$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147107.roa File: AS147107.roa (raw, json) Hash identifier: yNI4L96H3ICb8xNflID4kqQ1agH/B7+mflKG9LfBxow= Subject key identifier: 72:A7:C4:64:28:D7:20:53:0F:90:56:E0:39:A5:EC:5B:F6:6C:6C:83 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1398A7ADAFFDFB7CFAB03865DF2E225BB77C4207 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147107.roa Signing time: Fri 23 Feb 2024 07:00:00 +0000 ROA not before: Fri 23 Feb 2024 06:55:00 +0000 ROA not after: Fri 21 Feb 2025 07:00:00 +0000 asID: 147107 IP address blocks: 2400:e420::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:98:a7:ad:af:fd:fb:7c:fa:b0:38:65:df:2e:22:5b:b7:7c:42:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 23 06:55:00 2024 GMT Not After : Feb 21 07:00:00 2025 GMT Subject: CN=72A7C46428D720530F9056E039A5EC5BF66C6C83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7b:c9:8f:75:d7:96:bc:d5:63:77:5c:3b:9e: 7f:3d:8e:3b:48:f5:ce:b4:7f:d3:e2:68:81:98:3f: 00:ef:f5:1c:57:77:d4:f8:87:5b:17:39:0b:1f:4d: 8a:41:78:07:e3:f3:ff:02:b7:16:f0:a8:ba:df:8c: 7b:ec:0b:7f:f7:01:bd:3c:4a:cb:4f:a1:08:f8:60: c6:2d:17:99:9d:1f:d1:6e:95:9e:4b:a4:a7:f1:3f: 91:82:99:15:ef:10:cb:3a:fb:51:95:e8:55:6c:c7: 23:34:d7:4b:22:d8:03:02:98:b8:a8:b5:92:03:91: fb:49:ec:c1:21:f7:5b:93:fc:ae:38:4d:e7:c3:5f: 15:59:07:e3:7f:11:f3:4c:af:9a:ed:8f:77:38:e9: 2b:01:fc:5b:da:61:fd:84:dd:cf:c8:aa:0e:b7:d0: 2e:14:7d:24:7e:86:af:e2:16:7c:86:58:ef:9f:4b: 07:a8:43:81:5c:6a:a7:02:b9:75:e8:d8:3a:dd:87: 0c:22:64:43:ca:f5:5e:bb:66:a3:11:39:b4:45:9f: ca:2c:32:01:81:e0:9b:b1:c4:61:86:73:e7:6a:f5: e9:20:5c:0e:bf:ce:4d:e4:3b:9c:0d:10:78:f8:55: 8b:8d:31:26:9f:9b:7a:b1:0f:13:62:bd:94:a4:29: f2:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:A7:C4:64:28:D7:20:53:0F:90:56:E0:39:A5:EC:5B:F6:6C:6C:83 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147107.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:e420::/32 Signature Algorithm: sha256WithRSAEncryption 43:d2:72:d6:46:b6:50:c9:1e:f9:97:38:f0:13:60:4c:d5:6d: 72:da:55:1f:11:72:55:b8:e8:98:cd:01:f9:6a:9c:2a:c9:0d: de:8b:65:f7:da:69:e6:19:85:ba:e7:fc:38:a5:26:fc:5d:10: 7c:d6:1c:0f:31:9f:46:56:d5:a0:5f:7a:ea:63:da:31:68:b0: 11:1f:25:0a:fc:fc:c7:58:5a:48:13:5f:7c:0c:72:56:09:52: 47:36:c9:77:0a:14:9f:6e:56:89:8b:f1:7b:24:0c:2e:df:ee: a7:89:aa:b6:c1:57:0b:25:83:3c:d2:c0:18:49:a6:00:cd:ec: a1:7c:ff:c9:09:88:05:07:aa:52:66:55:70:9c:a3:8c:81:07: 4b:0e:8c:ea:f6:e3:0d:8c:da:0e:c3:8f:3b:71:18:81:0b:b4: 57:d9:bf:1e:f6:3a:65:0c:69:22:53:6b:18:ff:76:de:00:43: 6c:5e:09:47:50:df:8e:7e:24:90:b1:0a:a6:24:a5:bb:6a:89: 35:ab:af:56:c9:89:76:40:af:67:ae:92:ee:3d:6f:7a:ea:60: 5e:e3:19:13:00:2c:b2:04:20:36:7a:1d:e8:cd:13:44:d7:a5: cc:83:b7:0c:d4:8e:4f:48:c3:6a:03:bf:c9:c1:44:96:68:e8: fb:dd:7d:bf -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUE5inra/9+3z6sDhl3y4iW7d8QgcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIyMzA2NTUwMFoX DTI1MDIyMTA3MDAwMFowMzExMC8GA1UEAxMoNzJBN0M0NjQyOEQ3MjA1MzBGOTA1 NkUwMzlBNUVDNUJGNjZDNkM4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJx7yY9115a81WN3XDuefz2OO0j1zrR/0+JogZg/AO/1HFd31PiHWxc5Cx9N ikF4B+Pz/wK3FvCout+Me+wLf/cBvTxKy0+hCPhgxi0XmZ0f0W6Vnkukp/E/kYKZ Fe8Qyzr7UZXoVWzHIzTXSyLYAwKYuKi1kgOR+0nswSH3W5P8rjhN58NfFVkH438R 80yvmu2PdzjpKwH8W9ph/YTdz8iqDrfQLhR9JH6Gr+IWfIZY759LB6hDgVxqpwK5 dejYOt2HDCJkQ8r1XrtmoxE5tEWfyiwyAYHgm7HEYYZz52r16SBcDr/OTeQ7nA0Q ePhVi40xJp+berEPE2K9lKQp8k8CAwEAAaOCAdEwggHNMB0GA1UdDgQWBBRyp8Rk KNcgUw+QVuA5pexb9mxsgzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzEwNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8w DQQCAAIwBwMFACQA5CAwDQYJKoZIhvcNAQELBQADggEBAEPSctZGtlDJHvmXOPAT YEzVbXLaVR8RclW46JjNAflqnCrJDd6LZffaaeYZhbrn/DilJvxdEHzWHA8xn0ZW 1aBfeupj2jFosBEfJQr8/MdYWkgTX3wMclYJUkc2yXcKFJ9uVomL8XskDC7f7qeJ qrbBVwslgzzSwBhJpgDN7KF8/8kJiAUHqlJmVXCco4yBB0sOjOr24w2M2g7Djztx GIELtFfZvx72OmUMaSJTaxj/dt4AQ2xeCUdQ345+JJCxCqYkpbtqiTWrr1bJiXZA r2euku49b3rqYF7jGRMALLIEIDZ6HejNE0TXpcyDtwzUjk9Iw2oDv8nBRJZo6Pvd fb8= -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org