$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152022.roa File: AS152022.roa (raw, json) Hash identifier: IpFVeD71BLDEMm+x9tSmoEmQd2I6SIYAyAglUx8xiRU= Subject key identifier: D2:D5:39:0E:5F:5D:14:CF:1F:73:A7:36:CA:11:9D:5D:CB:00:0B:6A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2BD79BEF519B5B00641D31B9BB624B08B8E80AC4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152022.roa Signing time: Mon 24 Feb 2025 03:13:00 +0000 ROA not before: Mon 24 Feb 2025 03:08:00 +0000 ROA not after: Mon 23 Feb 2026 03:13:00 +0000 asID: 152022 IP address blocks: 202.47.176.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:d7:9b:ef:51:9b:5b:00:64:1d:31:b9:bb:62:4b:08:b8:e8:0a:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 24 03:08:00 2025 GMT Not After : Feb 23 03:13:00 2026 GMT Subject: CN=D2D5390E5F5D14CF1F73A736CA119D5DCB000B6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:35:88:78:73:a9:85:d3:f7:d2:ab:b6:32:9e: 8a:7a:78:a2:d8:05:1b:2a:ac:17:34:aa:e9:cd:38: 86:af:e2:38:5b:55:ba:c6:bb:54:ce:fc:5c:41:70: f6:9f:a0:2b:64:df:ff:3c:05:de:4a:8f:99:48:be: d9:89:c5:c1:e1:8d:a6:70:8e:aa:77:b7:ba:37:04: 1c:df:f4:be:21:81:48:43:9f:0f:0b:15:52:35:2c: d4:2f:30:3f:be:f7:92:30:8e:f4:de:5c:57:80:78: 67:16:55:06:0e:84:68:34:ed:03:24:65:b5:c4:5a: 3e:eb:73:e7:b7:95:6a:a5:16:ea:93:19:ca:25:ef: 09:fa:ad:6d:43:29:50:3d:8b:be:15:f1:03:93:12: 90:d7:50:77:d4:fa:0e:fa:c0:f7:12:76:f8:26:05: 0d:4b:a6:5b:5e:64:a9:7d:67:a8:13:dc:8b:19:db: dc:3f:51:c2:dc:f5:91:55:bb:24:89:7c:b0:47:06: 27:04:57:c6:8d:0d:fb:d3:3c:3d:69:e6:1b:da:cb: 02:f0:bc:af:80:0b:d0:43:b3:23:50:98:bc:f0:66: 77:5b:c7:7e:7d:6c:48:6c:2b:fb:c5:4b:14:7b:eb: 8f:3f:97:42:44:74:c8:88:93:24:9a:fe:8d:6c:08: 84:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:D5:39:0E:5F:5D:14:CF:1F:73:A7:36:CA:11:9D:5D:CB:00:0B:6A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152022.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.47.176.0/23 Signature Algorithm: sha256WithRSAEncryption 0a:22:cd:3b:1f:e6:d1:71:1c:a4:3e:6d:d8:47:59:6a:60:41: 19:ff:a8:ee:cf:58:a4:dd:c8:8b:6a:f5:e2:d3:62:17:30:7a: d4:66:82:36:3a:f5:32:d9:c4:7b:5a:a2:93:00:80:b9:a4:04: 78:db:c6:80:8b:99:9d:26:b6:9e:18:18:f5:90:58:77:78:58: ca:47:7b:81:c9:0d:c4:8d:ef:82:7c:54:4a:ab:ad:a4:5e:35: 9c:06:8d:71:cb:63:19:e9:63:4b:de:a8:0e:92:55:16:65:d9: 9b:c8:6e:b5:08:1f:fb:6a:36:61:12:29:2e:a1:4b:db:16:33: ee:d0:80:f0:8c:da:48:eb:4e:be:0b:23:ab:43:bb:7c:34:ee: 40:bf:16:8e:d0:2f:05:f0:6f:94:19:3d:f4:69:da:2a:b3:6a: a5:e3:b6:68:b9:ac:56:5c:dd:5d:6c:48:13:93:d5:6a:97:d6: f8:45:e2:33:14:20:e8:73:cc:be:00:89:7f:63:61:22:70:e2: 37:72:c9:0b:88:d4:4b:76:37:7c:d4:68:b0:26:03:b9:0b:12: c8:8d:f8:43:23:9c:f9:fd:ec:06:9f:4b:9e:43:6e:9c:7d:f2: ff:2a:ee:86:11:d5:76:83:85:4e:77:42:58:fa:eb:4e:fe:2f: 03:04:30:08 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUK9eb71GbWwBkHTG5u2JLCLjoCsQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIyNDAzMDgwMFoX DTI2MDIyMzAzMTMwMFowMzExMC8GA1UEAxMoRDJENTM5MEU1RjVEMTRDRjFGNzNB NzM2Q0ExMTlENURDQjAwMEI2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMA1iHhzqYXT99KrtjKeinp4otgFGyqsFzSq6c04hq/iOFtVusa7VM78XEFw 9p+gK2Tf/zwF3kqPmUi+2YnFweGNpnCOqne3ujcEHN/0viGBSEOfDwsVUjUs1C8w P773kjCO9N5cV4B4ZxZVBg6EaDTtAyRltcRaPutz57eVaqUW6pMZyiXvCfqtbUMp UD2LvhXxA5MSkNdQd9T6DvrA9xJ2+CYFDUumW15kqX1nqBPcixnb3D9Rwtz1kVW7 JIl8sEcGJwRXxo0N+9M8PWnmG9rLAvC8r4AL0EOzI1CYvPBmd1vHfn1sSGwr+8VL FHvrjz+XQkR0yIiTJJr+jWwIhG0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTS1TkO X10Uzx9zpzbKEZ1dywALajAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAyMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAcovsDANBgkqhkiG9w0BAQsFAAOCAQEACiLNOx/m0XEcpD5t2EdZ amBBGf+o7s9YpN3Ii2r14tNiFzB61GaCNjr1MtnEe1qikwCAuaQEeNvGgIuZnSa2 nhgY9ZBYd3hYykd7gckNxI3vgnxUSqutpF41nAaNcctjGeljS96oDpJVFmXZm8hu tQgf+2o2YRIpLqFL2xYz7tCA8IzaSOtOvgsjq0O7fDTuQL8WjtAvBfBvlBk99Gna KrNqpeO2aLmsVlzdXWxIE5PVapfW+EXiMxQg6HPMvgCJf2NhInDiN3LJC4jUS3Y3 fNRosCYDuQsSyI34QyOc+f3sBp9LnkNunH3y/yruhhHVdoOFTndCWPrrTv4vAwQw CA== -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:20 2025 by rpki-client on console.sobornost.net