$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa File: AS7597.roa (raw, json) Hash identifier: RSdn+noG+WfpoClhm7OgRTwmTsa6rh0DlbPZuHLeMUw= Subject key identifier: C4:44:5C:3D:09:57:6F:96:7C:06:22:BC:5F:71:DC:EC:E2:B0:E1:05 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3B09A1D078095B58AAA564DED03EAB6FDF9C4D17 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa Signing time: Mon 21 Aug 2023 07:26:17 +0000 ROA not before: Mon 21 Aug 2023 07:21:17 +0000 ROA not after: Mon 19 Aug 2024 07:26:17 +0000 asID: 7597 IP address blocks: 123.108.8.0/21 maxlen: 24 203.119.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 19:50:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:09:a1:d0:78:09:5b:58:aa:a5:64:de:d0:3e:ab:6f:df:9c:4d:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 21 07:21:17 2023 GMT Not After : Aug 19 07:26:17 2024 GMT Subject: CN=C4445C3D09576F967C0622BC5F71DCECE2B0E105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:77:55:17:9a:ef:5a:9e:27:3d:17:7e:e6:17: 58:69:be:00:06:a6:dd:91:5a:5e:fe:42:c5:fe:05: 08:d3:6f:63:ed:cf:3c:dd:de:82:66:19:af:3a:ee: 5b:50:23:92:7c:b3:de:86:0e:07:cc:d8:06:96:ca: 4e:29:9a:c8:47:cb:e6:ba:b8:26:41:30:30:a5:8e: 5c:b4:86:ac:19:4f:e6:43:b2:df:ba:14:07:9e:0b: 4f:23:c0:0c:f4:66:ce:a2:a5:7c:12:8f:9e:33:6a: 60:5a:46:07:de:5a:2d:8f:67:b8:fb:dd:cc:af:29: 18:45:f6:87:88:ca:62:41:9e:be:f0:b8:3f:ff:70: 39:02:b9:f2:ec:3c:6e:a4:de:fb:80:03:65:3c:b5: 89:2a:95:44:0a:15:3d:30:5e:bc:c1:29:d3:6e:f7: 0f:f7:75:69:36:3a:a2:f8:a4:35:48:33:7b:b0:e2: 37:1e:86:2f:b5:5a:3f:27:16:cf:3f:5b:bc:71:d8: 47:68:91:4a:93:00:91:ff:77:f3:22:b4:48:fb:76: e0:b1:63:24:ed:a9:19:0f:4a:a6:ef:17:3a:2c:6a: db:a6:c4:e1:30:f2:4b:c8:22:0a:cc:22:0a:5a:5e: ae:ee:c6:e6:8e:a1:f2:41:89:b0:24:4a:67:65:06: 32:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:44:5C:3D:09:57:6F:96:7C:06:22:BC:5F:71:DC:EC:E2:B0:E1:05 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS7597.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 123.108.8.0/21 203.119.13.0/24 Signature Algorithm: sha256WithRSAEncryption 32:44:c9:55:11:ea:85:b6:d7:67:90:d0:96:50:69:9a:a6:03: 69:a4:fd:f9:79:d4:e3:22:88:9b:a8:40:23:63:a2:2d:de:03: e0:d1:31:fc:a9:58:0b:14:2d:65:ce:76:3d:a3:5d:de:8f:c9: e9:ff:71:3f:c4:c6:c8:92:5e:c1:1d:1a:16:e5:08:57:05:e3: a6:e0:89:12:b5:59:81:2c:74:f3:55:c2:e0:ad:5a:5a:b9:5b: 82:35:93:74:e7:35:57:6d:37:00:50:17:8c:a4:90:5c:3f:15: 37:d0:7c:5c:cb:e2:c6:03:e4:57:a6:f0:a2:2a:b4:f7:44:da: fc:06:fb:fa:ec:00:29:53:fe:f3:0c:fa:ea:d2:b9:e8:1e:e7: 86:fb:d7:5d:11:d0:06:a3:9a:ef:4e:95:68:9d:f9:f4:75:59: ac:56:82:28:da:b5:30:e8:90:ef:25:19:41:8f:4c:6e:dc:7b: ce:db:40:a9:7f:c2:7b:df:e2:d5:42:b4:a9:ab:7c:ba:b7:89: 8e:b2:62:69:47:0f:a4:5d:fb:16:d5:ec:71:da:f2:d7:f7:fb: 89:77:c0:e6:ca:0d:51:77:f8:80:db:a4:41:a8:f9:40:bd:7b: 78:ac:14:df:87:0f:79:44:5f:83:09:8e:36:9f:d0:2d:5c:c3: e6:ba:75:38 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgIUOwmh0HgJW1iqpWTe0D6rb9+cTRcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgyMTA3MjExN1oX DTI0MDgxOTA3MjYxN1owMzExMC8GA1UEAxMoQzQ0NDVDM0QwOTU3NkY5NjdDMDYy MkJDNUY3MURDRUNFMkIwRTEwNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALR3VRea71qeJz0XfuYXWGm+AAam3ZFaXv5Cxf4FCNNvY+3PPN3egmYZrzru W1Ajknyz3oYOB8zYBpbKTimayEfL5rq4JkEwMKWOXLSGrBlP5kOy37oUB54LTyPA DPRmzqKlfBKPnjNqYFpGB95aLY9nuPvdzK8pGEX2h4jKYkGevvC4P/9wOQK58uw8 bqTe+4ADZTy1iSqVRAoVPTBevMEp0273D/d1aTY6ovikNUgze7DiNx6GL7VaPycW zz9bvHHYR2iRSpMAkf938yK0SPt24LFjJO2pGQ9Kpu8XOixq26bE4TDyS8giCswi Clperu7G5o6h8kGJsCRKZ2UGMrMCAwEAAaOCAdQwggHQMB0GA1UdDgQWBBTERFw9 CVdvlnwGIrxfcdzs4rDhBTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFIGCCsGAQUFBwELBEYwRDBCBggrBgEFBQcwC4Y2cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzc1OTcucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIE AgABMAwDBAN7bAgDBADLdw0wDQYJKoZIhvcNAQELBQADggEBADJEyVUR6oW212eQ 0JZQaZqmA2mk/fl51OMiiJuoQCNjoi3eA+DRMfypWAsULWXOdj2jXd6Pyen/cT/E xsiSXsEdGhblCFcF46bgiRK1WYEsdPNVwuCtWlq5W4I1k3TnNVdtNwBQF4ykkFw/ FTfQfFzL4sYD5Fem8KIqtPdE2vwG+/rsAClT/vMM+urSuege54b7110R0Aajmu9O lWid+fR1WaxWgijatTDokO8lGUGPTG7ce87bQKl/wnvf4tVCtKmrfLq3iY6yYmlH D6Rd+xbV7HHa8tf3+4l3wObKDVF3+IDbpEGo+UC9e3isFN+HD3lEX4MJjjaf0C1c w+a6dTg= -----END CERTIFICATE-----Generated at Sat May 4 17:59:17 2024 by rpki-client on console-fra.rpki-client.org