$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa File: AS17885.roa (raw, json) Hash identifier: Hrw/Bx/6mEnK2f91wIyEGNRzxwWv30dDgbF4gTiEsOM= Subject key identifier: 94:89:A6:CE:8F:37:68:A6:8C:45:4E:46:36:00:FE:8A:80:1B:79:BC Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Certificate serial: 7702EFE0BFBD3E1C2B1DCC11A5863324682253D0 Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa Signing time: Thu 17 Oct 2024 09:02:21 +0000 ROA not before: Thu 17 Oct 2024 08:57:21 +0000 ROA not after: Thu 16 Oct 2025 09:02:21 +0000 asID: 17885 IP address blocks: 140.213.54.0/24 maxlen: 24 140.213.93.0/24 maxlen: 24 140.213.96.0/24 maxlen: 24 140.213.189.0/24 maxlen: 24 140.213.205.0/24 maxlen: 24 140.213.248.0/24 maxlen: 24 140.213.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:02:ef:e0:bf:bd:3e:1c:2b:1d:cc:11:a5:86:33:24:68:22:53:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Validity Not Before: Oct 17 08:57:21 2024 GMT Not After : Oct 16 09:02:21 2025 GMT Subject: CN=9489A6CE8F3768A68C454E463600FE8A801B79BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ee:5f:93:62:de:4d:a5:71:96:ea:8b:dd:d1: ba:b3:bf:7c:0c:56:f1:2f:a5:a2:7d:a8:c3:b8:c4: d3:41:05:24:10:36:4a:72:40:c7:44:1e:cc:e5:b2: 13:98:4b:af:fc:e3:6f:fc:a1:61:7c:63:14:2e:71: 36:fa:72:2c:40:f7:d6:a7:4d:98:72:d6:2c:cb:32: db:e8:0e:b7:1e:20:93:be:48:91:b6:3c:08:cb:a9: 2f:f3:3e:d8:92:11:eb:ad:75:2b:d1:01:f5:68:7d: f5:0c:65:a4:bf:b3:a9:7f:0b:30:26:ec:e0:ba:27: 4b:5b:5b:4c:d9:a1:1c:4b:be:a7:2a:1c:e4:25:18: dd:b9:93:2b:84:b2:1e:a7:59:92:f8:11:9e:b3:a1: 3d:01:0a:03:a0:7b:8a:c2:dc:b5:a0:d0:26:d9:66: ce:1b:3b:bd:a2:27:bf:7d:d4:ef:1a:2a:da:d2:d4: 79:73:9e:ba:6a:21:7f:0c:34:31:b0:9c:3d:8a:7b: fe:78:56:ee:78:a0:6a:82:2c:f2:32:ef:27:66:10: c8:84:1d:58:4f:7a:bf:cb:0f:ff:11:61:2e:c7:3e: aa:ac:0b:9c:4b:49:aa:18:a5:67:57:06:07:f6:86: ab:78:2c:c6:5b:a8:b5:05:41:dc:3d:2b:ec:ee:34: 29:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:89:A6:CE:8F:37:68:A6:8C:45:4E:46:36:00:FE:8A:80:1B:79:BC X509v3 Authority Key Identifier: keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.54.0/24 140.213.93.0/24 140.213.96.0/24 140.213.189.0/24 140.213.205.0/24 140.213.248.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:56:6a:a6:a1:71:0b:c1:d3:17:3f:93:42:d7:f7:39:99:c2: 01:08:a2:e2:b9:9b:f3:8d:da:ae:c3:c7:ea:50:b3:c4:bf:9f: f7:14:3c:ec:91:dc:09:7e:8d:da:2b:2d:62:e4:dd:a8:5e:e8: 89:b6:f1:ae:60:df:0a:e1:ae:c3:d6:86:19:93:14:a0:f5:e8: 01:6d:b1:cc:d2:13:f0:45:12:e1:7a:00:63:9a:6f:43:1a:a1: b2:e5:1f:05:30:bf:51:98:c0:be:a4:9c:a0:56:64:54:53:6a: 1a:4c:a3:79:0b:47:3f:34:c7:4f:79:96:dd:39:78:dc:2e:c7: 2f:ce:83:67:01:b4:53:f4:29:ee:1e:eb:9c:9a:03:57:ce:8b: 76:f2:de:8c:b9:a5:bd:96:f8:a6:3f:46:77:3c:74:8c:fd:37: 4a:7c:9b:cb:25:b3:f0:ed:27:cd:da:dc:e3:08:c7:e8:05:d5: d5:89:bd:2e:b7:06:74:ed:02:8e:58:e7:b8:8b:c3:90:4e:3b: 5e:4d:cf:60:20:2a:4e:ce:b4:e5:4f:68:d6:99:50:bd:69:5f: 7b:ab:b0:2d:58:85:6b:ce:c9:60:66:c5:bc:c4:b3:2d:94:4e: bc:c4:76:16:ff:98:c5:3e:6e:55:90:b7:de:30:5c:8e:c3:82: b2:67:56:a7 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUdwLv4L+9PhwrHcwRpYYzJGgiU9AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG QzY2MEExQjAeFw0yNDEwMTcwODU3MjFaFw0yNTEwMTYwOTAyMjFaMDMxMTAvBgNV BAMTKDk0ODlBNkNFOEYzNzY4QTY4QzQ1NEU0NjM2MDBGRThBODAxQjc5QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu7l+TYt5NpXGW6ovd0bqzv3wM VvEvpaJ9qMO4xNNBBSQQNkpyQMdEHszlshOYS6/842/8oWF8YxQucTb6cixA99an TZhy1izLMtvoDrceIJO+SJG2PAjLqS/zPtiSEeutdSvRAfVoffUMZaS/s6l/CzAm 7OC6J0tbW0zZoRxLvqcqHOQlGN25kyuEsh6nWZL4EZ6zoT0BCgOge4rC3LWg0CbZ Zs4bO72iJ7991O8aKtrS1HlznrpqIX8MNDGwnD2Ke/54Vu54oGqCLPIy7ydmEMiE HVhPer/LD/8RYS7HPqqsC5xLSaoYpWdXBgf2hqt4LMZbqLUFQdw9K+zuNCndAgMB AAGjggIcMIICGDAdBgNVHQ4EFgQUlImmzo83aKaMRU5GNgD+ioAbebwwHwYDVR0j BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2 MEExQi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMS9BUzE3ODg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjNU2AwQAjNVdAwQAjNVg AwQAjNW9AwQAjNXNAwQBjNX4MA0GCSqGSIb3DQEBCwUAA4IBAQA8VmqmoXELwdMX P5NC1/c5mcIBCKLiuZvzjdquw8fqULPEv5/3FDzskdwJfo3aKy1i5N2oXuiJtvGu YN8K4a7D1oYZkxSg9egBbbHM0hPwRRLhegBjmm9DGqGy5R8FML9RmMC+pJygVmRU U2oaTKN5C0c/NMdPeZbdOXjcLscvzoNnAbRT9CnuHuucmgNXzot28t6MuaW9lvim P0Z3PHSM/TdKfJvLJbPw7SfN2tzjCMfoBdXVib0utwZ07QKOWOe4i8OQTjteTc9g ICpOzrTlT2jWmVC9aV97q7AtWIVrzslgZsW8xLMtlE68xHYW/5jFPm5VkLfeMFyO w4KyZ1an -----END CERTIFICATE-----Generated at Thu Nov 21 18:46:56 2024 by rpki-client on console-ams.rpki-client.org