$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152057.roa File: AS152057.roa (raw, json) Hash identifier: qvCesvqqEHoAhdVd9iiZgyZkDHMVclLRSz4oI3acW0M= Subject key identifier: 68:DE:66:DA:04:D9:E1:73:28:D3:03:04:57:68:A8:92:99:18:6E:1E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4E6D086321A2C0000400C6F4F6D94AD7F4DE45A5 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152057.roa Signing time: Wed 05 Feb 2025 04:41:45 +0000 ROA not before: Wed 05 Feb 2025 04:36:45 +0000 ROA not after: Wed 04 Feb 2026 04:41:45 +0000 asID: 152057 IP address blocks: 2407:87c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:6d:08:63:21:a2:c0:00:04:00:c6:f4:f6:d9:4a:d7:f4:de:45:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 5 04:36:45 2025 GMT Not After : Feb 4 04:41:45 2026 GMT Subject: CN=68DE66DA04D9E17328D303045768A89299186E1E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:26:e7:97:a2:ec:c0:e3:c3:9e:78:3a:fa:bb: dd:0f:21:b8:d6:f6:82:84:c8:75:b8:bd:cb:b7:21: 2d:f0:29:d2:60:d8:b1:94:31:c9:ff:53:96:49:db: 29:9b:5e:d3:52:44:cc:9d:9d:11:d4:78:be:97:07: ce:59:2b:ef:77:7e:bd:a3:59:00:20:a2:4b:a9:7b: dc:43:93:20:60:8e:14:58:08:b3:d2:4e:8e:9d:16: b1:17:0f:a5:94:e6:f7:ba:00:b7:b8:da:8b:d9:48: 23:df:42:a5:2d:91:bf:2f:22:db:27:f8:9e:e4:4f: a0:12:d4:88:8c:36:4d:2f:1a:22:d3:8f:02:f1:91: a4:ff:f4:0c:b7:ec:3a:20:6c:ca:3d:2a:a0:a2:a5: a5:f4:e7:e5:fc:78:56:16:ea:b4:a5:c1:2c:1c:71: 4b:83:3f:6d:52:5e:80:01:f0:f8:30:dd:e5:e9:c8: 23:ec:fb:89:7d:d0:dd:1e:3d:23:2d:45:cc:a0:95: d4:10:1c:64:ee:c7:22:94:a6:f1:c0:7d:41:c0:49: 4b:3b:19:b9:1d:a3:53:b6:f0:ae:c9:24:91:e4:e6: e4:b4:75:03:48:85:92:55:89:75:50:c9:d7:3b:f7: 65:cc:a2:15:08:80:ec:a2:29:fd:fa:c6:67:53:08: 89:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:DE:66:DA:04:D9:E1:73:28:D3:03:04:57:68:A8:92:99:18:6E:1E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152057.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:87c0::/32 Signature Algorithm: sha256WithRSAEncryption 66:ae:33:2a:a3:c2:15:24:c4:f6:42:50:8a:72:58:65:d7:5c: a2:41:6a:50:45:01:e2:04:88:db:dd:2b:8c:de:db:f1:b0:1d: c2:6b:15:e3:02:c8:cc:0a:07:49:b9:bd:44:5f:3d:3f:12:b6: a0:74:8e:a1:37:f9:04:d7:0a:82:02:f1:32:ad:e3:58:38:4f: 56:3d:92:13:c7:b1:4a:63:88:ab:97:25:b3:e9:ea:65:15:44: cb:88:e1:2a:6e:6c:e0:b1:6a:9f:fd:47:58:a1:ba:9e:c8:3c: e8:a8:5b:9b:d4:1c:ad:82:6e:a6:fa:51:48:87:9f:be:04:73: ef:03:ed:63:ac:3c:42:39:b2:74:d5:16:51:b3:ba:84:38:1a: ba:1e:a4:d3:c3:36:79:00:5d:9a:aa:0f:45:4e:58:d5:be:b5: 99:0f:44:2f:e0:c2:68:b0:8a:88:cb:9b:9d:9c:0a:98:25:ac: eb:e4:b7:78:ad:ae:ad:f2:fc:34:d5:dc:b3:2f:6b:da:47:56: f6:0c:82:6e:23:fe:a8:8b:5c:3f:d9:3a:87:59:22:ec:5d:ab: 5f:8d:71:5d:7d:05:35:d3:ed:0f:37:be:83:04:98:11:74:18: ab:9e:04:e7:05:fe:51:77:ec:7e:92:a0:24:5b:2a:11:fd:94: 58:d0:6f:be -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUTm0IYyGiwAAEAMb09tlK1/TeRaUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwNTA0MzY0NVoX DTI2MDIwNDA0NDE0NVowMzExMC8GA1UEAxMoNjhERTY2REEwNEQ5RTE3MzI4RDMw MzA0NTc2OEE4OTI5OTE4NkUxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMom55ei7MDjw554Ovq73Q8huNb2goTIdbi9y7chLfAp0mDYsZQxyf9Tlknb KZte01JEzJ2dEdR4vpcHzlkr73d+vaNZACCiS6l73EOTIGCOFFgIs9JOjp0WsRcP pZTm97oAt7jai9lII99CpS2Rvy8i2yf4nuRPoBLUiIw2TS8aItOPAvGRpP/0DLfs OiBsyj0qoKKlpfTn5fx4VhbqtKXBLBxxS4M/bVJegAHw+DDd5enII+z7iX3Q3R49 Iy1FzKCV1BAcZO7HIpSm8cB9QcBJSzsZuR2jU7bwrskkkeTm5LR1A0iFklWJdVDJ 1zv3ZcyiFQiA7KIp/frGZ1MIiT8CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBRo3mba BNnhcyjTAwRXaKiSmRhuHjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjA1Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQHh8AwDQYJKoZIhvcNAQELBQADggEBAGauMyqjwhUkxPZCUIpy WGXXXKJBalBFAeIEiNvdK4ze2/GwHcJrFeMCyMwKB0m5vURfPT8StqB0jqE3+QTX CoIC8TKt41g4T1Y9khPHsUpjiKuXJbPp6mUVRMuI4SpubOCxap/9R1ihup7IPOio W5vUHK2Cbqb6UUiHn74Ec+8D7WOsPEI5snTVFlGzuoQ4GroepNPDNnkAXZqqD0VO WNW+tZkPRC/gwmiwiojLm52cCpglrOvkt3itrq3y/DTV3LMva9pHVvYMgm4j/qiL XD/ZOodZIuxdq1+NcV19BTXT7Q83voMEmBF0GKueBOcF/lF37H6SoCRbKhH9lFjQ b74= -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:20 2025 by rpki-client on console.sobornost.net