$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151567.roa File: AS151567.roa (raw, json) Hash identifier: Wh5G9SbXfL2Qr24SViKU3B6oZWC22U/N51HgX0vG9O8= Subject key identifier: FE:5B:57:FD:B7:0E:9D:31:89:34:7D:8A:4E:DD:76:CD:3C:01:8D:4B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 33541CB7373BBD945F6661F730539FAF95F3857F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151567.roa Signing time: Mon 11 Sep 2023 04:14:43 +0000 ROA not before: Mon 11 Sep 2023 04:09:43 +0000 ROA not after: Mon 09 Sep 2024 04:14:43 +0000 asID: 151567 IP address blocks: 103.38.104.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:54:1c:b7:37:3b:bd:94:5f:66:61:f7:30:53:9f:af:95:f3:85:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 11 04:09:43 2023 GMT Not After : Sep 9 04:14:43 2024 GMT Subject: CN=FE5B57FDB70E9D3189347D8A4EDD76CD3C018D4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:90:21:4c:e8:ef:ee:6d:f9:16:a6:df:7c:2b: b6:24:69:4e:d3:62:78:61:ac:8d:64:43:75:29:57: 2a:4f:e5:a6:53:2c:a1:a7:0c:2c:29:94:29:5b:33: 7f:08:a3:a9:53:48:9a:a5:a2:75:0c:95:a8:23:38: 73:9a:a6:63:62:70:89:f4:56:97:e7:92:26:ec:66: ae:c3:0e:8d:88:8e:8d:6b:3a:1b:d3:5d:ba:35:6b: 8e:b0:05:60:30:4e:59:65:d1:68:d6:1f:71:98:d0: ab:ce:6c:c2:88:38:19:8c:e0:cd:05:c4:7f:22:8a: db:67:0f:fa:0c:21:2c:d0:19:27:01:35:e4:e4:3a: f4:93:29:f8:9b:94:f8:53:db:5e:df:da:90:7a:a3: 17:4c:fc:9b:38:ce:ae:6a:7f:ab:c3:4a:62:cf:12: 38:79:33:ab:fd:ca:ae:94:89:88:29:1d:4b:5e:c3: c6:bb:c5:24:4c:e8:ea:3b:bb:c7:70:8a:76:76:e2: b1:bd:e8:91:5a:41:7b:18:ed:29:30:9d:fe:30:ab: 58:8d:ec:b0:8d:db:43:3d:89:e8:35:fe:49:42:dd: 94:48:f1:2d:df:67:e7:cc:47:4e:ca:62:d7:79:fc: f4:ce:5b:11:a7:7a:b6:c1:dc:39:d1:ef:74:8a:2f: 3e:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:5B:57:FD:B7:0E:9D:31:89:34:7D:8A:4E:DD:76:CD:3C:01:8D:4B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS151567.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.38.104.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:f8:1d:da:9e:5b:6b:40:28:3a:65:f9:ff:60:e8:fb:0b:d0: a8:d3:eb:57:f2:83:4e:93:89:c4:99:4b:d1:d4:56:4c:16:99: e6:b9:d7:f9:b8:17:a4:22:af:ea:07:4e:40:7b:6e:9c:d7:79: c2:a3:3b:f2:9e:56:9f:77:f4:38:f0:10:95:01:ea:d6:23:16: ca:d1:43:ae:4c:4f:87:19:50:83:f6:4e:ef:41:80:5d:e3:aa: 78:1b:4a:12:c8:d0:ce:e8:1a:61:2b:c6:4e:44:43:85:95:60: 1b:42:ea:06:bf:b6:72:f0:07:96:f3:7e:fc:21:c3:f4:02:9a: 94:f2:76:9a:17:b3:3f:fe:29:d2:0a:1b:c0:f8:e7:a2:2b:3b: 72:c1:3f:3b:9a:79:cb:9f:b3:96:ad:69:bb:ea:5f:57:96:51: 4c:1d:7b:f9:e2:f7:ee:f1:92:be:fa:bb:38:da:ac:36:a5:2c: f3:e1:23:54:ba:07:b3:bb:4e:58:d8:24:33:93:51:97:17:6f: b4:5a:a5:40:fc:98:77:3b:90:45:58:f1:0d:c3:a7:a1:bf:98: a1:58:3a:7b:94:82:d9:56:3b:84:27:9d:99:c6:7b:51:aa:be: c8:f7:f0:7f:59:83:fd:be:e8:18:ea:05:1b:8c:fe:aa:02:6b: a5:71:2c:ab -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUM1Qctzc7vZRfZmH3MFOfr5XzhX8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkxMTA0MDk0M1oX DTI0MDkwOTA0MTQ0M1owMzExMC8GA1UEAxMoRkU1QjU3RkRCNzBFOUQzMTg5MzQ3 RDhBNEVERDc2Q0QzQzAxOEQ0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+QIUzo7+5t+Ram33wrtiRpTtNieGGsjWRDdSlXKk/lplMsoacMLCmUKVsz fwijqVNImqWidQyVqCM4c5qmY2JwifRWl+eSJuxmrsMOjYiOjWs6G9NdujVrjrAF YDBOWWXRaNYfcZjQq85swog4GYzgzQXEfyKK22cP+gwhLNAZJwE15OQ69JMp+JuU +FPbXt/akHqjF0z8mzjOrmp/q8NKYs8SOHkzq/3KrpSJiCkdS17DxrvFJEzo6ju7 x3CKdnbisb3okVpBexjtKTCd/jCrWI3ssI3bQz2J6DX+SULdlEjxLd9n58xHTspi 13n89M5bEad6tsHcOdHvdIovPs0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBT+W1f9 tw6dMYk0fYpO3XbNPAGNSzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MTU2Ny5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAWcmaDANBgkqhkiG9w0BAQsFAAOCAQEAH/gd2p5ba0AoOmX5/2Do +wvQqNPrV/KDTpOJxJlL0dRWTBaZ5rnX+bgXpCKv6gdOQHtunNd5wqM78p5Wn3f0 OPAQlQHq1iMWytFDrkxPhxlQg/ZO70GAXeOqeBtKEsjQzugaYSvGTkRDhZVgG0Lq Br+2cvAHlvN+/CHD9AKalPJ2mhezP/4p0gobwPjnois7csE/O5p5y5+zlq1pu+pf V5ZRTB17+eL37vGSvvq7ONqsNqUs8+EjVLoHs7tOWNgkM5NRlxdvtFqlQPyYdzuQ RVjxDcOnob+YoVg6e5SC2VY7hCedmcZ7Uaq+yPfwf1mD/b7oGOoFG4z+qgJrpXEs qw== -----END CERTIFICATE-----Generated at Wed May 8 09:50:40 2024 by rpki-client on console-fra.rpki-client.org