$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa File: AS152010.roa (raw, json) Hash identifier: JirrAlia8eXo50UmfG71vgJF1jEucWMEXfnGZsGH0YE= Subject key identifier: D6:0E:BC:24:27:1F:92:44:BC:E4:95:72:6F:7C:D0:FA:B6:75:56:FD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 689A594994F8560C1FFF31112F4A4549544B35E2 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa Signing time: Thu 09 Nov 2023 08:29:58 +0000 ROA not before: Thu 09 Nov 2023 08:24:58 +0000 ROA not after: Thu 07 Nov 2024 08:29:58 +0000 asID: 152010 IP address blocks: 36.50.44.0/23 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:9a:59:49:94:f8:56:0c:1f:ff:31:11:2f:4a:45:49:54:4b:35:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 9 08:24:58 2023 GMT Not After : Nov 7 08:29:58 2024 GMT Subject: CN=D60EBC24271F9244BCE495726F7CD0FAB67556FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:07:21:2c:c9:d7:eb:fb:2a:1a:56:96:7e:43: 69:fd:4d:48:e6:32:23:a4:5c:30:a7:be:b4:33:c2: 36:e9:33:ae:56:16:82:f0:43:ea:0d:77:77:64:61: 27:cc:c4:35:2c:e1:73:3e:26:d1:5e:ec:08:e8:b7: 44:5a:72:2c:20:39:09:6e:6f:57:33:b7:2b:84:a4: 10:e0:2a:55:e7:1a:0d:95:c4:44:06:1a:1b:05:d4: 4b:79:bb:ef:ad:29:f1:d5:6e:44:a8:f9:47:98:c5: b5:7a:87:86:01:aa:53:88:84:63:c3:7f:d9:0f:64: b1:0c:53:6e:fc:41:43:3b:c1:c6:59:b2:fd:cf:82: c8:ce:ce:cf:80:9c:f9:5a:cd:f0:2e:53:56:0e:9f: fe:c4:98:8d:d8:4a:99:3f:d6:f5:0a:50:b4:64:56: bf:11:6b:d5:3b:25:94:13:98:78:ee:07:6e:a3:c2: da:71:ca:6a:11:2e:a8:85:a2:45:f4:fd:c1:2d:d0: a6:53:3b:e4:0f:fa:c9:e1:a3:57:c8:0d:51:8e:3d: dc:e4:bd:47:0e:10:03:81:b9:ef:10:97:8e:1d:14: 84:55:04:3a:b4:18:00:31:20:4b:cc:63:60:61:86: bf:df:dd:37:8a:ca:26:03:53:39:f4:51:3f:89:54: 8d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:0E:BC:24:27:1F:92:44:BC:E4:95:72:6F:7C:D0:FA:B6:75:56:FD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152010.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.50.44.0/23 Signature Algorithm: sha256WithRSAEncryption 0f:52:ae:22:26:47:ca:1b:1b:8b:42:5b:2b:19:9c:bf:5c:71: 01:0b:ec:2f:3b:97:e2:ba:c1:2c:93:cb:57:af:12:1a:a1:84: 7e:f8:c1:22:b2:99:44:85:c2:61:bd:0f:8b:5c:eb:e9:50:d1: c9:ec:a9:b0:47:be:32:7e:0e:00:93:93:a8:8b:cb:20:71:8e: 7c:70:8d:27:7d:9c:2f:e4:8b:55:68:e1:4c:23:99:d9:04:05: 93:c2:fe:94:ec:5b:a6:eb:0f:5a:b4:c1:16:de:70:40:38:a7: c0:6a:47:8a:3e:c0:a9:31:e5:82:2e:95:f7:a8:6a:e3:2e:fa: d9:e6:0f:80:d0:c9:49:c0:23:bd:28:ec:ab:41:4e:ba:b3:6f: 8f:c2:85:84:2e:32:4b:78:a2:a1:47:77:57:d2:c2:ca:f5:3a: 1c:b3:1d:7a:ec:d3:7e:c5:fb:63:41:84:f3:05:13:78:1d:17: 86:c0:1f:7e:90:0e:ab:45:fb:b2:12:35:55:23:54:af:c7:ad: 05:56:65:0f:42:08:71:af:21:ca:b9:08:88:50:34:b6:3b:63: aa:92:f1:24:1e:97:8e:1a:3b:7d:fb:6f:07:02:25:8b:33:2b: 98:f1:09:7c:8c:d7:1c:0c:bb:a9:72:c1:57:7f:e5:4d:fb:c3: b3:43:2d:fd -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUaJpZSZT4Vgwf/zERL0pFSVRLNeIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEwOTA4MjQ1OFoX DTI0MTEwNzA4Mjk1OFowMzExMC8GA1UEAxMoRDYwRUJDMjQyNzFGOTI0NEJDRTQ5 NTcyNkY3Q0QwRkFCNjc1NTZGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKYHISzJ1+v7KhpWln5Daf1NSOYyI6RcMKe+tDPCNukzrlYWgvBD6g13d2Rh J8zENSzhcz4m0V7sCOi3RFpyLCA5CW5vVzO3K4SkEOAqVecaDZXERAYaGwXUS3m7 760p8dVuRKj5R5jFtXqHhgGqU4iEY8N/2Q9ksQxTbvxBQzvBxlmy/c+CyM7Oz4Cc +VrN8C5TVg6f/sSYjdhKmT/W9QpQtGRWvxFr1TsllBOYeO4HbqPC2nHKahEuqIWi RfT9wS3QplM75A/6yeGjV8gNUY493OS9Rw4QA4G57xCXjh0UhFUEOrQYADEgS8xj YGGGv9/dN4rKJgNTOfRRP4lUjZ8CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTWDrwk Jx+SRLzklXJvfND6tnVW/TAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAxMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEASQyLDANBgkqhkiG9w0BAQsFAAOCAQEAD1KuIiZHyhsbi0JbKxmc v1xxAQvsLzuX4rrBLJPLV68SGqGEfvjBIrKZRIXCYb0Pi1zr6VDRyeypsEe+Mn4O AJOTqIvLIHGOfHCNJ32cL+SLVWjhTCOZ2QQFk8L+lOxbpusPWrTBFt5wQDinwGpH ij7AqTHlgi6V96hq4y762eYPgNDJScAjvSjsq0FOurNvj8KFhC4yS3iioUd3V9LC yvU6HLMdeuzTfsX7Y0GE8wUTeB0XhsAffpAOq0X7shI1VSNUr8etBVZlD0IIca8h yrkIiFA0tjtjqpLxJB6Xjho7fftvBwIlizMrmPEJfIzXHAy7qXLBV3/lTfvDs0Mt /Q== -----END CERTIFICATE-----Generated at Wed May 8 09:50:40 2024 by rpki-client on console-fra.rpki-client.org