$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134635.roa File: AS134635.roa (raw, json) Hash identifier: D4sA8eMMes3FWe8JSnRsxUdp1Jjb1X5NZAcgdAwhHlA= Subject key identifier: 44:F1:84:46:0C:68:DA:FD:47:64:04:65:F6:89:81:2E:12:E4:50:3F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1F28D7F1EC1AAB22BC11F7A6FFB19C2152106AEE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134635.roa Signing time: Fri 20 Sep 2024 05:16:03 +0000 ROA not before: Fri 20 Sep 2024 05:11:03 +0000 ROA not after: Fri 19 Sep 2025 05:16:03 +0000 asID: 134635 IP address blocks: 2001:df1:ba40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:28:d7:f1:ec:1a:ab:22:bc:11:f7:a6:ff:b1:9c:21:52:10:6a:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 20 05:11:03 2024 GMT Not After : Sep 19 05:16:03 2025 GMT Subject: CN=44F184460C68DAFD47640465F689812E12E4503F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:54:8c:00:46:24:cd:d8:b0:15:8e:4f:df:07: 28:5a:f2:8f:c5:94:a7:55:13:ab:96:1e:b0:dd:2c: 18:d7:d7:f8:02:50:12:1f:8e:14:32:2c:57:2e:3e: b4:36:81:27:a7:23:af:e2:83:aa:2b:a6:e2:d8:89: b1:48:5a:61:ec:a1:8e:0d:78:0b:13:4d:30:98:7a: 73:09:dc:09:d8:20:b1:93:08:bb:8d:a7:62:22:9c: 67:db:d6:13:44:9c:ef:ab:b6:cd:06:50:8f:9a:38: da:59:92:4a:81:08:70:14:f2:63:fc:1b:43:40:c1: cf:66:2b:a3:98:d7:43:1f:d9:e0:3b:13:cb:15:d0: 15:7e:28:15:07:35:b2:d5:bc:ac:5d:33:02:f8:7f: f2:e8:89:f8:be:52:9f:94:70:7d:10:4d:c1:17:4a: 51:3a:49:2d:4f:3a:d8:24:92:0b:ab:a4:54:66:34: 7a:dd:cd:07:f7:2b:fa:15:45:f6:16:cf:30:99:7f: db:b1:29:4d:77:f6:58:05:97:bf:ee:cf:bd:48:a1: f2:6e:d9:18:04:1f:3e:2c:a4:7e:a3:8c:d9:9a:4a: 84:c7:b5:e5:b3:66:5e:45:b3:b6:ab:c6:ba:64:a1: e2:8c:53:30:14:3f:80:50:e2:58:ba:a4:ca:77:16: 4c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:F1:84:46:0C:68:DA:FD:47:64:04:65:F6:89:81:2E:12:E4:50:3F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS134635.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:ba40::/48 Signature Algorithm: sha256WithRSAEncryption 20:98:aa:4d:f9:c5:d1:d0:0e:fb:e2:74:e1:fd:38:c5:cb:ff: 43:b8:31:a3:f7:b5:c1:7e:2b:ea:c3:0b:5d:77:69:8e:50:f7: 52:08:85:7e:d0:a7:5f:81:f7:30:0a:55:a2:06:e2:ed:42:85: e4:c5:db:f4:ce:b5:e6:ed:63:34:37:01:46:b5:de:0f:a1:b4: fb:c7:70:10:48:40:46:29:b4:2d:38:96:c3:db:e6:e1:14:66: 47:75:92:72:3e:0f:1f:1d:c9:36:b0:85:81:b1:fb:b5:93:cc: 24:5b:f6:79:e3:1e:d5:b5:83:72:8a:67:3e:ed:c2:a2:71:cc: af:c2:c7:b8:da:99:fb:3d:84:82:3e:a8:d3:d5:2b:93:a5:be: f1:26:f1:80:1a:be:52:a5:68:7a:30:70:c4:12:2f:b9:3c:c8: ba:91:62:27:54:9e:14:19:51:1f:93:d9:af:33:94:b4:e5:2c: 30:f9:19:67:73:03:38:64:7d:ce:2b:8c:dd:d2:a9:df:5b:fa: 2e:9e:bb:94:90:51:ef:58:01:61:03:0c:96:ac:68:39:53:93: 2d:b0:5d:76:a3:9f:0e:74:64:5e:d5:45:b8:53:05:d6:6c:bc: c1:f0:70:ce:d2:6c:18:c9:68:ad:06:77:d2:54:96:43:86:a0: 02:49:48:ec -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUHyjX8ewaqyK8Efem/7GcIVIQau4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkyMDA1MTEwM1oX DTI1MDkxOTA1MTYwM1owMzExMC8GA1UEAxMoNDRGMTg0NDYwQzY4REFGRDQ3NjQw NDY1RjY4OTgxMkUxMkU0NTAzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFUjABGJM3YsBWOT98HKFryj8WUp1UTq5YesN0sGNfX+AJQEh+OFDIsVy4+ tDaBJ6cjr+KDqium4tiJsUhaYeyhjg14CxNNMJh6cwncCdggsZMIu42nYiKcZ9vW E0Sc76u2zQZQj5o42lmSSoEIcBTyY/wbQ0DBz2Yro5jXQx/Z4DsTyxXQFX4oFQc1 stW8rF0zAvh/8uiJ+L5Sn5RwfRBNwRdKUTpJLU862CSSC6ukVGY0et3NB/cr+hVF 9hbPMJl/27EpTXf2WAWXv+7PvUih8m7ZGAQfPiykfqOM2ZpKhMe15bNmXkWztqvG umSh4oxTMBQ/gFDiWLqkyncWTDkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRE8YRG DGja/UdkBGX2iYEuEuRQPzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzNDYzNS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfG6QDANBgkqhkiG9w0BAQsFAAOCAQEAIJiqTfnF0dAO++J0 4f04xcv/Q7gxo/e1wX4r6sMLXXdpjlD3UgiFftCnX4H3MApVogbi7UKF5MXb9M61 5u1jNDcBRrXeD6G0+8dwEEhARim0LTiWw9vm4RRmR3WScj4PHx3JNrCFgbH7tZPM JFv2eeMe1bWDcopnPu3ConHMr8LHuNqZ+z2Egj6o09Urk6W+8SbxgBq+UqVoejBw xBIvuTzIupFiJ1SeFBlRH5PZrzOUtOUsMPkZZ3MDOGR9ziuM3dKp31v6Lp67lJBR 71gBYQMMlqxoOVOTLbBddqOfDnRkXtVFuFMF1my8wfBwztJsGMlorQZ30lSWQ4ag AklI7A== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:23 2024 by rpki-client on console-fra.rpki-client.org