$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147076.roa File: AS147076.roa (raw, json) Hash identifier: rSDK/vLEWtVohXY4BTZ46zEMn3B59TzoT1IlEQKM5fU= Subject key identifier: 52:C2:3B:97:62:28:D9:07:E5:78:17:D0:FA:0B:05:2D:95:FF:CD:57 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 18ADCEE2D8EE5624B49FB4E472E58A40667A2B87 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147076.roa Signing time: Tue 12 Dec 2023 04:00:00 +0000 ROA not before: Tue 12 Dec 2023 03:55:00 +0000 ROA not after: Tue 10 Dec 2024 04:00:00 +0000 asID: 147076 IP address blocks: 103.172.96.0/24 maxlen: 24 103.189.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:ad:ce:e2:d8:ee:56:24:b4:9f:b4:e4:72:e5:8a:40:66:7a:2b:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 12 03:55:00 2023 GMT Not After : Dec 10 04:00:00 2024 GMT Subject: CN=52C23B976228D907E57817D0FA0B052D95FFCD57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:ff:65:75:11:82:9c:b0:ee:02:36:68:7b:05: 34:04:d3:cd:99:cf:53:0e:37:4f:4e:fa:68:a6:0d: 4b:f8:58:4f:5e:bb:e2:32:26:ca:22:92:c9:d0:05: 2e:98:c2:1e:2a:c6:14:a2:1f:bf:ea:47:e7:05:3e: 75:d1:0e:30:e8:2c:70:d7:08:02:9f:3f:b5:d3:32: 91:6a:37:6d:32:f3:dd:de:23:b0:25:21:d3:fb:d4: e7:7c:f5:e1:39:46:4c:32:a5:6e:f9:f6:87:4e:b0: d1:9e:8a:5b:3b:39:92:a3:cf:91:74:ec:f7:18:45: 5e:ca:7f:62:72:5e:f5:54:0d:72:8a:a2:3e:29:fd: b3:4d:88:d3:e7:be:05:00:82:aa:88:04:a7:d2:86: 7e:9e:dc:ba:7c:91:9b:f5:57:a7:1e:09:f7:83:80: e3:03:a3:0a:56:52:fb:0a:c9:21:68:96:b9:7a:4a: 88:fd:05:73:af:28:00:56:f8:2d:06:e1:91:4b:91: 8b:87:7b:2b:89:78:16:52:cd:cc:0b:5c:5a:45:61: 65:fc:12:69:0a:a0:d9:bd:e3:6c:6f:a6:c5:53:f7: 6b:2a:e1:ab:d0:b5:ec:5c:7b:73:d4:ea:db:fe:66: 1b:46:58:ac:15:86:d6:cf:f4:bc:cf:24:32:93:c4: 51:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:C2:3B:97:62:28:D9:07:E5:78:17:D0:FA:0B:05:2D:95:FF:CD:57 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147076.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.96.0/24 103.189.229.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:50:c9:83:54:97:b1:b2:09:59:25:29:93:fd:cb:ac:bd:03: d4:6d:da:81:27:8c:d9:b1:ba:39:c4:db:d2:b5:97:b8:a4:0e: 5e:e7:74:f3:17:27:ba:bd:c3:70:f6:51:e8:a3:ff:05:87:c7: e4:cc:d3:6f:04:15:02:33:16:63:e8:ad:3c:4c:f3:26:57:67: 43:41:2c:e3:f7:a2:24:c1:b6:e9:22:da:3c:d2:5c:65:7b:67: 2e:d6:07:75:b0:59:33:52:da:22:c3:ba:e0:ac:73:3d:50:a4: d8:a4:62:02:f2:a9:39:a6:3b:90:a6:48:f3:74:a6:88:7a:0a: 98:d6:4d:6c:8f:46:a7:c0:6e:cb:69:68:cf:5d:a1:57:e7:7b: 59:1f:b4:2d:c1:62:ed:d5:49:e7:ab:05:bd:be:95:e0:80:1a: 1f:5f:be:57:44:d4:bd:e2:2c:67:78:68:76:4b:11:66:cd:19: 6f:6e:69:a7:61:83:c2:68:da:2f:3f:9c:43:45:fb:99:5f:d0: 76:e9:fe:f2:d6:b5:cc:83:63:a9:43:01:26:21:7f:d5:2a:99: 54:27:6f:db:03:2e:4a:1a:d6:a1:4a:d4:86:f1:ed:90:74:25: 86:1a:06:22:88:38:c5:90:ff:e4:fe:cc:f3:3f:87:9d:fd:e0: b5:cc:a4:0a -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgIUGK3O4tjuViS0n7TkcuWKQGZ6K4cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTIxMjAzNTUwMFoX DTI0MTIxMDA0MDAwMFowMzExMC8GA1UEAxMoNTJDMjNCOTc2MjI4RDkwN0U1Nzgx N0QwRkEwQjA1MkQ5NUZGQ0Q1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOH/ZXURgpyw7gI2aHsFNATTzZnPUw43T076aKYNS/hYT1674jImyiKSydAF LpjCHirGFKIfv+pH5wU+ddEOMOgscNcIAp8/tdMykWo3bTLz3d4jsCUh0/vU53z1 4TlGTDKlbvn2h06w0Z6KWzs5kqPPkXTs9xhFXsp/YnJe9VQNcoqiPin9s02I0+e+ BQCCqogEp9KGfp7cunyRm/VXpx4J94OA4wOjClZS+wrJIWiWuXpKiP0Fc68oAFb4 LQbhkUuRi4d7K4l4FlLNzAtcWkVhZfwSaQqg2b3jbG+mxVP3ayrhq9C17Fx7c9Tq 2/5mG0ZYrBWG1s/0vM8kMpPEUa8CAwEAAaOCAdYwggHSMB0GA1UdDgQWBBRSwjuX YijZB+V4F9D6CwUtlf/NVzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzA3Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw EgQCAAEwDAMEAGesYAMEAGe95TANBgkqhkiG9w0BAQsFAAOCAQEAS1DJg1SXsbIJ WSUpk/3LrL0D1G3agSeM2bG6OcTb0rWXuKQOXud08xcnur3DcPZR6KP/BYfH5MzT bwQVAjMWY+itPEzzJldnQ0Es4/eiJMG26SLaPNJcZXtnLtYHdbBZM1LaIsO64Kxz PVCk2KRiAvKpOaY7kKZI83SmiHoKmNZNbI9Gp8Buy2loz12hV+d7WR+0LcFi7dVJ 56sFvb6V4IAaH1++V0TUveIsZ3hodksRZs0Zb25pp2GDwmjaLz+cQ0X7mV/Qdun+ 8ta1zINjqUMBJiF/1SqZVCdv2wMuShrWoUrUhvHtkHQlhhoGIog4xZD/5P7M8z+H nf3gtcykCg== -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org