$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151522.roa File: AS151522.roa (raw, json) Hash identifier: 7QkJihsLQZZzblice/9cnNN9oQEcJmL4wDRUCYG2qLE= Subject key identifier: 87:77:D0:67:26:06:D2:A4:C2:3C:29:53:E2:12:A6:94:96:10:96:3B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1D292C801C020E37830CE0198E0C86E56AF080DF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151522.roa Signing time: Fri 17 Nov 2023 03:41:28 +0000 ROA not before: Fri 17 Nov 2023 03:36:28 +0000 ROA not after: Fri 15 Nov 2024 03:41:28 +0000 asID: 151522 IP address blocks: 103.234.124.0/23 maxlen: 24 2001:df3:c40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:29:2c:80:1c:02:0e:37:83:0c:e0:19:8e:0c:86:e5:6a:f0:80:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 17 03:36:28 2023 GMT Not After : Nov 15 03:41:28 2024 GMT Subject: CN=8777D0672606D2A4C23C2953E212A6949610963B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1a:1f:b0:69:f4:1c:79:c1:6c:d0:ac:61:38: 58:6c:32:b2:8a:e4:ae:8f:8d:4e:3d:29:f6:7e:40: f8:27:ac:cb:ef:74:32:d1:a7:7a:62:36:7f:53:2d: 53:6e:22:6b:bc:25:2f:25:f5:6e:26:8f:f1:5d:ce: 4b:3d:25:05:56:9c:6d:ba:b3:9a:80:0c:00:3d:a5: 7a:a5:ec:a5:79:15:16:0c:87:0d:ff:94:b2:e3:ef: 88:8c:00:09:ee:38:c6:e1:2c:42:2a:4a:d9:40:d7: 9b:b4:75:66:7f:8c:57:bb:c5:d0:22:37:e3:18:fe: 47:bc:88:c4:74:6b:c7:fc:7c:74:51:da:a2:77:d6: 94:ed:99:78:ad:80:e4:2d:1f:11:04:9f:0a:43:8b: f2:be:0e:44:0f:46:f4:fc:d2:b5:dc:8a:95:a1:b7: 7b:6a:d3:47:01:33:39:75:5b:de:c4:15:97:74:38: f9:43:f4:08:b5:b3:ca:ff:c4:98:72:a4:2e:77:9d: 55:43:ca:4c:52:c5:00:88:78:6b:ae:cd:d1:ea:bb: ba:a8:a0:98:57:59:e0:7f:0c:72:fc:b1:e6:ab:7a: f9:30:df:d9:51:81:1e:eb:dd:ec:6b:a1:07:fa:43: b5:ae:bc:cd:a6:71:d3:ef:d3:6c:9a:d9:e1:ff:7d: a4:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:77:D0:67:26:06:D2:A4:C2:3C:29:53:E2:12:A6:94:96:10:96:3B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151522.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.234.124.0/23 IPv6: 2001:df3:c40::/48 Signature Algorithm: sha256WithRSAEncryption 50:7f:f4:30:12:17:a9:2a:09:5f:59:f1:85:a5:b6:3f:55:5b: aa:59:3c:c8:ed:5a:e3:02:34:57:41:31:44:49:fa:65:f9:bc: 90:7b:a7:a9:04:9b:1a:a6:94:92:97:4b:72:93:88:0a:4d:07: 9b:47:73:bb:80:47:59:a6:e6:ff:6d:fc:c8:e1:97:21:6f:8c: 23:ae:2d:b0:15:ee:1e:33:c8:60:c4:bd:81:f6:0a:0b:a0:7f: bf:af:6b:77:d1:42:cf:8f:94:c6:3e:08:3d:61:df:da:6c:e2: 8a:d7:f9:b6:33:dc:43:6c:fb:36:47:e1:06:7a:bb:a8:68:54: d1:68:34:0f:38:fc:d2:f3:e8:d1:1e:1f:93:b9:24:70:f0:d5: 9b:e7:90:10:09:c2:93:fa:44:5c:67:dd:a4:fa:f7:66:1a:98: 99:a3:46:67:e3:f2:36:06:fd:76:0d:cc:8e:e9:7b:e3:c9:99: 77:f4:f9:2b:ee:45:e4:d3:a4:1d:5d:8b:44:f9:54:4f:8f:81: 85:46:d1:9a:d9:5e:27:e9:08:99:32:a8:70:26:a4:53:6a:71: 60:d8:6c:56:65:be:a2:64:fc:e8:4e:e3:36:b9:2d:cd:1a:c0: 13:bb:9e:34:8f:a1:70:ba:56:aa:07:45:27:2b:fe:b0:61:1d: d8:c8:db:97 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUHSksgBwCDjeDDOAZjgyG5WrwgN8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTExNzAzMzYyOFoX DTI0MTExNTAzNDEyOFowMzExMC8GA1UEAxMoODc3N0QwNjcyNjA2RDJBNEMyM0My OTUzRTIxMkE2OTQ5NjEwOTYzQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ0aH7Bp9Bx5wWzQrGE4WGwysorkro+NTj0p9n5A+Cesy+90MtGnemI2f1Mt U24ia7wlLyX1biaP8V3OSz0lBVacbbqzmoAMAD2leqXspXkVFgyHDf+UsuPviIwA Ce44xuEsQipK2UDXm7R1Zn+MV7vF0CI34xj+R7yIxHRrx/x8dFHaonfWlO2ZeK2A 5C0fEQSfCkOL8r4ORA9G9PzStdyKlaG3e2rTRwEzOXVb3sQVl3Q4+UP0CLWzyv/E mHKkLnedVUPKTFLFAIh4a67N0eq7uqigmFdZ4H8Mcvyx5qt6+TDf2VGBHuvd7Guh B/pDta68zaZx0+/TbJrZ4f99pGcCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBSHd9Bn JgbSpMI8KVPiEqaUlhCWOzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTUyMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAWfqfDAPBAIAAjAJAwcAIAEN8wxAMA0GCSqGSIb3DQEBCwUAA4IB AQBQf/QwEhepKglfWfGFpbY/VVuqWTzI7VrjAjRXQTFESfpl+byQe6epBJsappSS l0tyk4gKTQebR3O7gEdZpub/bfzI4Zchb4wjri2wFe4eM8hgxL2B9goLoH+/r2t3 0ULPj5TGPgg9Yd/abOKK1/m2M9xDbPs2R+EGeruoaFTRaDQPOPzS8+jRHh+TuSRw 8NWb55AQCcKT+kRcZ92k+vdmGpiZo0Zn4/I2Bv12DcyO6XvjyZl39Pkr7kXk06Qd XYtE+VRPj4GFRtGa2V4n6QiZMqhwJqRTanFg2GxWZb6iZPzoTuM2uS3NGsATu540 j6FwulaqB0UnK/6wYR3YyNuX -----END CERTIFICATE-----Generated at Wed May 8 09:50:40 2024 by rpki-client on console-fra.rpki-client.org