$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa File: AS153140.roa (raw, json) Hash identifier: 9cVRA2RnVYpiWu/4k8qSDD4pCe9AV2jCXYj9UmxPdvE= Subject key identifier: 54:22:5C:66:E3:67:5E:55:E6:46:54:38:62:56:F8:F7:03:C3:A2:5A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7921FC627E562E5CA5E2C058AF5A46C3FBC5A475 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa Signing time: Tue 10 Dec 2024 10:31:48 +0000 ROA not before: Tue 10 Dec 2024 10:26:48 +0000 ROA not after: Tue 09 Dec 2025 10:31:48 +0000 asID: 153140 IP address blocks: 2001:df4:64c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:21:fc:62:7e:56:2e:5c:a5:e2:c0:58:af:5a:46:c3:fb:c5:a4:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 10 10:26:48 2024 GMT Not After : Dec 9 10:31:48 2025 GMT Subject: CN=54225C66E3675E55E64654386256F8F703C3A25A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3b:61:cb:7c:29:dc:bb:9d:5f:01:1d:b7:1e: 4f:53:e7:96:d7:a2:df:45:a3:1d:9d:14:b2:56:86: 1e:88:df:2b:05:a3:9a:d1:56:7a:9a:f0:1a:6d:2b: 0c:44:cc:40:68:93:cc:2d:0f:b4:4f:3d:8d:4e:2d: c3:4b:e6:bf:a8:7d:2c:fc:3e:3c:b3:11:4a:a5:b3: 80:db:55:60:7e:34:49:97:38:40:6b:03:22:fd:a4: 1f:90:df:e8:72:d2:9f:c4:7f:9d:67:ed:97:19:31: 39:99:7f:d6:9d:f4:6c:5e:35:54:8a:ce:fb:81:59: 5d:9b:6b:97:29:53:a5:26:9d:97:5b:41:14:2b:49: 90:c4:05:36:5f:1a:db:fe:7d:d5:83:81:2e:87:7e: 9b:ea:d5:d4:ce:26:01:03:7c:cc:58:7b:0e:48:f0: 7f:72:44:b6:07:5b:ac:d5:88:68:e5:ca:99:a5:c3: d0:19:e2:22:8a:90:c6:96:08:ae:ac:a7:06:4c:07: 21:c6:57:85:f2:e7:72:54:e2:ce:23:3d:16:5c:45: 11:7c:71:1e:36:a5:84:4a:7f:59:07:21:d8:58:81: 31:eb:49:45:4a:f9:ff:d2:45:46:46:fd:6c:00:e7: 24:19:ec:4f:e0:1d:69:1d:e6:ff:9c:bc:65:22:4c: 69:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:22:5C:66:E3:67:5E:55:E6:46:54:38:62:56:F8:F7:03:C3:A2:5A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153140.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:64c0::/48 Signature Algorithm: sha256WithRSAEncryption 54:62:8f:cc:ac:de:4b:9d:93:6c:1e:1a:9e:8c:9e:40:33:96: 39:8e:a0:68:79:b4:8e:9a:71:19:9e:97:8f:c1:d7:52:41:5f: 82:bc:62:d2:9e:5e:1d:69:11:b1:86:cd:a5:ec:b8:32:2c:4b: 8f:70:eb:e1:03:53:ea:39:b0:1a:a0:fb:c1:d4:39:27:2a:8c: e3:63:64:fb:51:2b:a6:e7:a7:85:35:6f:3a:e9:fb:51:dd:bc: bd:db:86:1d:e2:c4:25:3e:79:ad:b3:94:cb:08:60:84:f5:85: 94:12:a6:c5:68:a7:26:7d:8b:c0:b4:55:04:d9:f2:3d:c8:28: c4:f4:f9:0b:ba:c9:48:15:0d:ee:8d:76:dc:5a:b3:bc:60:38: d2:09:f3:54:28:86:b4:3f:e3:47:4d:f1:54:b4:88:5e:7a:b7: 08:c6:cd:1f:1d:d3:71:b6:df:2f:62:28:48:78:53:7c:ee:7b: 60:ef:a1:97:dd:e3:2e:f8:a0:d2:da:80:7e:bb:c0:42:7b:d2: f6:58:8f:fb:46:b0:95:4a:44:7b:0f:b5:1d:78:7b:59:b9:55: 58:da:54:72:e6:16:8b:72:9e:06:35:49:c0:0e:64:08:0b:bc: 03:00:e3:53:b4:70:30:cf:4d:0b:59:2f:e3:1b:d5:fe:89:e6: 21:20:7a:92 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUeSH8Yn5WLlyl4sBYr1pGw/vFpHUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDEwMjY0OFoX DTI1MTIwOTEwMzE0OFowMzExMC8GA1UEAxMoNTQyMjVDNjZFMzY3NUU1NUU2NDY1 NDM4NjI1NkY4RjcwM0MzQTI1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKk7Yct8Kdy7nV8BHbceT1Pnltei30WjHZ0UslaGHojfKwWjmtFWeprwGm0r DETMQGiTzC0PtE89jU4tw0vmv6h9LPw+PLMRSqWzgNtVYH40SZc4QGsDIv2kH5Df 6HLSn8R/nWftlxkxOZl/1p30bF41VIrO+4FZXZtrlylTpSadl1tBFCtJkMQFNl8a 2/591YOBLod+m+rV1M4mAQN8zFh7Dkjwf3JEtgdbrNWIaOXKmaXD0BniIoqQxpYI rqynBkwHIcZXhfLnclTiziM9FlxFEXxxHjalhEp/WQch2FiBMetJRUr5/9JFRkb9 bADnJBnsT+AdaR3m/5y8ZSJMaZsCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRUIlxm 42deVeZGVDhiVvj3A8OiWjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfRkwDANBgkqhkiG9w0BAQsFAAOCAQEAVGKPzKzeS52TbB4a noyeQDOWOY6gaHm0jppxGZ6Xj8HXUkFfgrxi0p5eHWkRsYbNpey4MixLj3Dr4QNT 6jmwGqD7wdQ5JyqM42Nk+1ErpuenhTVvOun7Ud28vduGHeLEJT55rbOUywhghPWF lBKmxWinJn2LwLRVBNnyPcgoxPT5C7rJSBUN7o123FqzvGA40gnzVCiGtD/jR03x VLSIXnq3CMbNHx3TcbbfL2IoSHhTfO57YO+hl93jLvig0tqAfrvAQnvS9liP+0aw lUpEew+1HXh7WblVWNpUcuYWi3KeBjVJwA5kCAu8AwDjU7RwMM9NC1kv4xvV/onm ISB6kg== -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:20 2025 by rpki-client on console.sobornost.net