$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa File: AS147131.roa (raw, json) Hash identifier: 5bgyF35itWEeBI8YpAPUAcBwJaNUOPvAkOxFH9jSe+k= Subject key identifier: B4:AE:79:03:78:94:15:8C:DF:18:EA:65:41:3C:12:BD:3E:03:48:EF Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7ACF63D6614CD16DC2D9F9C5AA829892D86A5F01 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa Signing time: Thu 20 Jun 2024 08:00:00 +0000 ROA not before: Thu 20 Jun 2024 07:55:00 +0000 ROA not after: Thu 19 Jun 2025 08:00:00 +0000 asID: 147131 IP address blocks: 2001:df1:1ac0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:cf:63:d6:61:4c:d1:6d:c2:d9:f9:c5:aa:82:98:92:d8:6a:5f:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 20 07:55:00 2024 GMT Not After : Jun 19 08:00:00 2025 GMT Subject: CN=B4AE79037894158CDF18EA65413C12BD3E0348EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:96:ba:54:b5:57:b9:1e:9e:2b:27:0e:da:9f: 10:05:78:3b:38:aa:e1:de:88:6f:9f:95:c0:48:ed: a5:03:54:16:f1:08:80:4a:44:0b:52:f3:33:83:46: 43:29:1c:65:ef:94:1f:4b:31:50:b8:c1:cd:70:d2: a4:aa:6a:b6:96:db:9e:92:e9:a3:10:58:fd:8c:16: 2c:a5:b8:16:2b:90:44:49:6d:70:4e:c7:78:37:5f: a8:aa:57:f8:98:7d:57:64:b3:ce:c9:e1:09:60:18: 3f:be:09:b9:1d:00:1b:71:ca:85:4d:d0:28:9a:1a: 33:4c:20:02:60:84:8f:01:68:5e:2f:0a:ca:21:46: 5b:21:6d:b1:51:c4:72:01:03:c8:0b:da:86:7e:bf: 21:70:7f:56:cc:d8:7a:de:5a:f1:23:21:46:e0:db: 6a:c0:9c:b6:a9:05:35:14:de:31:e7:35:28:50:0b: 74:df:1a:3e:1a:8a:1c:78:9b:d3:c7:fd:ce:cc:e5: 70:9f:35:1a:26:c7:a6:7a:b8:25:0f:81:10:5c:59: 76:08:63:be:0b:cc:0d:c3:0e:d5:01:60:73:90:fd: 41:ef:5b:65:62:37:aa:d1:12:bd:9b:94:6e:ce:53: 75:ca:c2:ec:ea:b2:bd:91:60:9c:18:fd:c4:82:11: 1d:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:AE:79:03:78:94:15:8C:DF:18:EA:65:41:3C:12:BD:3E:03:48:EF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS147131.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df1:1ac0::/48 Signature Algorithm: sha256WithRSAEncryption 60:16:80:15:06:61:4a:ca:d8:70:52:d9:49:9d:2b:66:a3:7a: ef:f4:cb:a7:50:50:49:ee:f3:a4:c5:20:13:38:06:a4:c9:e9: ce:b5:a9:66:36:0c:de:13:f5:4d:0c:0f:d3:f9:3f:e5:7b:fc: f9:1e:a2:df:4b:3f:f2:f3:9d:bc:da:63:33:fb:f2:f7:d3:ca: 22:12:fc:e3:4a:61:c7:71:07:0a:44:52:51:59:f1:92:fa:5f: c6:de:a6:55:3a:83:d6:3d:14:21:7b:5a:fa:ce:f4:3f:26:f1: 47:c8:0f:7a:1a:70:00:80:0b:bf:b0:97:23:10:8c:e3:0b:c9: 74:fd:c1:b7:47:4f:d1:96:4d:73:63:46:91:c5:85:b0:55:f8: b3:81:9b:d9:a9:0e:c8:ce:42:8e:b2:52:3a:4b:f5:0f:d4:6a: 99:f3:d0:4b:86:c6:06:48:cd:c5:ce:1f:d2:68:9c:b5:d8:92: 56:ca:2d:5c:84:08:21:85:8b:7b:e1:15:4f:32:cb:76:98:88: 75:00:2a:74:11:ea:21:1e:2a:ea:64:72:70:ca:37:66:96:eb: e7:c5:ba:b9:53:29:ee:bc:61:92:e3:c0:ce:f8:2c:46:e1:1a: f5:e5:42:01:29:bd:88:89:4f:d5:8b:5a:73:62:fe:20:1d:d9: d2:f9:25:56 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUes9j1mFM0W3C2fnFqoKYkthqXwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYyMDA3NTUwMFoX DTI1MDYxOTA4MDAwMFowMzExMC8GA1UEAxMoQjRBRTc5MDM3ODk0MTU4Q0RGMThF QTY1NDEzQzEyQkQzRTAzNDhFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMSWulS1V7kenisnDtqfEAV4Oziq4d6Ib5+VwEjtpQNUFvEIgEpEC1LzM4NG QykcZe+UH0sxULjBzXDSpKpqtpbbnpLpoxBY/YwWLKW4FiuQREltcE7HeDdfqKpX +Jh9V2SzzsnhCWAYP74JuR0AG3HKhU3QKJoaM0wgAmCEjwFoXi8KyiFGWyFtsVHE cgEDyAvahn6/IXB/VszYet5a8SMhRuDbasCctqkFNRTeMec1KFALdN8aPhqKHHib 08f9zszlcJ81GibHpnq4JQ+BEFxZdghjvgvMDcMO1QFgc5D9Qe9bZWI3qtESvZuU bs5TdcrC7OqyvZFgnBj9xIIRHQ0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBS0rnkD eJQVjN8Y6mVBPBK9PgNI7zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0NzEzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfEawDANBgkqhkiG9w0BAQsFAAOCAQEAYBaAFQZhSsrYcFLZ SZ0rZqN67/TLp1BQSe7zpMUgEzgGpMnpzrWpZjYM3hP1TQwP0/k/5Xv8+R6i30s/ 8vOdvNpjM/vy99PKIhL840phx3EHCkRSUVnxkvpfxt6mVTqD1j0UIXta+s70Pybx R8gPehpwAIALv7CXIxCM4wvJdP3Bt0dP0ZZNc2NGkcWFsFX4s4Gb2akOyM5CjrJS Okv1D9RqmfPQS4bGBkjNxc4f0mictdiSVsotXIQIIYWLe+EVTzLLdpiIdQAqdBHq IR4q6mRycMo3Zpbr58W6uVMp7rxhkuPAzvgsRuEa9eVCASm9iIlP1Ytac2L+IB3Z 0vklVg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:26 2024 by rpki-client on console-fra.rpki-client.org