$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132653.roa File: AS132653.roa (raw, json) Hash identifier: 1L4F6MHUy6HAHOvVRGudBDrFqqxLJcA+zcXKsemIUlc= Subject key identifier: F3:C9:69:67:A4:5E:EC:CE:67:21:CF:78:34:6C:37:01:EE:4E:C8:85 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D3F0F4F55073CB455C28368D856554E30C36CA4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132653.roa Signing time: Tue 09 Jan 2024 04:00:16 +0000 ROA not before: Tue 09 Jan 2024 03:55:16 +0000 ROA not after: Tue 07 Jan 2025 04:00:16 +0000 asID: 132653 IP address blocks: 202.46.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:3f:0f:4f:55:07:3c:b4:55:c2:83:68:d8:56:55:4e:30:c3:6c:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:16 2024 GMT Not After : Jan 7 04:00:16 2025 GMT Subject: CN=F3C96967A45EECCE6721CF78346C3701EE4EC885 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:92:64:e0:ef:56:57:83:8b:24:64:37:ce:b8: d2:d1:4c:eb:2b:1a:06:1e:fc:f4:93:f3:3f:d3:1d: 2a:f9:1f:c6:60:81:7a:64:35:9d:90:31:58:64:78: 28:a7:b9:63:7a:69:1e:8a:b6:a5:93:62:8a:f1:5d: fc:58:10:29:3d:7a:e4:d8:25:cb:1c:0f:e4:78:f8: 65:c6:1e:d5:1e:68:ce:ab:c6:eb:f2:0a:47:82:a0: b5:bb:29:15:bb:31:4d:a4:85:5f:c2:5f:2a:05:98: 42:ff:21:b7:d0:3b:a7:4a:9c:f5:50:2b:b9:7f:58: fd:55:35:82:6b:fa:0c:94:04:9a:fc:9a:94:b9:22: 27:14:90:86:49:ee:2c:d5:5e:c3:30:57:92:9f:e5: 70:91:49:a9:b4:1d:45:fd:8a:67:06:05:5a:5e:91: 11:04:65:e7:d9:82:9e:33:97:42:1e:14:4d:e1:59: 87:1e:76:04:58:0b:a8:a5:fd:a2:27:0a:51:c2:b3: 26:4f:f7:0f:55:f2:81:c7:ee:f0:80:3f:38:20:97: 19:b0:56:27:03:33:9b:26:c4:c3:ed:2b:6b:d2:fe: 13:50:6e:cf:12:c7:19:c3:84:48:32:af:8e:a2:c7: b8:7d:0e:99:55:9d:e0:4f:d2:6b:62:c3:be:96:79: 2e:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:C9:69:67:A4:5E:EC:CE:67:21:CF:78:34:6C:37:01:EE:4E:C8:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS132653.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.46.152.0/22 Signature Algorithm: sha256WithRSAEncryption 2d:ed:8e:e5:2b:1e:c7:fb:ac:04:27:47:a8:bf:50:43:c9:5d: f4:a6:50:1e:2a:a1:54:d8:5e:b3:6c:69:96:df:31:94:d9:7e: 5b:55:36:11:2c:07:d9:56:74:11:5a:81:cd:18:c4:d4:f5:10: 99:9c:67:dd:19:76:9b:b9:cc:f5:22:86:ff:4d:1c:69:08:b7: 2b:83:ba:2a:c8:77:d6:23:9b:a0:e7:19:79:87:4f:ed:fd:c9: 5c:79:78:c3:36:40:94:98:0e:9e:ab:a7:9a:4c:35:58:93:9a: 79:7e:a4:ee:53:26:1b:92:f7:0b:1b:a0:cd:ea:02:d0:1a:ef: 6c:46:8e:db:95:45:cf:5b:e0:ab:57:97:68:41:c2:0b:c6:37: ca:9d:ab:5e:9f:97:ea:5d:be:ab:59:e7:07:ce:73:8b:37:a5: c3:25:6d:9d:2f:29:12:66:da:9d:c7:76:08:fd:84:90:6f:f7: 5e:4f:85:71:1b:37:af:04:ed:96:a1:d0:c9:25:34:87:5d:f3: cd:b8:6b:18:82:fb:20:6a:87:c7:46:79:2d:11:d5:20:90:63: 90:ab:e1:98:94:47:16:9a:5f:fc:e7:f4:18:5a:33:9c:0d:de: ea:2d:9e:37:a5:bb:98:33:e8:70:6d:d3:01:19:eb:65:15:e3: 66:8a:ca:31 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIULT8PT1UHPLRVwoNo2FZVTjDDbKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUxNloX DTI1MDEwNzA0MDAxNlowMzExMC8GA1UEAxMoRjNDOTY5NjdBNDVFRUNDRTY3MjFD Rjc4MzQ2QzM3MDFFRTRFQzg4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOSSZODvVleDiyRkN8640tFM6ysaBh789JPzP9MdKvkfxmCBemQ1nZAxWGR4 KKe5Y3ppHoq2pZNiivFd/FgQKT165NglyxwP5Hj4ZcYe1R5ozqvG6/IKR4Kgtbsp FbsxTaSFX8JfKgWYQv8ht9A7p0qc9VAruX9Y/VU1gmv6DJQEmvyalLkiJxSQhknu LNVewzBXkp/lcJFJqbQdRf2KZwYFWl6REQRl59mCnjOXQh4UTeFZhx52BFgLqKX9 oicKUcKzJk/3D1Xygcfu8IA/OCCXGbBWJwMzmybEw+0ra9L+E1BuzxLHGcOESDKv jqLHuH0OmVWd4E/Sa2LDvpZ5LmMCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTzyWln pF7szmchz3g0bDcB7k7IhTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzMjY1My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAsoumDANBgkqhkiG9w0BAQsFAAOCAQEALe2O5Ssex/usBCdHqL9Q Q8ld9KZQHiqhVNhes2xplt8xlNl+W1U2ESwH2VZ0EVqBzRjE1PUQmZxn3Rl2m7nM 9SKG/00caQi3K4O6Ksh31iOboOcZeYdP7f3JXHl4wzZAlJgOnqunmkw1WJOaeX6k 7lMmG5L3CxugzeoC0BrvbEaO25VFz1vgq1eXaEHCC8Y3yp2rXp+X6l2+q1nnB85z izelwyVtnS8pEmbancd2CP2EkG/3Xk+FcRs3rwTtlqHQySU0h13zzbhrGIL7IGqH x0Z5LRHVIJBjkKvhmJRHFppf/Of0GFoznA3e6i2eN6W7mDPocG3TARnrZRXjZorK MQ== -----END CERTIFICATE-----Generated at Wed May 8 14:59:54 2024 by rpki-client on console-ams.rpki-client.org