$ rpki-client -vvf repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa File: AS17885.roa (raw, json) Hash identifier: SfBDU1J0DebNNMtjiZteKSLGMdABQZAMhZXZ26++uUI= Subject key identifier: B4:41:04:D9:80:FB:E9:74:67:BE:3E:FC:7D:DE:15:D8:A1:25:2D:AC Certificate issuer: /CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Certificate serial: 55BC64B89E18FABF36B921DA59CC2A3923F463FA Authority key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject info access: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa Signing time: Thu 16 Nov 2023 09:00:00 +0000 ROA not before: Thu 16 Nov 2023 08:55:00 +0000 ROA not after: Thu 14 Nov 2024 09:00:00 +0000 asID: 17885 IP address blocks: 140.213.54.0/24 maxlen: 24 140.213.93.0/24 maxlen: 24 140.213.96.0/24 maxlen: 24 140.213.189.0/24 maxlen: 24 140.213.205.0/24 maxlen: 24 140.213.248.0/24 maxlen: 24 140.213.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Jun 2024 05:54:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:bc:64:b8:9e:18:fa:bf:36:b9:21:da:59:cc:2a:39:23:f4:63:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Validity Not Before: Nov 16 08:55:00 2023 GMT Not After : Nov 14 09:00:00 2024 GMT Subject: CN=B44104D980FBE97467BE3EFC7DDE15D8A1252DAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:6e:51:c3:9f:94:39:db:ec:6b:eb:35:30:7b: a2:03:d4:0e:6b:ae:3e:22:8e:7b:67:e3:ab:21:a5: a4:3a:33:ee:02:a6:27:cf:9a:09:b8:a7:32:d0:2e: 19:7c:89:2f:7b:a1:55:2e:5d:41:02:d4:37:ca:23: db:2f:0e:9d:cf:f9:21:c3:44:57:df:0a:d6:62:e9: 38:62:3f:d6:83:64:dd:bb:4d:24:da:af:da:53:ef: 38:c3:af:1b:12:75:11:26:09:2e:8a:b5:23:98:f7: 5e:8f:07:21:5c:63:24:34:0f:dc:60:c0:7f:5d:88: 9e:5c:83:9e:10:de:20:56:a1:b3:4f:24:f6:95:5b: e2:0a:ba:0e:fa:d8:b7:c7:49:c8:35:0e:76:e3:0b: d9:5a:51:95:ce:79:58:cf:20:7d:13:b7:fd:fe:59: 99:d0:98:d0:3b:c3:4d:38:2e:93:9e:f0:78:48:34: 69:0d:db:ad:cb:5a:08:36:53:39:df:ad:67:37:d6: 1b:7a:80:68:fb:27:5f:57:43:c0:60:8b:c1:57:d3: 2c:76:41:d0:25:3e:08:ca:67:1f:c4:25:22:ad:12: 0c:8e:1f:1c:cf:15:e3:9f:e4:86:62:6e:02:66:66: c8:01:31:13:9b:53:0d:2b:b6:96:6b:22:16:fd:60: e0:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:41:04:D9:80:FB:E9:74:67:BE:3E:FC:7D:DE:15:D8:A1:25:2D:AC X509v3 Authority Key Identifier: keyid:10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/AS17885.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.54.0/24 140.213.93.0/24 140.213.96.0/24 140.213.189.0/24 140.213.205.0/24 140.213.248.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:84:86:7f:9b:59:4c:68:f4:4a:a5:a3:7f:b0:1e:24:2b:96: 56:60:c7:fa:d9:4c:30:ae:18:f2:e2:6a:a1:ed:52:90:74:89: ea:d2:9c:d1:bc:90:3f:4d:8e:0d:80:86:7e:b5:57:e6:44:3e: 6e:7b:d3:31:7e:ac:ba:aa:c0:1b:15:88:33:ca:d9:df:dd:48: a5:84:65:2b:35:3c:34:c4:87:c1:df:2c:1c:66:64:13:de:31: 7e:9d:0f:21:e2:ba:66:ee:db:41:62:9e:cb:0b:45:dc:65:de: fd:72:aa:84:6a:06:14:f6:4b:a7:30:82:e1:c9:c0:a9:e8:ff: ac:12:cf:6f:68:5a:4b:e2:f1:09:91:1d:e0:d8:a0:17:48:fd: ce:79:2c:a5:bf:73:1b:e8:47:83:b2:65:0c:58:be:c3:b6:c9: 88:e0:73:43:a8:09:27:40:c3:33:bf:d1:95:a8:d3:34:d2:68: 2c:65:40:c7:d4:8c:79:d9:c5:93:b6:88:db:9c:fd:60:db:59: 34:34:22:67:58:59:5e:87:45:c1:53:b0:e4:9b:28:07:aa:1c: 21:1e:17:3e:82:91:6e:5f:23:95:e3:bb:e9:e4:df:8c:43:cb: 46:6a:f4:73:48:88:0e:d8:4c:80:63:f1:3a:ea:11:2c:38:76: 67:01:b6:9a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUVbxkuJ4Y+r82uSHaWcwqOSP0Y/owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNG QzY2MEExQjAeFw0yMzExMTYwODU1MDBaFw0yNDExMTQwOTAwMDBaMDMxMTAvBgNV BAMTKEI0NDEwNEQ5ODBGQkU5NzQ2N0JFM0VGQzdEREUxNUQ4QTEyNTJEQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFblHDn5Q52+xr6zUwe6ID1A5r rj4ijntn46shpaQ6M+4CpifPmgm4pzLQLhl8iS97oVUuXUEC1DfKI9svDp3P+SHD RFffCtZi6ThiP9aDZN27TSTar9pT7zjDrxsSdREmCS6KtSOY916PByFcYyQ0D9xg wH9diJ5cg54Q3iBWobNPJPaVW+IKug762LfHScg1DnbjC9laUZXOeVjPIH0Tt/3+ WZnQmNA7w004LpOe8HhINGkN263LWgg2UznfrWc31ht6gGj7J19XQ8Bgi8FX0yx2 QdAlPgjKZx/EJSKtEgyOHxzPFeOf5IZibgJmZsgBMRObUw0rtpZrIhb9YOCxAgMB AAGjggIcMIICGDAdBgNVHQ4EFgQUtEEE2YD76XRnvj78fd4V2KElLawwHwYDVR0j BBgwFoAUELq3kH2VOg1f3rXCDJ8pvPxmChswDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80 YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMS8xMEJBQjc5MDdE OTUzQTBENUZERUI1QzIwQzlGMjlCQ0ZDNjYwQTFCLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzEvMTBCQUI3OTA3RDk1M0EwRDVGREVCNUMyMEM5RjI5QkNGQzY2 MEExQi5jZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jl cG8tcnBraS5pZG5pYy5uZXQvcmVwby80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04 ZDdlN2ZjMmMyMjcvMS9BUzE3ODg1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjNU2AwQAjNVdAwQAjNVg AwQAjNW9AwQAjNXNAwQBjNX4MA0GCSqGSIb3DQEBCwUAA4IBAQBahIZ/m1lMaPRK paN/sB4kK5ZWYMf62Uwwrhjy4mqh7VKQdInq0pzRvJA/TY4NgIZ+tVfmRD5ue9Mx fqy6qsAbFYgzytnf3UilhGUrNTw0xIfB3ywcZmQT3jF+nQ8h4rpm7ttBYp7LC0Xc Zd79cqqEagYU9kunMILhycCp6P+sEs9vaFpL4vEJkR3g2KAXSP3OeSylv3Mb6EeD smUMWL7DtsmI4HNDqAknQMMzv9GVqNM00mgsZUDH1Ix52cWTtojbnP1g21k0NCJn WFleh0XBU7DkmygHqhwhHhc+gpFuXyOV47vp5N+MQ8tGavRzSIgO2EyAY/E66hEs OHZnAbaa -----END CERTIFICATE-----Generated at Sat Jun 1 04:06:50 2024 by rpki-client on console-ams.rpki-client.org