$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa File: AS152010.roa (raw, json) Hash identifier: 1jmxN7QKquML7PM1Mm5u9jEUcuTkt50Q0Dvy43ud+fM= Subject key identifier: DA:B1:DB:3E:8F:D8:6C:52:8D:F7:FC:56:98:07:C2:7A:77:9C:A0:CC Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2017CB34598B56697B9B449B473AF0B5FB010B23 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa Signing time: Thu 10 Oct 2024 09:00:00 +0000 ROA not before: Thu 10 Oct 2024 08:55:00 +0000 ROA not after: Thu 09 Oct 2025 09:00:00 +0000 asID: 152010 IP address blocks: 36.50.44.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:17:cb:34:59:8b:56:69:7b:9b:44:9b:47:3a:f0:b5:fb:01:0b:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 10 08:55:00 2024 GMT Not After : Oct 9 09:00:00 2025 GMT Subject: CN=DAB1DB3E8FD86C528DF7FC569807C27A779CA0CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6c:f3:ae:1a:64:44:8b:8d:ab:e0:19:44:87: 88:e1:2a:33:6f:13:49:38:62:41:ee:4f:41:ac:77: 63:c9:dd:5d:0b:3c:a1:54:bc:94:7f:e1:f2:7e:55: 52:98:72:7b:0c:e6:61:91:d2:3f:ba:07:bf:7c:dd: 8d:e1:51:a8:69:ad:c3:51:18:ff:09:08:19:d7:be: 50:aa:2a:c0:4a:0b:90:7e:83:f5:ca:78:43:29:de: 6b:47:40:1d:db:11:f8:c2:53:ab:2f:4e:b1:fb:80: 32:d5:65:5f:34:df:5d:1c:88:65:98:91:ba:00:ba: a4:f6:2c:6d:f4:00:f7:2f:9f:5d:de:33:e7:05:e3: 45:3a:7b:dd:41:aa:1d:87:e3:46:27:1e:71:be:2b: 80:f7:4f:59:2f:9a:0b:4f:aa:c5:78:97:2a:04:f8: db:ca:dc:2b:81:ed:91:ba:f8:95:7c:8a:ab:e9:60: 15:99:c1:ec:8c:8d:19:78:9a:71:31:67:6e:3e:e9: 22:1c:95:13:c4:4a:a8:f3:06:2c:cb:68:23:2c:9e: d3:f2:ff:09:59:33:13:2a:0e:73:75:7c:c6:1d:8d: 38:0f:cc:55:1b:d6:c3:5c:9d:81:4b:b9:b6:73:c8: 0b:ea:c4:c1:f0:10:cb:a3:02:1b:39:bf:7d:70:da: 71:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:B1:DB:3E:8F:D8:6C:52:8D:F7:FC:56:98:07:C2:7A:77:9C:A0:CC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.50.44.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:e1:83:74:15:bc:a5:49:b6:35:5d:8a:51:b8:ad:bf:2e:3e: 4f:7f:24:dd:01:1c:1c:f4:ed:a1:27:10:df:28:63:ac:76:6a: d5:d9:e6:35:93:0d:f5:47:eb:3c:c4:05:56:e8:10:24:0f:02: 34:ec:ee:2f:47:f8:62:b2:2f:5d:12:aa:3e:2b:fd:36:fd:25: dc:fe:29:9c:91:c7:22:f1:c2:0e:92:24:14:5b:a2:d6:1c:6a: 33:fb:34:47:ac:21:87:b4:cb:bb:d9:e5:9a:07:17:ac:a0:10: 91:00:cc:ba:fd:93:a0:54:e5:da:73:3a:94:d7:da:d1:6a:59: e9:be:63:9d:b4:0a:c5:73:21:65:f8:df:c4:fd:71:f8:3f:91: 25:5c:17:66:f8:01:ce:55:34:45:36:75:50:98:80:73:80:40: b7:7e:d3:d5:0b:9f:99:98:4c:8f:e0:46:4e:84:d7:5c:08:66: 9b:c3:e9:f3:c7:6a:77:5d:f2:bd:ef:76:45:7a:9f:eb:c0:1b: 6a:fa:67:9c:22:27:84:5d:3d:16:36:7f:e0:68:74:10:dd:31: d4:1f:8e:be:eb:38:93:09:51:f2:66:e3:fc:74:aa:cc:c6:22: ce:b5:ee:45:14:78:7a:49:9d:48:5d:fe:66:96:45:46:3c:2f: 29:42:43:e1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUIBfLNFmLVml7m0SbRzrwtfsBCyMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAxMDA4NTUwMFoX DTI1MTAwOTA5MDAwMFowMzExMC8GA1UEAxMoREFCMURCM0U4RkQ4NkM1MjhERjdG QzU2OTgwN0MyN0E3NzlDQTBDQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMhs864aZESLjavgGUSHiOEqM28TSThiQe5PQax3Y8ndXQs8oVS8lH/h8n5V UphyewzmYZHSP7oHv3zdjeFRqGmtw1EY/wkIGde+UKoqwEoLkH6D9cp4Qynea0dA HdsR+MJTqy9OsfuAMtVlXzTfXRyIZZiRugC6pPYsbfQA9y+fXd4z5wXjRTp73UGq HYfjRicecb4rgPdPWS+aC0+qxXiXKgT428rcK4Htkbr4lXyKq+lgFZnB7IyNGXia cTFnbj7pIhyVE8RKqPMGLMtoIyye0/L/CVkzEyoOc3V8xh2NOA/MVRvWw1ydgUu5 tnPIC+rEwfAQy6MCGzm/fXDacZUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTasds+ j9hsUo33/FaYB8J6d5ygzDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAxMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEASQyLDANBgkqhkiG9w0BAQsFAAOCAQEAfeGDdBW8pUm2NV2KUbit vy4+T38k3QEcHPTtoScQ3yhjrHZq1dnmNZMN9UfrPMQFVugQJA8CNOzuL0f4YrIv XRKqPiv9Nv0l3P4pnJHHIvHCDpIkFFui1hxqM/s0R6whh7TLu9nlmgcXrKAQkQDM uv2ToFTl2nM6lNfa0WpZ6b5jnbQKxXMhZfjfxP1x+D+RJVwXZvgBzlU0RTZ1UJiA c4BAt37T1QufmZhMj+BGToTXXAhmm8Pp88dqd13yve92RXqf68AbavpnnCInhF09 FjZ/4Gh0EN0x1B+Ovus4kwlR8mbj/HSqzMYizrXuRRR4ekmdSF3+ZpZFRjwvKUJD 4Q== -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:30 2024 by rpki-client on console-ams.rpki-client.org