$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa File: AS153524.roa (raw, json) Hash identifier: V7grZ9cmzMqvO7N0WjDRtZdW/N+40zWnTBdCCBvlffw= Subject key identifier: 4B:B3:81:98:88:6F:5D:99:28:19:58:52:12:B9:24:59:18:0B:6C:54 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1418D6446602E38C888E7A1BB5FAAF2E09C84920 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa Signing time: Mon 24 Feb 2025 02:38:06 +0000 ROA not before: Mon 24 Feb 2025 02:33:06 +0000 ROA not after: Mon 23 Feb 2026 02:38:06 +0000 asID: 153524 IP address blocks: 160.250.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:18:d6:44:66:02:e3:8c:88:8e:7a:1b:b5:fa:af:2e:09:c8:49:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 24 02:33:06 2025 GMT Not After : Feb 23 02:38:06 2026 GMT Subject: CN=4BB38198886F5D992819585212B92459180B6C54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:91:5d:b6:4d:d4:1e:4c:06:49:39:78:2c:b2: 72:8b:50:6b:26:dd:ed:ac:ec:4b:7e:4d:c6:1e:5a: 7e:ce:3e:83:79:89:5d:98:0c:ae:1b:61:19:91:60: 06:a2:fd:e7:58:d6:3d:ca:4e:99:e1:d7:42:78:ef: 36:13:d4:f5:f7:2c:e3:0e:93:4a:93:a7:e3:8a:da: 2c:d3:39:b0:6f:77:d9:3c:91:7a:cf:22:24:3c:6e: ab:a0:2a:91:ef:1c:2b:aa:ea:bb:3f:2b:5f:08:1a: 0f:fe:4a:b8:b6:74:83:a5:5c:d0:63:70:a1:f0:9e: 6f:7c:ed:32:a8:58:6b:e0:4a:c1:73:99:a7:c7:28: 7f:76:c4:9e:90:35:6e:7b:d4:4c:13:f0:ca:2f:80: ca:0c:5f:a8:56:a5:1e:aa:46:fa:92:41:88:30:d5: 80:d7:9b:4a:45:02:1f:8a:57:13:50:b7:ab:36:dd: e2:77:8e:ca:b3:8d:65:85:67:61:32:6d:28:78:ea: 31:35:2d:a0:7d:60:20:7d:b0:2a:c2:c1:b4:f9:49: 9d:c1:42:74:e2:fd:92:9c:ec:06:2c:45:79:89:08: fa:52:1e:69:b1:6f:25:3b:5b:aa:6f:93:7e:16:09: f7:68:dc:25:99:fc:59:8d:ea:7d:f7:c8:9b:33:39: 52:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B3:81:98:88:6F:5D:99:28:19:58:52:12:B9:24:59:18:0B:6C:54 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153524.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.250.35.0/24 Signature Algorithm: sha256WithRSAEncryption 83:ad:5d:32:49:4f:0d:c8:71:c9:10:61:ae:0a:5d:34:0a:93: ff:d2:13:9f:99:fa:be:44:1b:4b:bf:54:0f:ca:78:90:76:d1: 83:a1:b5:b7:84:cf:32:60:c8:de:9d:75:ea:c3:2c:82:3e:bb: 2c:2e:3c:3a:8a:46:15:03:7c:dc:11:27:a9:ce:c0:88:39:f3: 6c:e1:22:82:a4:ab:a9:98:83:77:1e:dc:40:b7:7d:75:ba:2e: 71:db:77:64:f8:b8:f1:c5:5c:00:18:65:8e:e7:c0:f8:00:59: 71:1e:6b:e6:c6:60:36:1a:08:c7:8d:05:7a:a5:55:2e:37:11: b4:a3:bf:3c:dc:52:eb:bd:ea:bd:b4:af:d2:d4:81:71:26:57: a3:f7:88:c0:a9:d2:17:5d:14:e5:d8:9c:27:e0:f1:18:b7:2c: bb:1e:2a:61:67:2e:39:cd:f7:11:e6:95:a9:9f:fe:62:9d:0d: 5e:31:7a:86:d7:98:03:93:6c:48:86:4b:d9:e4:fe:23:f6:63: 7a:56:66:3e:34:60:00:56:80:cd:4e:da:a2:61:de:4d:bb:67: 33:ca:76:9f:f9:d9:6f:e5:da:f4:1a:71:a3:cc:d9:9d:c4:84: 42:d7:a2:db:f8:b9:fa:ed:47:2a:40:ce:00:77:54:43:94:c5: 9f:37:76:00 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFBjWRGYC44yIjnobtfqvLgnISSAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIyNDAyMzMwNloX DTI2MDIyMzAyMzgwNlowMzExMC8GA1UEAxMoNEJCMzgxOTg4ODZGNUQ5OTI4MTk1 ODUyMTJCOTI0NTkxODBCNkM1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANqRXbZN1B5MBkk5eCyycotQaybd7azsS35Nxh5afs4+g3mJXZgMrhthGZFg BqL951jWPcpOmeHXQnjvNhPU9fcs4w6TSpOn44raLNM5sG932TyRes8iJDxuq6Aq ke8cK6rquz8rXwgaD/5KuLZ0g6Vc0GNwofCeb3ztMqhYa+BKwXOZp8cof3bEnpA1 bnvUTBPwyi+AygxfqFalHqpG+pJBiDDVgNebSkUCH4pXE1C3qzbd4neOyrONZYVn YTJtKHjqMTUtoH1gIH2wKsLBtPlJncFCdOL9kpzsBixFeYkI+lIeabFvJTtbqm+T fhYJ92jcJZn8WY3qfffImzM5Ut0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRLs4GY iG9dmSgZWFISuSRZGAtsVDAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzUyNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKD6IzANBgkqhkiG9w0BAQsFAAOCAQEAg61dMklPDchxyRBhrgpd NAqT/9ITn5n6vkQbS79UD8p4kHbRg6G1t4TPMmDI3p116sMsgj67LC48OopGFQN8 3BEnqc7AiDnzbOEigqSrqZiDdx7cQLd9dboucdt3ZPi48cVcABhljufA+ABZcR5r 5sZgNhoIx40FeqVVLjcRtKO/PNxS673qvbSv0tSBcSZXo/eIwKnSF10U5dicJ+Dx GLcsux4qYWcuOc33EeaVqZ/+Yp0NXjF6hteYA5NsSIZL2eT+I/ZjelZmPjRgAFaA zU7aomHeTbtnM8p2n/nZb+Xa9Bpxo8zZncSEQtei2/i5+u1HKkDOAHdUQ5TFnzd2 AA== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net