$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa File: AS152431.roa (raw, json) Hash identifier: 9Nefv7DnnxDQBkasmaY+O8o7auKD9XGqb0TiUCIPT98= Subject key identifier: C1:1F:E4:EB:69:B8:6F:19:21:81:02:B9:C9:44:7D:ED:EC:16:29:26 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 35D450AC091BAA7864DB0C14B2521C235476AFA5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa Signing time: Thu 06 Feb 2025 10:44:56 +0000 ROA not before: Thu 06 Feb 2025 10:39:56 +0000 ROA not after: Thu 05 Feb 2026 10:44:56 +0000 asID: 152431 IP address blocks: 157.20.230.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:d4:50:ac:09:1b:aa:78:64:db:0c:14:b2:52:1c:23:54:76:af:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:56 2025 GMT Not After : Feb 5 10:44:56 2026 GMT Subject: CN=C11FE4EB69B86F19218102B9C9447DEDEC162926 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c7:c0:b0:80:0b:cc:de:c0:3d:14:b0:e4:8e: e2:f4:34:7d:db:bd:9b:78:30:84:00:7d:74:81:ee: 2e:d7:35:e9:92:b3:40:cc:fc:3f:8a:0f:5c:ea:11: 91:fc:d9:fa:38:49:ed:6e:83:71:25:18:8b:38:c4: 6a:81:0a:86:7f:70:c9:95:2e:d3:e1:25:f6:66:ea: 03:47:f9:cf:3f:fb:10:ac:19:aa:64:36:65:fb:6a: 82:a3:bc:31:75:65:99:61:06:c4:1c:85:e5:c0:d8: 44:d2:da:22:0b:4b:f7:b1:96:bb:9a:2a:ef:3a:68: b7:ef:7e:57:4e:69:ac:74:6b:13:94:b3:fa:2e:7a: ad:2f:d3:c8:55:85:7a:c3:9c:07:b4:b8:39:fc:83: 6e:4c:2d:15:ca:e8:fd:85:de:94:b8:79:6a:2f:5f: 8c:21:2f:7e:fb:8d:73:f7:f2:31:76:9a:1a:28:e9: af:fb:ee:ad:d5:58:c8:35:ad:ed:aa:3e:bc:2e:5f: 8c:9b:ba:9a:b0:23:ab:09:8c:07:6a:c3:66:d6:42: 8c:ec:73:94:7f:4f:db:2e:84:2d:4e:88:34:f0:86: 63:cb:62:ed:81:30:3a:ac:dd:89:81:ae:e6:e7:79: 83:19:b6:28:78:d3:fc:d9:52:68:46:b6:f3:e2:3d: 95:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:1F:E4:EB:69:B8:6F:19:21:81:02:B9:C9:44:7D:ED:EC:16:29:26 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.230.0/23 Signature Algorithm: sha256WithRSAEncryption 72:62:a7:bc:6a:65:c5:08:2a:e5:b4:e2:7a:dc:49:59:04:3d: 21:b2:7c:80:a1:59:f0:0e:79:cb:b3:13:58:f7:dd:2b:d7:47: fe:ba:1d:4c:fe:f8:de:03:db:aa:c4:7d:f9:da:ca:a4:26:a3: 22:66:bf:49:dc:a8:de:9b:ec:fd:5e:b6:f3:12:cf:d9:68:cb: da:df:5a:40:71:dc:b2:42:52:cc:6d:61:00:07:1b:3f:94:3a: 46:1c:b9:5d:06:3a:0d:7b:38:7e:f5:30:5c:1d:ac:a4:86:a8: e1:a1:cf:ac:70:26:bc:d4:16:e8:71:df:88:65:bd:fd:36:50: aa:72:ba:d7:e5:a8:b2:5d:dd:58:94:cc:c7:ce:5d:ec:15:eb: 3a:2e:c0:93:a8:d2:1b:fd:be:c9:37:4e:49:c6:da:a1:7c:0a: 5a:46:36:76:d6:04:be:a8:fa:aa:34:b1:a3:b5:e9:2c:44:e0: 51:1b:81:13:4c:72:7d:d4:91:54:da:06:eb:a0:1e:80:95:be: dd:98:d8:b4:85:df:ca:75:69:46:0b:83:14:82:e2:eb:3c:b4: 3e:b7:70:93:6d:ad:04:eb:b1:b9:ee:43:b8:c4:87:61:ec:9b: 4c:6d:4b:fe:70:04:05:e5:27:c0:39:d3:3d:e5:19:dc:a5:ce: 4f:dc:e7:f0 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUNdRQrAkbqnhk2wwUslIcI1R2r6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1NloX DTI2MDIwNTEwNDQ1NlowMzExMC8GA1UEAxMoQzExRkU0RUI2OUI4NkYxOTIxODEw MkI5Qzk0NDdERURFQzE2MjkyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK/HwLCAC8zewD0UsOSO4vQ0fdu9m3gwhAB9dIHuLtc16ZKzQMz8P4oPXOoR kfzZ+jhJ7W6DcSUYizjEaoEKhn9wyZUu0+El9mbqA0f5zz/7EKwZqmQ2ZftqgqO8 MXVlmWEGxByF5cDYRNLaIgtL97GWu5oq7zpot+9+V05prHRrE5Sz+i56rS/TyFWF esOcB7S4OfyDbkwtFcro/YXelLh5ai9fjCEvfvuNc/fyMXaaGijpr/vurdVYyDWt 7ao+vC5fjJu6mrAjqwmMB2rDZtZCjOxzlH9P2y6ELU6INPCGY8ti7YEwOqzdiYGu 5ud5gxm2KHjT/NlSaEa28+I9lT0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTBH+Tr abhvGSGBArnJRH3t7BYpJjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0U5jANBgkqhkiG9w0BAQsFAAOCAQEAcmKnvGplxQgq5bTietxJ WQQ9IbJ8gKFZ8A55y7MTWPfdK9dH/rodTP743gPbqsR9+drKpCajIma/Sdyo3pvs /V628xLP2WjL2t9aQHHcskJSzG1hAAcbP5Q6Rhy5XQY6DXs4fvUwXB2spIao4aHP rHAmvNQW6HHfiGW9/TZQqnK61+Wosl3dWJTMx85d7BXrOi7Ak6jSG/2+yTdOScba oXwKWkY2dtYEvqj6qjSxo7XpLETgURuBE0xyfdSRVNoG66AegJW+3ZjYtIXfynVp RguDFILi6zy0Prdwk22tBOuxue5DuMSHYeybTG1L/nAEBeUnwDnTPeUZ3KXOT9zn 8A== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net