$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa File: AS147131.roa (raw, json) Hash identifier: Re9dIcEXtwrNWOLvZF+I8sIrTE34QVjrDfCDttWrHvQ= Subject key identifier: 24:0A:8C:DF:51:91:F5:3E:49:D7:0A:42:21:00:2C:A9:91:C3:14:D4 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 451505194AAD4695E68D40B408CDD421F5C3AEFC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa Signing time: Thu 20 Jul 2023 08:00:00 +0000 ROA not before: Thu 20 Jul 2023 07:55:00 +0000 ROA not after: Thu 18 Jul 2024 08:00:00 +0000 asID: 147131 IP address blocks: 2001:df1:1ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:15:05:19:4a:ad:46:95:e6:8d:40:b4:08:cd:d4:21:f5:c3:ae:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 20 07:55:00 2023 GMT Not After : Jul 18 08:00:00 2024 GMT Subject: CN=240A8CDF5191F53E49D70A4221002CA991C314D4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:c1:c6:9a:57:27:19:76:0c:04:5d:5f:c2:69: 8b:36:fb:31:dc:98:32:af:a5:f0:35:44:d9:e5:ad: e6:bd:37:f9:95:99:2b:2b:49:0e:27:db:49:fe:a9: ac:77:99:54:eb:0f:af:b5:71:81:41:ed:37:4c:77: b1:bd:b0:b5:92:ce:c9:30:84:18:bf:5a:89:24:27: f0:20:5e:46:02:ca:3c:d3:0f:c3:c9:b7:7c:82:0f: d3:b6:cd:bc:a7:a6:10:16:a5:92:c3:b8:14:e4:37: d2:37:d6:b4:b1:e7:c7:34:8c:30:3b:6b:a2:7a:91: fa:37:16:34:65:e1:c2:e1:4a:89:ae:cc:35:87:92: ac:3d:64:9c:f9:7f:e2:9c:db:67:e3:9a:e5:86:59: a5:33:f4:51:87:13:a2:5b:7a:30:b5:e6:72:8f:37: 3e:d9:ec:03:37:36:54:30:76:e2:25:f8:7e:46:5c: 78:fa:91:e0:30:5f:05:20:0a:06:cc:3e:60:a3:7f: a9:f8:d8:c4:d2:3b:11:18:2f:b8:49:62:2c:e8:7a: 7e:91:a6:38:2e:63:8a:0e:f1:b9:75:6b:07:fe:75: ae:6d:c8:62:2d:8b:fc:0e:22:0c:3c:65:90:65:7a: 94:5e:70:97:dc:eb:45:7b:8e:05:86:c6:d1:b3:e0: d8:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:0A:8C:DF:51:91:F5:3E:49:D7:0A:42:21:00:2C:A9:91:C3:14:D4 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:1ac0::/48 Signature Algorithm: sha256WithRSAEncryption 21:82:e7:56:ad:21:fa:a7:30:64:01:45:c1:74:a9:62:5f:09: 27:4f:aa:b6:29:fa:0f:2b:ad:fe:91:4b:69:07:33:84:8b:90: c4:8e:b9:b1:86:30:bc:f8:fd:1a:bc:6f:7b:36:86:4f:34:1f: 18:eb:55:43:d4:35:5d:62:61:c1:8f:75:a5:ac:b0:4c:5a:f1: 59:4a:76:f4:9b:84:71:13:99:2d:f5:21:0e:37:6d:47:49:75: 48:7d:ef:24:0a:ba:46:08:4a:79:28:14:0d:25:c4:e9:df:2d: 0e:63:a5:fa:63:4b:25:31:d5:96:c1:a9:f0:18:26:eb:33:f6: e4:7f:d4:ef:bc:3a:0d:84:f6:c9:e8:c1:a5:4e:13:b7:98:cc: 2b:6d:39:28:f0:6c:72:d7:36:ff:4b:74:47:b0:30:34:38:83: 31:06:fe:99:6c:b4:a0:c5:4a:af:1e:cd:df:c2:5c:b5:8e:0a: 3d:f9:e5:68:b7:23:e8:5a:4e:39:6e:18:3c:dc:1d:28:f2:5b: 20:b1:18:56:b0:33:82:db:d3:48:73:89:4e:4e:c9:be:d8:a8: 6f:64:01:56:ad:5d:5b:3f:88:be:b7:cc:e7:c9:82:01:74:0a: 4e:ad:82:87:e0:5f:b9:d1:72:7a:a2:66:6f:d0:61:c6:79:a4: c1:22:4a:ab -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIURRUFGUqtRpXmjUC0CM3UIfXDrvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDcyMDA3NTUwMFoX DTI0MDcxODA4MDAwMFowMzExMC8GA1UEAxMoMjQwQThDREY1MTkxRjUzRTQ5RDcw QTQyMjEwMDJDQTk5MUMzMTRENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKDBxppXJxl2DARdX8Jpizb7MdyYMq+l8DVE2eWt5r03+ZWZKytJDifbSf6p rHeZVOsPr7VxgUHtN0x3sb2wtZLOyTCEGL9aiSQn8CBeRgLKPNMPw8m3fIIP07bN vKemEBalksO4FOQ30jfWtLHnxzSMMDtronqR+jcWNGXhwuFKia7MNYeSrD1knPl/ 4pzbZ+Oa5YZZpTP0UYcTolt6MLXmco83PtnsAzc2VDB24iX4fkZcePqR4DBfBSAK Bsw+YKN/qfjYxNI7ERgvuEliLOh6fpGmOC5jig7xuXVrB/51rm3IYi2L/A4iDDxl kGV6lF5wl9zrRXuOBYbG0bPg2K8CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQkCozf UZH1PknXCkIhACypkcMU1DAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzEzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEawDANBgkqhkiG9w0BAQsFAAOCAQEAIYLnVq0h+qcwZAFF wXSpYl8JJ0+qtin6Dyut/pFLaQczhIuQxI65sYYwvPj9GrxvezaGTzQfGOtVQ9Q1 XWJhwY91paywTFrxWUp29JuEcROZLfUhDjdtR0l1SH3vJAq6RghKeSgUDSXE6d8t DmOl+mNLJTHVlsGp8Bgm6zP25H/U77w6DYT2yejBpU4Tt5jMK205KPBsctc2/0t0 R7AwNDiDMQb+mWy0oMVKrx7N38JctY4KPfnlaLcj6FpOOW4YPNwdKPJbILEYVrAz gtvTSHOJTk7Jvtiob2QBVq1dWz+IvrfM58mCAXQKTq2Ch+BfudFyeqJmb9Bhxnmk wSJKqw== -----END CERTIFICATE-----Generated at Wed May 8 17:45:22 2024 by rpki-client on console-ams.rpki-client.org