$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141600.roa File: AS141600.roa (raw, json) Hash identifier: uDI+PWpC8NFoBqK+2hGa954Kg70ei5MNBJXHpfMqRps= Subject key identifier: B7:3B:EE:31:DB:82:C7:A1:51:A1:88:8B:D0:8B:98:3E:0D:AD:7E:C2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 70BA17CA7801071759D4AC9C104659FEC6043F86 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141600.roa Signing time: Thu 18 Apr 2024 06:15:02 +0000 ROA not before: Thu 18 Apr 2024 06:10:02 +0000 ROA not after: Thu 17 Apr 2025 06:15:02 +0000 asID: 141600 IP address blocks: 2001:df3:af40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 16:34:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:ba:17:ca:78:01:07:17:59:d4:ac:9c:10:46:59:fe:c6:04:3f:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 18 06:10:02 2024 GMT Not After : Apr 17 06:15:02 2025 GMT Subject: CN=B73BEE31DB82C7A151A1888BD08B983E0DAD7EC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2a:1f:7a:b1:f2:72:1a:f3:b8:6e:34:1d:98: db:12:d7:56:70:e4:b5:c8:5f:1f:aa:01:95:01:de: 86:50:60:4d:37:47:44:2b:73:4b:80:d4:45:80:0c: f9:92:d8:db:2e:4a:72:f9:7d:4b:91:55:9b:fd:33: b6:1a:c5:60:52:2a:17:ac:01:2d:47:b0:b8:3c:c1: 02:f9:59:a4:4a:30:81:fd:92:ac:a8:fd:63:ea:79: 34:aa:28:cd:7e:d7:8d:65:1b:00:c3:4a:8a:62:bf: 6a:87:0b:16:2a:c3:2e:59:38:5b:96:c7:5c:e8:6c: 28:f9:6d:9a:da:56:92:4c:65:d4:24:22:92:05:47: 3a:4c:59:4c:56:35:43:0f:d7:cc:c6:c0:52:bf:f2: b4:5c:0e:a9:64:89:47:ec:7f:f7:d7:0e:e5:1f:54: 1c:b1:4d:06:3c:20:03:8d:3d:39:cb:ae:76:fd:3f: e7:9b:ba:72:f8:c6:f4:24:cc:03:de:cd:59:cd:8a: b3:18:91:0b:92:67:06:36:04:82:cc:fb:c0:85:96: 64:41:8c:29:a1:5a:22:f5:89:4e:af:25:eb:b3:55: ff:c5:cf:11:90:75:2c:8b:fa:6f:8e:0e:ac:15:22: ae:fb:dc:4c:a7:91:c8:9c:36:23:6b:ca:f6:52:fa: bc:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:3B:EE:31:DB:82:C7:A1:51:A1:88:8B:D0:8B:98:3E:0D:AD:7E:C2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141600.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:af40::/48 Signature Algorithm: sha256WithRSAEncryption 33:7f:b4:34:b2:8e:62:6c:2a:ba:98:1a:ef:f9:83:7a:33:5e: 1b:04:28:9c:0e:57:ae:e0:65:de:ee:bd:7c:5e:3f:aa:31:d4: 83:7e:fe:5d:1c:18:10:2b:e9:39:1d:53:00:be:4c:d6:e4:b3: e4:c9:ca:ad:23:57:8d:75:15:eb:38:6a:0f:25:66:87:c4:d8: e6:05:b2:96:73:d3:ec:e1:ce:25:bf:6e:ce:cf:39:25:c6:88: 45:9c:26:6b:27:85:39:3f:87:31:24:af:a6:28:09:4c:28:b7: ec:f4:f5:a6:a4:0f:16:7a:f1:e5:f5:e3:8c:f3:5d:34:19:11: 2d:b5:2b:72:46:06:2c:e1:bb:e1:1f:2a:e3:35:28:2e:52:6d: e1:26:0e:86:7c:37:0b:a2:a5:bf:54:09:8b:ff:f2:50:14:40: 6e:36:b9:60:20:0c:66:61:7c:3d:c2:96:9c:1c:e9:83:99:0d: 64:c3:fa:37:19:5e:73:f2:18:aa:59:18:6e:36:32:f0:a0:b3: 90:72:45:d6:f0:31:43:2a:bb:7f:80:d8:93:17:d9:44:00:bc: 9f:be:82:62:b7:a3:c5:4d:82:3f:56:e4:d9:67:e1:1c:a5:bb: 71:d5:c9:ef:c4:3f:a5:62:64:63:f3:6d:62:65:a7:01:5e:12: c6:70:2e:d7 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUcLoXyngBBxdZ1KycEEZZ/sYEP4YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQxODA2MTAwMloX DTI1MDQxNzA2MTUwMlowMzExMC8GA1UEAxMoQjczQkVFMzFEQjgyQzdBMTUxQTE4 ODhCRDA4Qjk4M0UwREFEN0VDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALMqH3qx8nIa87huNB2Y2xLXVnDktchfH6oBlQHehlBgTTdHRCtzS4DURYAM +ZLY2y5Kcvl9S5FVm/0zthrFYFIqF6wBLUewuDzBAvlZpEowgf2SrKj9Y+p5NKoo zX7XjWUbAMNKimK/aocLFirDLlk4W5bHXOhsKPltmtpWkkxl1CQikgVHOkxZTFY1 Qw/XzMbAUr/ytFwOqWSJR+x/99cO5R9UHLFNBjwgA409Ocuudv0/55u6cvjG9CTM A97NWc2KsxiRC5JnBjYEgsz7wIWWZEGMKaFaIvWJTq8l67NV/8XPEZB1LIv6b44O rBUirvvcTKeRyJw2I2vK9lL6vFkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBS3O+4x 24LHoVGhiIvQi5g+Da1+wjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTYwMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOvQDANBgkqhkiG9w0BAQsFAAOCAQEAM3+0NLKOYmwqupga 7/mDejNeGwQonA5XruBl3u69fF4/qjHUg37+XRwYECvpOR1TAL5M1uSz5MnKrSNX jXUV6zhqDyVmh8TY5gWylnPT7OHOJb9uzs85JcaIRZwmayeFOT+HMSSvpigJTCi3 7PT1pqQPFnrx5fXjjPNdNBkRLbUrckYGLOG74R8q4zUoLlJt4SYOhnw3C6Klv1QJ i//yUBRAbja5YCAMZmF8PcKWnBzpg5kNZMP6Nxlec/IYqlkYbjYy8KCzkHJF1vAx Qyq7f4DYkxfZRAC8n76CYrejxU2CP1bk2WfhHKW7cdXJ78Q/pWJkY/NtYmWnAV4S xnAu1w== -----END CERTIFICATE-----Generated at Wed May 8 07:45:27 2024 by rpki-client on console-ams.rpki-client.org