$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153107.roa File: AS153107.roa (raw, json) Hash identifier: QILOSwNeRRtVacUKY3hlaipP0OOUdEavdp+4utpweF4= Subject key identifier: 32:87:3A:6F:F1:A0:CE:31:C9:13:C1:70:55:47:94:C4:02:75:46:6E Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5A0EB26E30D027C00E0D65E80B66FD113FBEACED Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153107.roa Signing time: Thu 06 Feb 2025 10:44:51 +0000 ROA not before: Thu 06 Feb 2025 10:39:51 +0000 ROA not after: Thu 05 Feb 2026 10:44:51 +0000 asID: 153107 IP address blocks: 160.25.196.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:0e:b2:6e:30:d0:27:c0:0e:0d:65:e8:0b:66:fd:11:3f:be:ac:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 10:39:51 2025 GMT Not After : Feb 5 10:44:51 2026 GMT Subject: CN=32873A6FF1A0CE31C913C170554794C40275466E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:eb:eb:c0:26:49:4f:38:95:28:cf:88:67:af: 03:96:f6:d0:b1:da:4d:6f:66:89:f3:53:9b:38:21: 8c:f6:ec:79:55:46:ad:ef:9f:b2:0f:90:b1:31:68: 45:bc:2a:6f:93:7c:96:1f:37:02:f1:12:e3:60:3e: cd:39:5f:1a:d8:89:2c:ad:fa:f2:b1:64:fc:cb:73: c3:07:f6:10:c6:94:7c:03:5b:a0:ca:35:e6:f9:df: 66:76:c0:8e:0e:eb:b2:88:1d:9d:8a:48:4d:7e:e9: 85:2e:1c:f3:c8:e9:6f:29:dd:ef:c9:36:55:e6:8a: af:f3:73:88:5f:db:7a:43:29:45:ee:d6:2a:3a:99: 07:04:c3:0f:1b:73:cc:ac:c3:80:c6:e9:d5:fc:a6: 1f:8e:b3:c8:5a:7e:01:84:00:03:d1:e6:37:bf:8f: 23:53:72:db:54:b9:b5:95:91:f0:e9:86:b6:24:0a: 08:6d:ec:cc:0e:0d:e9:f4:0b:a6:57:aa:4d:0a:2c: fb:52:e9:fa:5a:86:b0:42:6f:cb:97:d0:0c:de:cc: 7d:a9:6b:ce:c7:31:f4:69:95:c9:ff:1f:14:96:9f: a0:3a:e7:54:01:ee:24:3d:d8:be:fb:5c:06:07:83: c7:a5:65:d1:c1:6b:46:2c:b3:9d:48:42:a8:b2:7c: 4f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:87:3A:6F:F1:A0:CE:31:C9:13:C1:70:55:47:94:C4:02:75:46:6E X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153107.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.196.0/23 Signature Algorithm: sha256WithRSAEncryption 33:a5:37:7d:c3:99:2b:23:51:94:f3:89:2e:91:2f:3a:b7:93: 78:bc:5f:8e:f1:46:38:27:d3:b2:9a:1f:0e:07:07:83:2b:18: cd:b9:56:86:55:ca:54:11:1b:7e:7a:a3:d4:b5:c5:bf:f9:ad: 04:08:eb:7f:39:d3:19:b9:07:98:4a:9e:fa:8a:28:32:fe:c5: 98:54:42:8a:e8:5b:00:6d:06:9c:45:9a:d5:85:88:d3:85:63: bd:03:9c:af:d5:85:e7:af:fa:4f:fd:2c:2a:d4:f8:6c:97:61: 58:ea:40:00:5e:41:96:e7:19:d8:c3:7c:a5:e8:c3:93:61:ab: c6:cd:dc:22:a3:d7:7d:f7:79:f7:09:e6:91:ab:2b:8a:bd:cc: 05:cc:b1:11:dd:32:af:34:ea:05:66:47:10:b6:3f:ef:fe:c4: 16:2f:15:0e:c9:72:2d:e1:9f:3b:80:60:ff:a6:2b:fa:b1:9e: f1:49:ec:15:47:d4:4f:aa:94:b7:a5:d4:ab:d2:c7:27:74:85: 84:1a:4e:33:54:b7:1b:e1:38:cc:e8:a0:a1:3a:09:a2:2a:ec: 47:9b:22:dc:ed:03:d3:fb:ac:2a:c2:8c:6e:0d:39:67:d8:f6: dc:95:b1:50:bb:22:9a:a2:72:f3:02:b3:43:14:70:e5:c7:ee: f2:b3:ea:51 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUWg6ybjDQJ8AODWXoC2b9ET++rO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIwNjEwMzk1MVoX DTI2MDIwNTEwNDQ1MVowMzExMC8GA1UEAxMoMzI4NzNBNkZGMUEwQ0UzMUM5MTND MTcwNTU0Nzk0QzQwMjc1NDY2RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzr68AmSU84lSjPiGevA5b20LHaTW9mifNTmzghjPbseVVGre+fsg+QsTFo Rbwqb5N8lh83AvES42A+zTlfGtiJLK368rFk/Mtzwwf2EMaUfANboMo15vnfZnbA jg7rsogdnYpITX7phS4c88jpbynd78k2VeaKr/NziF/bekMpRe7WKjqZBwTDDxtz zKzDgMbp1fymH46zyFp+AYQAA9HmN7+PI1Ny21S5tZWR8OmGtiQKCG3szA4N6fQL pleqTQos+1Lp+lqGsEJvy5fQDN7Mfalrzscx9GmVyf8fFJafoDrnVAHuJD3Yvvtc BgeDx6Vl0cFrRiyznUhCqLJ8T0kCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBQyhzpv 8aDOMckTwXBVR5TEAnVGbjAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzEwNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAaAZxDANBgkqhkiG9w0BAQsFAAOCAQEAM6U3fcOZKyNRlPOJLpEv OreTeLxfjvFGOCfTspofDgcHgysYzblWhlXKVBEbfnqj1LXFv/mtBAjrfznTGbkH mEqe+oooMv7FmFRCiuhbAG0GnEWa1YWI04VjvQOcr9WF56/6T/0sKtT4bJdhWOpA AF5BlucZ2MN8pejDk2Grxs3cIqPXffd59wnmkasrir3MBcyxEd0yrzTqBWZHELY/ 7/7EFi8VDslyLeGfO4Bg/6Yr+rGe8UnsFUfUT6qUt6XUq9LHJ3SFhBpOM1S3G+E4 zOigoToJoirsR5si3O0D0/usKsKMbg05Z9j23JWxULsimqJy8wKzQxRw5cfu8rPq UQ== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net