$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa File: AS151009.roa (raw, json) Hash identifier: GigUSzZNG3U42yr3vcbJlZhbKd0gsjdyUshq/LW/Ogc= Subject key identifier: 4F:5C:DF:BF:BD:B9:1A:7E:2F:5C:98:7B:56:C2:F6:02:19:67:11:BD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5C77F910000ED1B9FD235071FA97C9D1518EA6A3 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa Signing time: Fri 05 Jul 2024 09:00:00 +0000 ROA not before: Fri 05 Jul 2024 08:55:00 +0000 ROA not after: Fri 04 Jul 2025 09:00:00 +0000 asID: 151009 IP address blocks: 103.214.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:77:f9:10:00:0e:d1:b9:fd:23:50:71:fa:97:c9:d1:51:8e:a6:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 5 08:55:00 2024 GMT Not After : Jul 4 09:00:00 2025 GMT Subject: CN=4F5CDFBFBDB91A7E2F5C987B56C2F602196711BD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:58:fc:ae:93:66:85:66:ad:be:f4:fc:1e:e3: 98:ad:56:d7:55:fb:af:23:af:71:9d:10:a2:3f:60: e7:2b:be:72:13:d4:e8:d2:e2:e2:af:bd:c7:f6:f9: 0f:ae:60:f8:a8:2a:cc:d2:c0:9f:d7:33:2f:b4:ea: 6a:d4:19:94:28:33:7c:03:7a:2c:d7:ee:f5:f6:f6: 0d:16:97:c1:83:45:6a:27:a3:b6:8b:e5:44:a6:2a: 6c:15:e6:9a:ef:d1:27:2d:de:9a:f6:7a:d7:26:bb: b6:b6:e9:85:84:5a:db:0c:fc:e2:1a:f3:62:76:8c: 17:d9:08:10:79:bc:22:cf:df:5d:d1:4a:5e:d1:96: ba:96:9b:9a:c8:11:71:28:9c:e3:1d:d2:24:dd:4b: 11:5d:92:db:46:ba:68:6b:15:eb:c4:6b:0a:b9:87: 84:00:95:b5:94:79:cc:47:f6:39:a9:64:17:af:ff: 48:09:d1:e4:89:ea:69:30:05:02:bd:9e:e0:e4:6f: bc:15:b1:d7:43:3a:68:7c:76:cb:62:f2:bc:6c:f8: 3b:1d:1d:26:06:06:c6:08:04:24:ae:d1:9f:14:f5: 6f:55:38:67:55:28:87:20:0c:bb:2f:2c:9b:65:4e: 5f:27:ab:c4:15:9d:e6:19:fd:9f:39:b7:31:e3:3a: f3:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:5C:DF:BF:BD:B9:1A:7E:2F:5C:98:7B:56:C2:F6:02:19:67:11:BD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.214.251.0/24 Signature Algorithm: sha256WithRSAEncryption 25:c4:ca:12:20:8f:79:16:0b:a3:52:b9:44:27:3e:a9:ec:fa: d1:f6:d0:c5:de:7c:cb:79:72:9c:31:be:fd:a1:a1:81:44:78: 68:07:76:e7:ef:89:ef:81:e7:93:ff:18:54:74:35:82:fe:ee: 10:48:54:8f:28:4c:bf:6a:28:9d:c8:65:0f:1d:19:a8:21:74: 78:fa:fe:95:6c:74:ee:6c:82:f2:97:4a:4b:96:21:fb:7b:7b: 7d:f4:c6:39:57:a1:ee:fe:1c:ca:03:01:7c:98:19:ad:6d:f0: 2b:e4:08:3b:d9:2e:41:7f:cc:4a:80:ae:6c:05:78:76:2f:07: ef:37:2c:3e:ae:34:1d:35:bc:af:5b:d1:ad:40:cc:f2:8a:aa: 1e:cd:c8:ff:9b:f0:88:0c:43:d9:ac:be:4e:98:7c:f2:f3:39: 87:db:6b:af:7a:74:3b:15:d2:61:08:68:73:9e:87:e4:7d:82: 4e:57:fd:a0:da:74:fa:8a:5f:56:a0:98:eb:3a:32:e2:18:9a: 7c:c5:15:5a:bc:8b:3a:3b:14:19:7d:bc:54:6d:a9:34:68:2f: 46:a6:fd:09:3a:85:2a:03:a4:4c:e2:b9:f7:a6:5a:ed:1c:cb: 00:c1:fe:f3:35:49:08:59:6d:cc:ae:3d:4b:71:a2:4a:4d:94: ef:14:99:57 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUXHf5EAAO0bn9I1Bx+pfJ0VGOpqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwNTA4NTUwMFoX DTI1MDcwNDA5MDAwMFowMzExMC8GA1UEAxMoNEY1Q0RGQkZCREI5MUE3RTJGNUM5 ODdCNTZDMkY2MDIxOTY3MTFCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANhY/K6TZoVmrb70/B7jmK1W11X7ryOvcZ0Qoj9g5yu+chPU6NLi4q+9x/b5 D65g+KgqzNLAn9czL7TqatQZlCgzfAN6LNfu9fb2DRaXwYNFaiejtovlRKYqbBXm mu/RJy3emvZ61ya7trbphYRa2wz84hrzYnaMF9kIEHm8Is/fXdFKXtGWupabmsgR cSic4x3SJN1LEV2S20a6aGsV68RrCrmHhACVtZR5zEf2OalkF6//SAnR5InqaTAF Ar2e4ORvvBWx10M6aHx2y2LyvGz4Ox0dJgYGxggEJK7RnxT1b1U4Z1UohyAMuy8s m2VOXyerxBWd5hn9nzm3MeM680sCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRPXN+/ vbkafi9cmHtWwvYCGWcRvTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTAwOS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAGfW+zANBgkqhkiG9w0BAQsFAAOCAQEAJcTKEiCPeRYLo1K5RCc+ qez60fbQxd58y3lynDG+/aGhgUR4aAd25++J74Hnk/8YVHQ1gv7uEEhUjyhMv2oo nchlDx0ZqCF0ePr+lWx07myC8pdKS5Yh+3t7ffTGOVeh7v4cygMBfJgZrW3wK+QI O9kuQX/MSoCubAV4di8H7zcsPq40HTW8r1vRrUDM8oqqHs3I/5vwiAxD2ay+Tph8 8vM5h9trr3p0OxXSYQhoc56H5H2CTlf9oNp0+opfVqCY6zoy4hiafMUVWryLOjsU GX28VG2pNGgvRqb9CTqFKgOkTOK596Za7RzLAMH+8zVJCFltzK49S3GiSk2U7xSZ Vw== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:29 2024 by rpki-client on console-ams.rpki-client.org