$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142370.roa File: AS142370.roa (raw, json) Hash identifier: hiwCAc+r7vX+XQ5WsmIT01FJnK3SIebk3DVDW2KOgs8= Subject key identifier: 9B:23:05:59:23:AD:40:2E:77:04:19:FF:9A:36:1A:58:2C:DA:4D:E2 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 60F0A9CF51C06A2B6974FAB07B40E2D987E7B497 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142370.roa Signing time: Mon 04 Nov 2024 04:00:00 +0000 ROA not before: Mon 04 Nov 2024 03:55:00 +0000 ROA not after: Mon 03 Nov 2025 04:00:00 +0000 asID: 142370 IP address blocks: 2001:df1:c1c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:f0:a9:cf:51:c0:6a:2b:69:74:fa:b0:7b:40:e2:d9:87:e7:b4:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 4 03:55:00 2024 GMT Not After : Nov 3 04:00:00 2025 GMT Subject: CN=9B23055923AD402E770419FF9A361A582CDA4DE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f4:d2:a2:fc:79:66:26:aa:8c:bd:56:2a:e9: e9:58:cf:a5:e5:56:1a:cb:23:fb:bb:9d:d2:dd:0d: b7:58:a2:3a:09:08:94:31:ea:ec:a8:e9:9b:b9:fd: 7a:db:d7:a2:dd:d2:fa:2e:1f:f2:ce:77:97:86:c2: 11:de:23:3c:fe:2a:c7:10:cc:3b:23:21:4e:3a:d3: 12:01:9e:29:28:1a:fa:c7:83:83:57:58:07:ee:69: 33:75:0f:42:7e:bc:00:c8:20:c5:65:df:d8:53:e9: b8:86:d0:4d:e2:8a:1e:f3:a3:bc:e2:f4:e7:60:a4: 73:21:28:ed:af:69:41:a6:2f:0d:d3:b5:6c:49:a8: fa:80:af:9b:bc:08:50:9c:93:14:4b:91:01:2e:9d: ea:f8:f9:03:6d:52:19:9f:9f:22:0f:b5:04:8e:1f: 59:de:4f:77:ea:30:58:b8:e7:66:ae:0c:8e:bb:f3: 42:c7:15:f1:2c:e1:d2:0e:a5:87:20:c7:5d:96:72: 00:a6:68:41:c8:08:30:06:e6:a2:f7:fd:6e:29:4c: 51:1c:1c:8b:22:6d:b2:df:8b:5c:7d:8e:58:c7:4a: 6a:f8:a3:4c:98:07:ba:dc:21:96:3b:9e:fe:dc:c5: cb:60:14:76:95:d4:52:86:b5:60:7d:40:dc:ef:c7: f6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:23:05:59:23:AD:40:2E:77:04:19:FF:9A:36:1A:58:2C:DA:4D:E2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS142370.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:c1c0::/48 Signature Algorithm: sha256WithRSAEncryption 5a:ad:e6:48:52:88:87:e3:5d:b5:8f:7f:f2:97:51:b9:5a:66: 93:b6:b3:06:89:cb:de:9c:f6:38:a3:6d:d0:54:c2:88:bd:1a: 99:0b:88:76:51:81:f0:11:da:43:d1:91:8e:c9:03:12:0c:01: 2a:e0:fc:85:44:c9:c0:cc:0a:da:ce:40:fa:cb:58:15:b7:67: 18:8c:ec:a5:07:68:07:1c:5e:ae:50:5f:b4:35:1d:5f:a0:2a: 60:e2:f6:5f:40:74:b1:47:a0:84:65:cd:8c:f0:4e:1e:00:b6: 71:45:fb:24:12:b2:56:56:62:35:a9:a4:11:6c:c9:c3:79:d0: 40:41:f5:86:2f:14:34:bf:d7:ff:fd:9c:86:15:e8:00:78:0d: ae:b9:ea:e2:0f:0a:47:5a:76:2e:71:fa:41:4b:6f:4e:c8:6f: 7f:13:08:ac:3c:92:85:c8:b2:71:15:76:22:f1:aa:bb:10:14: 7f:09:85:37:2e:d2:7e:9b:e1:ba:ed:23:d1:6d:0c:bc:55:da: f1:ee:ea:3a:88:67:2d:1c:69:b0:02:cd:a3:5b:a7:15:c2:d4: 87:a3:70:39:3c:56:72:06:be:97:4a:e8:09:98:dd:af:24:00: 51:be:1d:16:0f:81:fb:da:6c:37:c3:96:8d:e7:9b:e7:2c:8d: 7f:b3:49:69 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUYPCpz1HAaitpdPqwe0Di2YfntJcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTEwNDAzNTUwMFoX DTI1MTEwMzA0MDAwMFowMzExMC8GA1UEAxMoOUIyMzA1NTkyM0FENDAyRTc3MDQx OUZGOUEzNjFBNTgyQ0RBNERFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMX00qL8eWYmqoy9Virp6VjPpeVWGssj+7ud0t0Nt1iiOgkIlDHq7Kjpm7n9 etvXot3S+i4f8s53l4bCEd4jPP4qxxDMOyMhTjrTEgGeKSga+seDg1dYB+5pM3UP Qn68AMggxWXf2FPpuIbQTeKKHvOjvOL052CkcyEo7a9pQaYvDdO1bEmo+oCvm7wI UJyTFEuRAS6d6vj5A21SGZ+fIg+1BI4fWd5Pd+owWLjnZq4MjrvzQscV8Szh0g6l hyDHXZZyAKZoQcgIMAbmovf9bilMURwciyJtst+LXH2OWMdKavijTJgHutwhljue /tzFy2AUdpXUUoa1YH1A3O/H9gkCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBSbIwVZ I61ALncEGf+aNhpYLNpN4jAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MjM3MC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfHBwDANBgkqhkiG9w0BAQsFAAOCAQEAWq3mSFKIh+NdtY9/ 8pdRuVpmk7azBonL3pz2OKNt0FTCiL0amQuIdlGB8BHaQ9GRjskDEgwBKuD8hUTJ wMwK2s5A+stYFbdnGIzspQdoBxxerlBftDUdX6AqYOL2X0B0sUeghGXNjPBOHgC2 cUX7JBKyVlZiNamkEWzJw3nQQEH1hi8UNL/X//2chhXoAHgNrrnq4g8KR1p2LnH6 QUtvTshvfxMIrDyShciycRV2IvGquxAUfwmFNy7Sfpvhuu0j0W0MvFXa8e7qOohn LRxpsALNo1unFcLUh6NwOTxWcga+l0roCZjdryQAUb4dFg+B+9psN8OWjeeb5yyN f7NJaQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org