$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151544.roa File: AS151544.roa (raw, json) Hash identifier: i5momBpT7BMfnrm/VFcRKDNo7egDBGkj/pq0eNJW06Q= Subject key identifier: D4:FF:60:BE:CF:09:0B:62:DE:72:25:54:E1:23:BB:05:06:A7:4D:0E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 213972D2157C519886718A04EF46F08C4C6F4169 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151544.roa Signing time: Mon 18 Sep 2023 06:14:24 +0000 ROA not before: Mon 18 Sep 2023 06:09:24 +0000 ROA not after: Mon 16 Sep 2024 06:14:24 +0000 asID: 151544 IP address blocks: 103.245.159.0/24 maxlen: 24 2001:df2:f0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:39:72:d2:15:7c:51:98:86:71:8a:04:ef:46:f0:8c:4c:6f:41:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 18 06:09:24 2023 GMT Not After : Sep 16 06:14:24 2024 GMT Subject: CN=D4FF60BECF090B62DE722554E123BB0506A74D0E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:11:4d:12:19:04:ad:b6:be:d8:af:30:34:c9: 7c:c3:94:b8:b2:90:09:bf:56:1e:a4:fd:e9:1a:97: 2f:f8:0a:65:f9:c8:77:22:bd:0c:b9:07:4a:bf:97: 8c:b4:80:2b:4c:d7:83:6f:2a:03:c3:e1:f7:2c:b0: 57:65:83:d9:04:65:3a:0a:9a:66:87:fb:3d:42:c2: 4f:26:95:49:f2:f1:79:2d:c1:89:aa:85:21:52:75: 50:3a:54:d6:bd:ba:c7:7a:ea:bb:48:ea:0f:91:5b: 53:6d:8f:68:4e:f1:1a:7c:27:d7:4d:fa:2a:57:0c: 4a:e3:5e:86:3e:00:47:69:1d:da:2b:7e:13:79:87: b5:15:63:d9:d4:3f:e7:e1:73:e2:a6:05:26:53:d6: f1:ad:24:97:40:b6:2a:91:62:37:3b:c3:ce:b0:e6: 86:5b:09:7b:cb:d9:f8:12:a1:3f:b2:36:e1:81:a9: d3:68:bc:72:76:70:c5:c8:17:7e:b4:c7:ef:e5:f4: 7c:60:1b:0b:d5:e7:78:42:bc:76:05:64:36:66:ca: 19:13:e6:6c:9b:8c:5f:61:43:56:a2:5c:af:4b:fc: 21:c7:4f:19:a9:1c:0f:f2:c7:dc:bf:d6:d1:c0:63: 94:89:f2:88:d3:73:8b:18:93:8e:f6:31:12:c0:fb: 8b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:FF:60:BE:CF:09:0B:62:DE:72:25:54:E1:23:BB:05:06:A7:4D:0E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151544.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.245.159.0/24 IPv6: 2001:df2:f0c0::/48 Signature Algorithm: sha256WithRSAEncryption 6a:e5:b4:fc:6f:43:5d:1b:45:b3:45:dc:80:0a:d6:c3:dd:56: 41:67:ac:cb:38:21:e8:bd:70:7c:a4:5b:cb:d6:1f:b2:f4:1d: 81:00:2f:60:40:85:a4:ed:e7:89:f9:5b:29:f7:6f:d6:b9:6e: 22:d3:17:3c:87:9b:aa:92:63:8d:fe:33:17:4d:fb:6e:cd:53: b0:fd:9a:4b:00:7d:dc:02:c5:b2:c3:34:fe:01:0b:8e:bb:63: 9f:56:ee:ef:5b:70:44:da:2a:30:3b:30:22:d1:9b:52:36:99: 4a:81:05:ef:79:69:1a:40:0e:32:96:ad:c1:bd:f5:cf:84:6c: b8:ba:6f:09:28:51:bd:8a:d0:6b:39:34:9d:8c:41:d2:c0:bc: 33:97:f5:5d:4a:af:b5:43:5f:bd:d6:b5:2d:2b:aa:e8:80:d8: 66:a1:61:0a:14:03:85:b6:6d:c9:9f:5e:cc:63:89:7b:88:54: 0b:6a:57:77:2a:d6:7d:0a:55:c8:88:a3:9e:4e:b7:27:5b:4a: ac:28:49:cc:e9:e4:9c:43:a5:15:51:77:d4:f7:d7:00:6a:13: cf:95:68:e2:f5:8d:9c:ad:04:19:d1:8a:7c:b8:7b:e0:8a:ab: 6c:85:23:e4:23:97:6e:c8:97:b3:ea:d3:15:d6:6b:a5:80:74: 15:dd:a4:fb -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgIUITly0hV8UZiGcYoE70bwjExvQWkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkxODA2MDkyNFoX DTI0MDkxNjA2MTQyNFowMzExMC8GA1UEAxMoRDRGRjYwQkVDRjA5MEI2MkRFNzIy NTU0RTEyM0JCMDUwNkE3NEQwRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJkRTRIZBK22vtivMDTJfMOUuLKQCb9WHqT96RqXL/gKZfnIdyK9DLkHSr+X jLSAK0zXg28qA8Ph9yywV2WD2QRlOgqaZof7PULCTyaVSfLxeS3BiaqFIVJ1UDpU 1r26x3rqu0jqD5FbU22PaE7xGnwn1036KlcMSuNehj4AR2kd2it+E3mHtRVj2dQ/ 5+Fz4qYFJlPW8a0kl0C2KpFiNzvDzrDmhlsJe8vZ+BKhP7I24YGp02i8cnZwxcgX frTH7+X0fGAbC9XneEK8dgVkNmbKGRPmbJuMX2FDVqJcr0v8IcdPGakcD/LH3L/W 0cBjlInyiNNzixiTjvYxEsD7i8kCAwEAAaOCAeEwggHdMB0GA1UdDgQWBBTU/2C+ zwkLYt5yJVThI7sFBqdNDjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTU0NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8w DAQCAAEwBgMEAGf1nzAPBAIAAjAJAwcAIAEN8vDAMA0GCSqGSIb3DQEBCwUAA4IB AQBq5bT8b0NdG0WzRdyACtbD3VZBZ6zLOCHovXB8pFvL1h+y9B2BAC9gQIWk7eeJ +Vsp92/WuW4i0xc8h5uqkmON/jMXTftuzVOw/ZpLAH3cAsWywzT+AQuOu2OfVu7v W3BE2iowOzAi0ZtSNplKgQXveWkaQA4ylq3BvfXPhGy4um8JKFG9itBrOTSdjEHS wLwzl/VdSq+1Q1+91rUtK6rogNhmoWEKFAOFtm3Jn17MY4l7iFQLald3KtZ9ClXI iKOeTrcnW0qsKEnM6eScQ6UVUXfU99cAahPPlWji9Y2crQQZ0Yp8uHvgiqtshSPk I5duyJez6tMV1mulgHQV3aT7 -----END CERTIFICATE-----Generated at Wed May 8 18:12:18 2024 by rpki-client on console-fra.rpki-client.org