$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153570.roa File: AS153570.roa (raw, json) Hash identifier: RG1lAthIpfWZCJn4dCOfSpx+kl5zrUuFJvFxvVN9sUM= Subject key identifier: A4:FD:EB:7E:1C:28:E8:A9:E8:87:FE:9D:87:4C:96:BA:9C:9C:0E:D2 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6422277732A19BF71BC8E715E92333E70267CC8D Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153570.roa Signing time: Tue 11 Feb 2025 08:07:35 +0000 ROA not before: Tue 11 Feb 2025 08:02:35 +0000 ROA not after: Tue 10 Feb 2026 08:07:35 +0000 asID: 153570 IP address blocks: 161.248.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 19:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:22:27:77:32:a1:9b:f7:1b:c8:e7:15:e9:23:33:e7:02:67:cc:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 11 08:02:35 2025 GMT Not After : Feb 10 08:07:35 2026 GMT Subject: CN=A4FDEB7E1C28E8A9E887FE9D874C96BA9C9C0ED2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:08:20:95:72:6c:f1:71:09:76:f4:b4:27:dd: a2:73:53:11:60:6b:d4:90:97:81:61:50:4b:db:9e: d6:10:2b:7d:ad:c5:f7:a0:e4:06:84:18:3c:69:3b: 98:31:ff:cf:99:26:aa:3a:59:4f:29:6b:1c:57:eb: b0:87:b6:8a:54:56:ab:7a:b5:1a:43:c8:eb:db:10: 8c:af:c2:6c:38:ee:1c:48:51:e6:e2:6a:97:bf:7a: 97:cc:d7:aa:1b:22:fa:67:80:d0:61:06:53:2b:da: 5d:2b:be:90:09:9e:e7:20:eb:d9:08:d9:90:96:c9: 71:d7:56:f2:3b:f3:0e:97:82:0b:4f:13:17:5a:27: a4:d0:af:0b:ad:44:1b:3d:e6:df:d5:99:00:48:2d: af:2f:f1:17:a8:28:52:0d:99:7e:69:66:a3:bf:4b: 0f:b8:73:1d:ae:77:a7:9e:60:05:5c:43:c4:f5:39: da:ed:a1:0b:59:4f:df:4e:f0:e8:e4:57:8c:c3:4b: b6:50:48:aa:9e:66:f5:03:7d:e5:89:19:82:ac:23: 86:89:62:8a:48:99:2a:c1:72:ed:94:6d:41:da:0f: c5:09:49:d3:41:0f:df:17:f0:e5:ee:10:7d:6d:b9: 4b:b8:3c:8e:7c:53:25:53:7c:18:73:93:03:7b:e5: bb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:FD:EB:7E:1C:28:E8:A9:E8:87:FE:9D:87:4C:96:BA:9C:9C:0E:D2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/AS153570.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 161.248.251.0/24 Signature Algorithm: sha256WithRSAEncryption 10:de:23:8f:bd:dc:a8:85:b9:d1:ee:48:d8:05:be:48:b3:20: a1:86:d2:f6:69:22:7f:ff:c1:b4:56:54:e0:0a:b3:ac:4e:53: 51:f1:77:45:4f:b8:db:cd:6f:ba:38:97:19:e9:78:90:ac:cb: 4b:22:e8:04:1f:d4:bc:db:f6:f5:cb:8b:4e:78:b6:91:7e:d2: 33:80:75:81:35:01:d7:be:5b:a9:1f:58:3b:c6:d3:03:5f:db: a2:b3:5c:bb:b7:94:17:8c:c2:6f:9d:eb:85:d6:b8:82:cb:f2: f3:6d:ac:cf:cc:a2:b7:97:cf:22:3b:b9:04:6f:46:54:f8:69: 24:9d:cd:1f:c8:8b:ce:85:9c:b3:0b:47:e2:f9:cf:ad:85:a0: 4d:eb:28:9b:15:a7:d5:42:91:25:94:2a:b3:3c:d1:eb:0d:ce: a9:d1:c3:52:fc:c0:fd:01:94:bd:2f:1b:ed:76:ff:bc:07:fe: 8c:74:ed:ef:27:97:54:83:ae:4d:95:3f:7f:bc:dc:31:93:b8: d7:1a:fc:9e:6c:50:eb:05:8b:82:1a:e7:db:0c:5b:55:7b:a0: 80:69:e3:9e:3a:88:e1:70:99:5a:5c:76:6b:53:4f:e4:2c:0d: 09:31:ed:13:1e:b9:6b:ab:c8:c9:cd:85:10:2d:ae:6c:7d:bf: 87:c7:2e:1f -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUZCIndzKhm/cbyOcV6SMz5wJnzI0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDIxMTA4MDIzNVoX DTI2MDIxMDA4MDczNVowMzExMC8GA1UEAxMoQTRGREVCN0UxQzI4RThBOUU4ODdG RTlEODc0Qzk2QkE5QzlDMEVEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMIIJVybPFxCXb0tCfdonNTEWBr1JCXgWFQS9ue1hArfa3F96DkBoQYPGk7 mDH/z5kmqjpZTylrHFfrsIe2ilRWq3q1GkPI69sQjK/CbDjuHEhR5uJql796l8zX qhsi+meA0GEGUyvaXSu+kAme5yDr2QjZkJbJcddW8jvzDpeCC08TF1onpNCvC61E Gz3m39WZAEgtry/xF6goUg2Zfmlmo79LD7hzHa53p55gBVxDxPU52u2hC1lP307w 6ORXjMNLtlBIqp5m9QN95YkZgqwjholiikiZKsFy7ZRtQdoPxQlJ00EP3xfw5e4Q fW25S7g8jnxTJVN8GHOTA3vlu7ECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBSk/et+ HCjoqeiH/p2HTJa6nJwO0jAfBgNVHSMEGDAWgBRg+L6cFmJcQksmnuBsZKg7q4UG 1DAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS82MEY4QkU5QzE2NjI1QzQy NEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0LmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CM0Ey NEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9ZUGktbkJaaVhFSkxKcDdnYkdT b082dUZCdFEuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMS9BUzE1MzU3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAKH4+zANBgkqhkiG9w0BAQsFAAOCAQEAEN4jj73cqIW50e5I2AW+ SLMgoYbS9mkif//BtFZU4AqzrE5TUfF3RU+4281vujiXGel4kKzLSyLoBB/UvNv2 9cuLTni2kX7SM4B1gTUB175bqR9YO8bTA1/borNcu7eUF4zCb53rhda4gsvy822s z8yit5fPIju5BG9GVPhpJJ3NH8iLzoWcswtH4vnPrYWgTesomxWn1UKRJZQqszzR 6w3OqdHDUvzA/QGUvS8b7Xb/vAf+jHTt7yeXVIOuTZU/f7zcMZO41xr8nmxQ6wWL ghrn2wxbVXuggGnjnjqI4XCZWlx2a1NP5CwNCTHtEx65a6vIyc2FEC2ubH2/h8cu Hw== -----END CERTIFICATE-----Generated at Thu Apr 24 18:01:27 2025 by rpki-client on console.sobornost.net