$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa File: AS152436.roa (raw, json) Hash identifier: T9xyFjdEI5NxSeLsHjXujSWob+XqaKydp4eFQvMkB7w= Subject key identifier: 6C:8F:6C:D6:0E:61:98:D7:B3:80:8B:E2:14:16:18:9D:E9:2D:B6:BE Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 430E64098FD020F073A40145E03B39005341F464 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa Signing time: Sun 09 Feb 2025 08:17:14 +0000 ROA not before: Sun 09 Feb 2025 08:12:14 +0000 ROA not after: Sun 08 Feb 2026 08:17:14 +0000 asID: 152436 IP address blocks: 157.20.206.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:0e:64:09:8f:d0:20:f0:73:a4:01:45:e0:3b:39:00:53:41:f4:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 9 08:12:14 2025 GMT Not After : Feb 8 08:17:14 2026 GMT Subject: CN=6C8F6CD60E6198D7B3808BE21416189DE92DB6BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:89:c2:ba:c6:ee:c0:89:f0:15:09:af:4c:7c: 44:9a:5a:cc:c8:71:35:36:d0:f9:31:40:d6:7a:17: 04:ea:49:04:ed:1d:77:16:9f:da:55:84:73:9f:2e: 69:6a:88:27:16:63:28:18:a3:12:1c:32:75:db:98: 8e:d1:d0:85:a2:b2:48:63:d7:6c:71:c7:65:e2:bf: cb:68:10:da:20:82:03:1e:14:c1:31:4b:8e:f9:2a: 5d:3e:6b:c3:5b:2c:4a:9f:af:5b:b7:48:82:40:48: ed:4a:5d:50:61:b9:52:e1:2f:b1:aa:2b:1c:cc:71: 29:64:dd:e4:e7:3d:07:91:14:07:6e:f7:96:7d:38: 96:1e:45:25:86:ee:ec:38:78:fa:8e:da:ef:f7:1a: 0f:b8:68:74:94:ab:eb:d9:16:78:b8:27:41:23:f3: 38:94:5b:29:1d:03:b1:f9:c8:5c:66:fb:85:05:5f: 01:c0:c6:e6:5f:11:7b:c7:56:95:48:22:b5:30:ef: 40:02:95:11:ca:ac:22:d1:87:c6:63:71:17:29:7f: 85:70:27:55:53:0e:09:5e:83:ac:c4:e9:b0:d1:7e: 6f:67:97:e8:89:9e:9c:af:2f:35:b5:c2:a1:6a:cb: 12:21:13:1b:ec:3f:b4:7b:9a:b1:89:55:07:97:59: 46:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:8F:6C:D6:0E:61:98:D7:B3:80:8B:E2:14:16:18:9D:E9:2D:B6:BE X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS152436.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.206.0/23 Signature Algorithm: sha256WithRSAEncryption 6a:bb:f5:99:fa:2e:f6:72:5b:f7:e7:28:d1:37:31:63:7b:85: a6:b9:b8:4e:36:dd:97:b0:fa:f2:f7:94:f5:4a:7e:7f:95:77: a0:7f:10:24:a4:b9:aa:81:ef:cc:d4:69:b9:4c:44:80:0e:e3: c9:c5:e1:a0:64:f0:c7:85:cf:34:c5:73:04:c4:2c:b3:fe:b2: c9:0b:5b:64:5c:e0:5e:64:cf:9f:2b:a4:a4:d4:20:ea:fa:2e: a0:a3:a9:de:77:00:bf:a0:52:15:b1:4c:d6:53:f3:00:32:6f: 27:bc:a2:60:fa:ea:58:35:c2:58:31:78:5e:4c:c1:93:ef:5d: f0:0a:b5:6c:bf:8e:8c:f8:5b:d6:3b:78:6f:67:71:9d:71:78: c1:ad:62:19:bf:c6:83:40:82:75:8c:f3:29:1c:46:57:72:3e: 1b:79:d5:05:91:78:aa:a9:b2:e8:aa:e7:d7:20:28:48:2b:2d: 31:b4:02:73:98:08:49:d2:77:86:e0:23:72:10:0c:a7:31:43: 93:69:a2:0c:e9:5a:d0:bd:5e:c8:d2:2f:a9:5d:20:33:b1:ba: 2e:7c:bf:5c:70:25:db:9b:63:d3:2f:b8:49:37:1d:2b:f3:b2: 02:b1:d7:f7:34:a9:17:b8:a5:fa:b5:67:23:9d:c5:7a:0f:79: 78:94:51:03 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUQw5kCY/QIPBzpAFF4Ds5AFNB9GQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwOTA4MTIxNFoX DTI2MDIwODA4MTcxNFowMzExMC8GA1UEAxMoNkM4RjZDRDYwRTYxOThEN0IzODA4 QkUyMTQxNjE4OURFOTJEQjZCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPCJwrrG7sCJ8BUJr0x8RJpazMhxNTbQ+TFA1noXBOpJBO0ddxaf2lWEc58u aWqIJxZjKBijEhwydduYjtHQhaKySGPXbHHHZeK/y2gQ2iCCAx4UwTFLjvkqXT5r w1ssSp+vW7dIgkBI7UpdUGG5UuEvsaorHMxxKWTd5Oc9B5EUB273ln04lh5FJYbu 7Dh4+o7a7/caD7hodJSr69kWeLgnQSPzOJRbKR0DsfnIXGb7hQVfAcDG5l8Re8dW lUgitTDvQAKVEcqsItGHxmNxFyl/hXAnVVMOCV6DrMTpsNF+b2eX6ImenK8vNbXC oWrLEiETG+w/tHuasYlVB5dZRpUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRsj2zW DmGY17OAi+IUFhid6S22vjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MjQzNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAZ0UzjANBgkqhkiG9w0BAQsFAAOCAQEAarv1mfou9nJb9+co0Tcx Y3uFprm4Tjbdl7D68veU9Up+f5V3oH8QJKS5qoHvzNRpuUxEgA7jycXhoGTwx4XP NMVzBMQss/6yyQtbZFzgXmTPnyukpNQg6vouoKOp3ncAv6BSFbFM1lPzADJvJ7yi YPrqWDXCWDF4XkzBk+9d8Aq1bL+OjPhb1jt4b2dxnXF4wa1iGb/Gg0CCdYzzKRxG V3I+G3nVBZF4qqmy6Krn1yAoSCstMbQCc5gISdJ3huAjchAMpzFDk2miDOla0L1e yNIvqV0gM7G6Lny/XHAl25tj0y+4STcdK/OyArHX9zSpF7il+rVnI53Feg95eJRR Aw== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net