$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153141.roa File: AS153141.roa (raw, json) Hash identifier: LIwGvU8cJpyqRXE/g+S/63KrtARyBqPEjEYJOT8+JFk= Subject key identifier: 76:55:C2:20:8E:29:AB:7C:97:62:D3:0C:99:1C:E6:BC:A8:CE:BC:1D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0D1CC77D68A83D755DA8D8CA3D83A8859C5AE283 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153141.roa Signing time: Mon 20 Jan 2025 02:46:01 +0000 ROA not before: Mon 20 Jan 2025 02:41:01 +0000 ROA not after: Mon 19 Jan 2026 02:46:01 +0000 asID: 153141 IP address blocks: 2001:df4:84c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:1c:c7:7d:68:a8:3d:75:5d:a8:d8:ca:3d:83:a8:85:9c:5a:e2:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 20 02:41:01 2025 GMT Not After : Jan 19 02:46:01 2026 GMT Subject: CN=7655C2208E29AB7C9762D30C991CE6BCA8CEBC1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:52:67:49:3e:4a:ec:25:51:45:a6:d5:b8:4d: 20:a2:ce:e2:57:9f:4a:ee:f1:6a:04:20:d3:2f:1c: 67:8d:c9:3c:97:51:0e:fa:12:d7:13:4d:f7:67:61: 4d:fc:94:2a:cc:3b:d6:f5:28:90:75:0b:bf:ff:e1: 2e:cd:62:05:f4:e6:4f:72:c2:04:21:e4:c6:c8:ab: 79:a4:ef:63:17:f2:22:fd:fc:3a:1c:64:25:7f:7b: a0:91:b7:73:13:85:b5:bb:03:8e:15:1d:12:d5:91: e8:42:3d:d3:17:5f:a9:46:b3:39:6d:77:b0:e4:ea: 02:96:82:e7:51:9a:7d:1c:38:81:d0:25:cf:f6:ea: 5a:2a:ed:72:6c:f8:60:12:f1:10:fd:40:9d:48:a6: af:04:ea:11:f2:73:c3:44:be:e5:96:46:7a:49:93: 54:c1:90:32:bd:4b:24:ab:ed:92:5d:c8:90:99:d3: 01:99:dd:5d:61:a4:3e:47:f4:83:ff:ab:61:ae:7f: fe:94:cf:2a:1e:d9:c4:31:28:4f:e7:63:fc:30:6c: b0:fa:9c:52:a6:c4:43:82:92:14:b6:82:24:50:f7: 2a:ab:0a:5c:06:32:41:d0:ef:c1:43:7c:ed:1c:b1: 57:ec:18:b9:b6:f7:f0:ae:27:e2:60:07:65:ee:7b: d1:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:55:C2:20:8E:29:AB:7C:97:62:D3:0C:99:1C:E6:BC:A8:CE:BC:1D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153141.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:84c0::/48 Signature Algorithm: sha256WithRSAEncryption 5a:69:7b:c8:71:95:eb:b3:bf:55:71:d5:a6:03:1d:22:7a:9f: c6:e8:fa:a8:e6:67:7d:29:2d:1e:96:2d:65:02:1d:f8:f0:cb: 78:9d:75:d5:1b:23:d4:23:c1:5f:3c:27:74:f3:35:82:89:18: d6:27:53:bb:2c:ed:59:e5:1c:e8:a0:5a:0d:e9:b4:9a:98:81: a7:a9:44:9a:c8:4b:d8:4b:71:d0:bf:cd:3f:94:b0:31:5e:4b: 54:8b:db:17:e5:e9:60:ef:65:8e:6d:a4:7d:f1:f8:7b:f8:10: 98:21:a3:26:bc:21:74:07:e5:1f:0b:3c:2b:3b:67:d9:51:ec: 8c:7f:71:60:7e:90:7c:c7:20:a9:39:fb:18:0e:b9:9e:6a:2e: 03:a6:41:99:e6:e3:b1:45:3d:9f:6f:04:27:e3:be:81:66:a6: 68:07:d1:d0:f0:76:b5:c2:17:8b:4d:97:58:60:bc:bc:93:d9: a4:e8:f8:b7:26:ba:1c:e9:40:bb:c2:cb:eb:b3:fb:d2:06:71: 3a:e9:91:2a:52:08:b7:1b:4d:14:7c:d5:aa:2f:36:5f:d1:59: 18:3b:65:76:07:b6:fc:1b:29:49:17:0c:70:ff:50:ef:64:b4: 6e:d3:68:a9:9a:59:20:fb:54:ac:ca:db:33:d0:e3:9c:f2:cb: 5e:19:44:d6 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUDRzHfWioPXVdqNjKPYOohZxa4oMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEyMDAyNDEwMVoX DTI2MDExOTAyNDYwMVowMzExMC8GA1UEAxMoNzY1NUMyMjA4RTI5QUI3Qzk3NjJE MzBDOTkxQ0U2QkNBOENFQkMxRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN1SZ0k+SuwlUUWm1bhNIKLO4lefSu7xagQg0y8cZ43JPJdRDvoS1xNN92dh TfyUKsw71vUokHULv//hLs1iBfTmT3LCBCHkxsireaTvYxfyIv38OhxkJX97oJG3 cxOFtbsDjhUdEtWR6EI90xdfqUazOW13sOTqApaC51GafRw4gdAlz/bqWirtcmz4 YBLxEP1AnUimrwTqEfJzw0S+5ZZGekmTVMGQMr1LJKvtkl3IkJnTAZndXWGkPkf0 g/+rYa5//pTPKh7ZxDEoT+dj/DBssPqcUqbEQ4KSFLaCJFD3KqsKXAYyQdDvwUN8 7RyxV+wYubb38K4n4mAHZe570cECAwEAAaOCAdMwggHPMB0GA1UdDgQWBBR2VcIg jimrfJdi0wyZHOa8qM68HTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzE0MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfSEwDANBgkqhkiG9w0BAQsFAAOCAQEAWml7yHGV67O/VXHV pgMdInqfxuj6qOZnfSktHpYtZQId+PDLeJ111Rsj1CPBXzwndPM1gokY1idTuyzt WeUc6KBaDem0mpiBp6lEmshL2Etx0L/NP5SwMV5LVIvbF+XpYO9ljm2kffH4e/gQ mCGjJrwhdAflHws8Kztn2VHsjH9xYH6QfMcgqTn7GA65nmouA6ZBmebjsUU9n28E J+O+gWamaAfR0PB2tcIXi02XWGC8vJPZpOj4tya6HOlAu8LL67P70gZxOumRKlII txtNFHzVqi82X9FZGDtldge2/BspSRcMcP9Q72S0btNoqZpZIPtUrMrbM9DjnPLL XhlE1g== -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:20 2025 by rpki-client on console.sobornost.net