$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153673.roa File: AS153673.roa (raw, json) Hash identifier: 0qEuOeS5akEkRfYdt0tR4uLW6CRCtcwDSwPuYl6oHcI= Subject key identifier: 2E:4A:8A:BC:EA:B9:28:41:02:7D:1D:B2:BF:75:2A:4E:19:09:82:C2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 732CC36DA3CB29E717F6391546C7E097F8DC502B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153673.roa Signing time: Tue 11 Mar 2025 00:33:46 +0000 ROA not before: Tue 11 Mar 2025 00:28:46 +0000 ROA not after: Tue 10 Mar 2026 00:33:46 +0000 asID: 153673 IP address blocks: 163.223.2.0/23 maxlen: 24 2001:df5:2ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:2c:c3:6d:a3:cb:29:e7:17:f6:39:15:46:c7:e0:97:f8:dc:50:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 11 00:28:46 2025 GMT Not After : Mar 10 00:33:46 2026 GMT Subject: CN=2E4A8ABCEAB92841027D1DB2BF752A4E190982C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f9:f6:51:1b:be:18:08:6b:8d:b4:36:88:7f: 18:59:e7:61:dc:f8:90:7e:d3:e0:1c:51:d6:8b:cd: 06:e2:f9:40:b5:fb:cb:c9:f3:09:86:29:20:ef:78: a9:a7:05:15:2a:c2:ad:16:e6:12:00:65:0d:44:bc: df:bb:64:5f:72:1b:87:b1:26:86:92:75:56:fd:f0: 23:00:67:f1:38:61:f2:4c:65:8e:19:11:64:c3:5d: 68:b8:1b:4c:42:06:dd:91:99:cb:bd:da:f1:03:49: ad:cb:8e:36:4a:a6:00:46:2b:5c:5d:fc:67:4b:ee: 81:09:25:2e:81:46:aa:e3:f0:cb:81:80:9a:1e:ff: cf:7c:df:c9:58:db:f8:a8:fe:32:fa:a7:31:71:3d: 02:7e:7b:28:34:0c:65:ad:a4:53:98:9f:bf:27:8f: 16:c5:ec:be:ae:22:ce:a1:55:2d:06:e8:e3:d2:0e: b6:4c:f5:cb:da:4e:4f:48:03:35:0f:26:76:30:35: 14:92:ee:92:2d:ec:6d:01:6c:4e:e0:67:60:11:c0: 11:ff:21:13:6c:3e:7d:1f:52:16:e7:ad:40:d8:1b: 01:e2:99:b3:69:b7:8c:bb:45:fd:7b:26:32:8a:a6: a7:d9:9d:3e:31:7b:2a:08:fd:8f:ff:c7:6b:a5:31: bf:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:4A:8A:BC:EA:B9:28:41:02:7D:1D:B2:BF:75:2A:4E:19:09:82:C2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS153673.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 163.223.2.0/23 IPv6: 2001:df5:2ac0::/48 Signature Algorithm: sha256WithRSAEncryption 3f:11:02:57:8f:d7:f4:9d:be:69:e6:07:94:c9:da:59:e4:0c: 8b:24:be:4f:4f:ed:c9:5b:68:08:23:28:83:b1:14:2d:de:23: 89:e1:76:23:b9:41:5b:10:49:16:6d:e3:6d:34:81:8a:95:9a: c9:f0:2e:9b:81:72:48:61:ee:97:fe:5a:60:31:ce:66:b9:9b: b9:ef:c0:7a:38:c5:bc:f7:86:c3:9e:f7:c0:72:62:6c:02:6d: ce:85:ff:f2:27:a4:5e:97:cc:97:89:4c:81:b0:d1:d0:33:a4: 2f:36:4c:65:d3:c2:94:66:6e:82:4d:56:eb:b2:7b:55:df:5d: c7:9d:4a:6e:49:03:11:64:2b:87:8c:ed:9c:0a:20:3a:21:98: cf:65:9e:fd:bf:f6:30:6f:3d:c6:17:67:b3:b9:2e:09:89:04: 8b:4f:87:a0:4c:47:9c:47:12:5f:9d:82:bc:a9:64:12:b9:34: 4d:1c:5c:eb:22:05:82:9b:f4:84:9a:17:45:44:25:e9:bc:57: 0e:28:68:36:10:dd:16:76:32:c6:77:0c:4b:01:8e:f1:4e:21: 48:9a:44:7a:cf:fc:74:d9:54:44:88:7b:dd:b7:67:b2:ac:b7: a8:98:e7:73:8f:b0:d5:42:68:da:fd:ab:3c:eb:a1:10:55:5a: 04:62:a8:e0 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUcyzDbaPLKecX9jkVRsfgl/jcUCswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMxMTAwMjg0NloX DTI2MDMxMDAwMzM0NlowMzExMC8GA1UEAxMoMkU0QThBQkNFQUI5Mjg0MTAyN0Qx REIyQkY3NTJBNEUxOTA5ODJDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALv59lEbvhgIa420Noh/GFnnYdz4kH7T4BxR1ovNBuL5QLX7y8nzCYYpIO94 qacFFSrCrRbmEgBlDUS837tkX3Ibh7EmhpJ1Vv3wIwBn8Thh8kxljhkRZMNdaLgb TEIG3ZGZy73a8QNJrcuONkqmAEYrXF38Z0vugQklLoFGquPwy4GAmh7/z3zfyVjb +Kj+MvqnMXE9An57KDQMZa2kU5ifvyePFsXsvq4izqFVLQbo49IOtkz1y9pOT0gD NQ8mdjA1FJLuki3sbQFsTuBnYBHAEf8hE2w+fR9SFuetQNgbAeKZs2m3jLtF/Xsm Moqmp9mdPjF7Kgj9j//Ha6Uxv+0CAwEAAaOCAeEwggHdMB0GA1UdDgQWBBQuSoq8 6rkoQQJ9HbK/dSpOGQmCwjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MzY3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAaPfAjAPBAIAAjAJAwcAIAEN9SrAMA0GCSqGSIb3DQEBCwUAA4IB AQA/EQJXj9f0nb5p5geUydpZ5AyLJL5PT+3JW2gIIyiDsRQt3iOJ4XYjuUFbEEkW beNtNIGKlZrJ8C6bgXJIYe6X/lpgMc5muZu578B6OMW894bDnvfAcmJsAm3Ohf/y J6Rel8yXiUyBsNHQM6QvNkxl08KUZm6CTVbrsntV313HnUpuSQMRZCuHjO2cCiA6 IZjPZZ79v/Ywbz3GF2ezuS4JiQSLT4egTEecRxJfnYK8qWQSuTRNHFzrIgWCm/SE mhdFRCXpvFcOKGg2EN0WdjLGdwxLAY7xTiFImkR6z/x02VREiHvdt2eyrLeomOdz j7DVQmja/as866EQVVoEYqjg -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:20 2025 by rpki-client on console.sobornost.net