$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa File: AS133811.roa (raw, json) Hash identifier: HB+lKxJxgIBW+CKa96PVir1VKLh0uUNZv4w4pMPZ5j4= Subject key identifier: AC:78:CD:09:F4:FC:9C:EE:AE:F6:00:87:21:F0:5A:AB:DF:2B:97:4D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6429F1DACECA7E5C6CF35960228BFD319A13B5C1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa Signing time: Tue 09 Jan 2024 04:00:12 +0000 ROA not before: Tue 09 Jan 2024 03:55:12 +0000 ROA not after: Tue 07 Jan 2025 04:00:12 +0000 asID: 133811 IP address blocks: 2406:ef40::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 00:40:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:29:f1:da:ce:ca:7e:5c:6c:f3:59:60:22:8b:fd:31:9a:13:b5:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:12 2024 GMT Not After : Jan 7 04:00:12 2025 GMT Subject: CN=AC78CD09F4FC9CEEAEF6008721F05AABDF2B974D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:66:57:87:60:c6:8b:9c:7c:7e:3b:1d:a5:08: 39:b3:7b:82:7d:47:83:ad:d8:4a:2d:0d:b6:5d:26: 63:d7:f9:91:25:fb:15:cd:4c:9c:52:10:4b:24:78: 47:bb:30:29:89:c7:5a:72:a9:1b:88:ad:7d:89:e5: 23:a0:66:88:c0:0f:4a:b0:ce:26:ae:0c:bf:95:22: 1f:14:5d:fe:8e:51:4c:a6:08:c6:96:31:45:d4:86: a2:7c:b7:70:60:60:62:3e:c9:5c:5c:bd:71:7c:69: 4a:25:46:3a:e3:71:0d:41:6f:f4:e3:23:f5:10:63: ab:ba:07:54:ab:63:63:c1:99:ac:b9:75:61:aa:66: 5b:8c:ad:38:3f:70:38:a0:70:0c:da:e3:26:35:a6: 18:26:28:94:7a:7e:52:46:54:17:af:7c:d8:c5:5d: 79:4e:0d:c3:ea:b7:05:d9:65:90:45:c4:7e:9d:66: 27:d3:89:96:22:e3:8c:ce:4c:3a:0d:a8:7a:43:07: 24:4b:af:12:ca:99:0f:9d:90:dc:33:aa:22:19:53: a8:89:b1:c7:39:e5:6d:89:5b:66:6d:cf:26:ea:c8: 10:d0:43:a4:7c:f4:d4:24:6f:64:95:d0:8b:94:56: f1:1e:ee:3c:51:e6:72:ba:6d:ac:66:0b:97:8f:8f: 1a:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:78:CD:09:F4:FC:9C:EE:AE:F6:00:87:21:F0:5A:AB:DF:2B:97:4D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS133811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:ef40::/32 Signature Algorithm: sha256WithRSAEncryption 81:c1:e2:0f:19:ef:ce:1e:80:ce:96:c1:f2:a2:af:5c:06:d0: f4:12:13:96:f7:7b:37:eb:bb:70:d4:5d:93:62:59:79:ab:04: 5e:5b:bf:1c:f4:a4:58:3e:fc:b0:5f:cd:5c:65:4f:e6:be:0a: 00:0d:f2:54:a7:3a:09:2b:3e:77:39:57:23:2c:a9:0d:d5:16: 8f:0b:4d:db:91:27:6a:39:52:09:45:3f:42:17:b9:fe:8f:20: c7:b7:f6:ba:3d:2e:cd:a3:1b:cf:09:80:dd:a2:b5:1c:d2:81: 5e:77:f8:77:b4:b9:70:fb:a1:30:9b:77:f0:19:93:90:ee:0f: 1f:6a:be:de:dc:05:4d:93:c9:41:7d:ce:10:42:38:6d:e1:7d: 90:1b:04:f1:bd:72:c5:b4:d6:45:98:f5:36:f1:d6:47:a8:03: 33:30:85:c5:0e:85:0e:63:9e:12:14:f7:4d:cd:67:25:db:42: df:44:1f:63:71:92:8e:a1:bc:91:65:2c:43:23:11:a1:23:8d: f5:99:ae:4a:25:6a:84:fe:f5:29:4f:9e:fc:ea:72:d2:ee:8e: 63:4e:d8:5e:b2:bb:4a:2b:91:29:c4:ce:45:fd:1d:11:ad:05: e2:1a:32:9f:2d:e2:d5:ea:5c:e6:50:f9:99:c6:5b:3e:1b:49: a2:67:82:02 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUZCnx2s7Kflxs81lgIov9MZoTtcEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxMloX DTI1MDEwNzA0MDAxMlowMzExMC8GA1UEAxMoQUM3OENEMDlGNEZDOUNFRUFFRjYw MDg3MjFGMDVBQUJERjJCOTc0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNmV4dgxoucfH47HaUIObN7gn1Hg63YSi0Ntl0mY9f5kSX7Fc1MnFIQSyR4 R7swKYnHWnKpG4itfYnlI6BmiMAPSrDOJq4Mv5UiHxRd/o5RTKYIxpYxRdSGony3 cGBgYj7JXFy9cXxpSiVGOuNxDUFv9OMj9RBjq7oHVKtjY8GZrLl1YapmW4ytOD9w OKBwDNrjJjWmGCYolHp+UkZUF6982MVdeU4Nw+q3BdllkEXEfp1mJ9OJliLjjM5M Og2oekMHJEuvEsqZD52Q3DOqIhlTqImxxznlbYlbZm3PJurIENBDpHz01CRvZJXQ i5RW8R7uPFHmcrptrGYLl4+PGh8CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBSseM0J 9Pyc7q72AIch8Fqr3yuXTTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMzgxMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQG70AwDQYJKoZIhvcNAQELBQADggEBAIHB4g8Z784egM6WwfKi r1wG0PQSE5b3ezfru3DUXZNiWXmrBF5bvxz0pFg+/LBfzVxlT+a+CgAN8lSnOgkr Pnc5VyMsqQ3VFo8LTduRJ2o5UglFP0IXuf6PIMe39ro9Ls2jG88JgN2itRzSgV53 +He0uXD7oTCbd/AZk5DuDx9qvt7cBU2TyUF9zhBCOG3hfZAbBPG9csW01kWY9Tbx 1keoAzMwhcUOhQ5jnhIU903NZyXbQt9EH2Nxko6hvJFlLEMjEaEjjfWZrkolaoT+ 9SlPnvzqctLujmNO2F6yu0orkSnEzkX9HRGtBeIaMp8t4tXqXOZQ+ZnGWz4bSaJn ggI= -----END CERTIFICATE-----Generated at Thu May 2 17:16:28 2024 by rpki-client on console-ams.rpki-client.org