:4d:2f:7a:cf:02:77:5e:52:2b:5b:48: d5:bc:80:46:40:5a:30:83:1e:b6:a0:dd:1c:ad:8c: bc:d7:75:fd:21:41:8b:8b:e4:c5:69:52:f3:95:08: a5:02:2b:65:00:89:20:8c:89:c6:5d:1f:ad:b0:c2: e5:f8:b4:23:e7:c7:bd:9e:67:90:fb:dc:e9:db:05: d2:5b:90:db:6a:8e:49:8a:64:ef:57:03:25:ad:e7: 13:40:34:06:ec:0f:03:01:3e:11:07:3e:99:4d:23: a4:66:cb:4a:d9:c5:d7:d4:1c:59:15:80:41:6f:08: d9:c5:5f:e8:19:ef:74:0f:2c:b1:a8:ad:12:1d:98: 85:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:8B:83:51:38:4E:F2:33:B7:27:5E:B0:EA:04:9A:65:1E:E9:B0:53 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152414.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.130.0/23 Signature Algorithm: sha256WithRSAEncryption 40:93:49:f2:7f:3d:86:20:40:5a:dc:8e:a7:fe:4c:43:60:b4: 9a:c8:59:f2:a5:37:fe:f3:df:32:d0:bd:1d:0d:ef:bb:aa:8c: 08:d8:4c:68:b7:a9:a2:87:de:18:7b:13:b2:2d:3a:96:11:c3: 66:71:d2:ff:30:ea:a4:1b:8b:c5:89:cc:45:19:77:c0:db:ef: a2:4d:59:78:72:84:8a:a3:04:2b:55:14:48:d1:4a:ca:d5:06: c7:bc:f2:50:b8:f5:f1:1c:18:07:b8:cf:eb:92:aa:46:71:eb: 6b:78:53:a7:6c:71:26:28:2c:17:fb:7b:d7:7a:d7:55:a0:30: e3:59:37:5a:a3:3c:29:41:a1:73:74:9e:83:e1:4b:ef:07:08: 15:13:13:a3:e7:fc:19:ea:a9:7d:6e:98:96:02:bf:75:95:a5: b9:45:20:59:44:e2:56:e3:1f:e4:76:8c:23:97:b8:20:5b:ef: 62:af:91:25:44:1b:a2:ee:93:7b:65:81:a3:6d:7c:0a:49:60: 92:a0:5a:d3:84:71:9e:6f:ca:1a:4f:3b:d9:2f:14:06:2b:16: 00:fa:b4:40:1a:f8:10:96:e1:24:6d:2d:34:9f:c8:f1:c5:97: 92:6d:4a:2b:d4:64:c5:4b:38:5b:3d:1f:25:58:1e:0d:56:71: 0d:70:3c:b2 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUBWAzoABEs3CxZpLg1X3RXasp+kcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1N1oX DTI2MDIwNTEwNDQ1N1owMzExMC8GA1UEAxMoNDA4QjgzNTEzODRFRjIzM0I3Mjc1 RUIwRUEwNDlBNjUxRUU5QjA1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOcKmUcf0V2W//sTSlr2oPh3XGfvfd9QuINNkPK7DJCSQ5c/Fj6s3AymLUJI dYDVYZWfHGzvTY23ZbMak6kb+5CWxkfeuFGQnhO5W6zb5q0cJa+V2KHKbNPzqC40 39I/MrK7NVI7SQwqifgwebqTsGcXzgfmYOwxsDvO300ves8Cd15SK1tI1byARkBa MIMetqDdHK2MvNd1/SFBi4vkxWlS85UIpQIrZQCJIIyJxl0frbDC5fi0I+fHvZ5n kPvc6dsF0luQ22qOSYpk71cDJa3nE0A0BuwPAwE+EQc+mU0jpGbLStnF19QcWRWA QW8I2cVf6BnvdA8ssaitEh2YhaUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRAi4NR OE7yM7cnXrDqBJplHumwUzAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQxNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UgjANBgkqhkiG9w0BAQsFAAOCAQEAQJNJ8n89hiBAWtyOp/5M Q2C0mshZ8qU3/vPfMtC9HQ3vu6qMCNhMaLepoofeGHsTsi06lhHDZnHS/zDqpBuL xYnMRRl3wNvvok1ZeHKEiqMEK1UUSNFKytUGx7zyULj18RwYB7jP65KqRnHra3hT p2xxJigsF/t713rXVaAw41k3WqM8KUGhc3Seg+FL7wcIFRMTo+f8GeqpfW6YlgK/ dZWluUUgWUTiVuMf5HaMI5e4IFvvYq+RJUQbou6Te2WBo218CklgkqBa04Rxnm/K Gk872S8UBisWAPq0QBr4EJbhJG0tNJ/I8cWXkm1KK9RkxUs4Wz0fJVgeDVZxDXA8 sg== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net