$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142347.roa File: AS142347.roa (raw, json) Hash identifier: uN5L9NHrGbFSPz9II0PfyKgtEN/NmKpDSaR2q99VRjE= Subject key identifier: FB:70:86:4A:A4:AC:4A:67:04:66:29:F3:9A:DA:E9:0F:47:38:51:5F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 42F6754292DE955EDBE06683B81C6F583B6E90A1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142347.roa Signing time: Fri 05 Apr 2024 04:00:00 +0000 ROA not before: Fri 05 Apr 2024 03:55:00 +0000 ROA not after: Fri 04 Apr 2025 04:00:00 +0000 asID: 142347 IP address blocks: 2400:e520::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:f6:75:42:92:de:95:5e:db:e0:66:83:b8:1c:6f:58:3b:6e:90:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 5 03:55:00 2024 GMT Not After : Apr 4 04:00:00 2025 GMT Subject: CN=FB70864AA4AC4A67046629F39ADAE90F4738515F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:01:2c:c8:d9:17:58:c8:6f:c2:c5:3a:14:b1: 69:4c:94:1c:92:41:f6:d0:58:64:ff:ef:4d:b6:50: 36:f1:17:60:a0:43:66:eb:2a:65:0e:0c:81:7a:40: e9:86:4f:07:b6:c4:af:30:79:f8:ac:8f:69:4c:4f: f8:8d:7d:a2:bf:0e:86:0b:26:f0:a4:ad:fb:ca:fe: 20:a6:5c:4f:24:85:3b:94:b0:56:b7:ad:8d:e1:36: 2b:03:20:55:e5:8a:77:26:10:70:2b:29:32:cf:12: a0:26:d3:98:b2:e8:08:06:0d:18:b5:f0:31:59:16: bd:89:a2:15:99:36:49:d9:dc:83:cf:4a:b7:70:f1: 48:a6:d5:38:40:77:27:d6:b3:58:1a:b4:0f:96:f8: 3f:2d:34:c6:67:31:47:3a:26:a2:ff:7c:47:83:ba: 99:51:be:0e:dc:a4:51:49:50:af:6f:c1:26:85:37: 27:8c:54:6b:50:aa:17:b2:32:1f:31:8f:e5:c1:4e: 09:3f:46:09:7f:97:df:9f:17:3d:7a:6a:6d:86:6b: 1b:16:a6:16:72:47:ff:6d:4c:c0:41:cf:60:ca:d5: c0:1f:61:37:e8:f4:81:66:60:12:a9:6e:83:87:ca: 21:93:6a:d9:e3:d8:4c:0b:4d:9c:a0:b5:b6:08:c4: 35:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:70:86:4A:A4:AC:4A:67:04:66:29:F3:9A:DA:E9:0F:47:38:51:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142347.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:e520::/32 Signature Algorithm: sha256WithRSAEncryption 42:f5:d8:6b:90:0c:d6:2c:91:c3:7c:a5:f7:17:4d:30:c8:33: 5f:c4:d9:1a:6b:45:3a:7f:86:14:c4:a6:8d:bb:e4:a5:fe:ff: 0b:b7:d4:08:c1:12:51:b4:36:61:bc:00:1c:ff:2e:ef:83:0c: 6f:d0:53:3c:88:68:25:95:f7:65:30:39:c7:50:32:df:14:32: 6e:14:a4:e5:c8:60:74:d1:58:bc:60:ef:c2:7c:1e:d6:e9:4e: 54:d0:ff:ae:61:4c:ef:fb:57:af:c0:f2:86:e5:e3:1f:90:a6: cd:d9:59:c1:1c:e8:85:00:0d:7a:28:46:dc:12:fd:f0:ad:8c: c8:63:c4:ba:07:d8:a8:77:d7:6d:ca:e9:a3:27:d9:08:2e:da: 0d:f3:2e:e1:f4:61:fc:f9:af:f5:47:47:f9:4d:ee:11:61:c6: 31:60:ef:49:0f:97:85:18:c6:b9:33:8b:22:b8:d4:0f:be:0d: b4:f4:d1:db:95:c4:be:45:e4:45:3b:92:10:5f:79:cd:f4:cb: 23:6c:37:32:7a:cf:f9:ed:16:19:6d:01:8a:65:f8:71:fb:b7: 58:7d:5a:5d:e3:a7:1d:0c:28:31:03:9f:3e:a2:54:40:29:92: c3:2d:ce:bd:29:67:6c:26:53:d9:64:72:ab:e8:73:1b:b4:d0: b4:3f:b5:2b -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUQvZ1QpLelV7b4GaDuBxvWDtukKEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQwNTAzNTUwMFoX DTI1MDQwNDA0MDAwMFowMzExMC8GA1UEAxMoRkI3MDg2NEFBNEFDNEE2NzA0NjYy OUYzOUFEQUU5MEY0NzM4NTE1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMkBLMjZF1jIb8LFOhSxaUyUHJJB9tBYZP/vTbZQNvEXYKBDZusqZQ4MgXpA 6YZPB7bErzB5+KyPaUxP+I19or8Ohgsm8KSt+8r+IKZcTySFO5SwVretjeE2KwMg VeWKdyYQcCspMs8SoCbTmLLoCAYNGLXwMVkWvYmiFZk2Sdncg89Kt3DxSKbVOEB3 J9azWBq0D5b4Py00xmcxRzomov98R4O6mVG+DtykUUlQr2/BJoU3J4xUa1CqF7Iy HzGP5cFOCT9GCX+X358XPXpqbYZrGxamFnJH/21MwEHPYMrVwB9hN+j0gWZgEqlu g4fKIZNq2ePYTAtNnKC1tgjENakCAwEAAaOCAdEwggHNMB0GA1UdDgQWBBT7cIZK pKxKZwRmKfOa2ukPRzhRXzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjM0Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQA5SAwDQYJKoZIhvcNAQELBQADggEBAEL12GuQDNYskcN8pfcX TTDIM1/E2RprRTp/hhTEpo275KX+/wu31AjBElG0NmG8ABz/Lu+DDG/QUzyIaCWV 92UwOcdQMt8UMm4UpOXIYHTRWLxg78J8HtbpTlTQ/65hTO/7V6/A8obl4x+Qps3Z WcEc6IUADXooRtwS/fCtjMhjxLoH2Kh3123K6aMn2Qgu2g3zLuH0Yfz5r/VHR/lN 7hFhxjFg70kPl4UYxrkziyK41A++DbT00duVxL5F5EU7khBfec30yyNsNzJ6z/nt FhltAYpl+HH7t1h9Wl3jpx0MKDEDnz6iVEApksMtzr0pZ2wmU9lkcqvocxu00LQ/ tSs= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org