$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa File: AS152023.roa (raw, json) Hash identifier: NYXmx2/P7Ay7IZ5bSVY2d4Nl2QW9o4URMEZXy9YH0oQ= Subject key identifier: 63:D3:CD:22:A0:EA:36:4A:DD:00:54:C3:50:42:C9:15:85:56:0B:8B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 265F78C521FCAD6BB754079F7762A4BEA861AA5D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa Signing time: Wed 24 Jan 2024 02:20:12 +0000 ROA not before: Wed 24 Jan 2024 02:15:12 +0000 ROA not after: Wed 22 Jan 2025 02:20:12 +0000 asID: 152023 IP address blocks: 45.123.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:5f:78:c5:21:fc:ad:6b:b7:54:07:9f:77:62:a4:be:a8:61:aa:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 24 02:15:12 2024 GMT Not After : Jan 22 02:20:12 2025 GMT Subject: CN=63D3CD22A0EA364ADD0054C35042C91585560B8B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:33:4c:e9:57:15:8c:31:02:d8:be:dc:c1:6c: 40:75:bf:a1:ff:7b:b7:6d:c3:f5:f4:e2:26:17:ca: 1d:e2:83:f5:30:5b:fc:f0:a2:bb:81:ef:d3:75:f3: 8c:7c:49:06:3d:9d:39:3f:c9:83:ba:e0:7d:2e:f8: 29:ad:ef:17:18:a9:7b:38:d6:ac:3f:db:89:4a:3b: 71:35:a4:31:21:c3:ad:e8:ea:48:4a:10:cc:fd:9d: 22:a8:fd:8e:14:fc:a5:df:a0:67:c7:19:4d:37:14: d1:f8:fd:21:bf:a8:28:fd:17:26:fd:43:0d:c4:3a: ec:31:57:b8:7b:22:22:87:7e:20:ad:95:f4:7d:fe: d5:9f:5b:b5:02:5b:15:71:03:f3:1f:3d:2b:35:24: 86:5a:19:d1:df:77:3b:69:c2:98:e2:8a:45:61:04: 25:51:0f:60:78:8f:7e:0b:7b:80:b4:a4:4c:8d:83: b5:0b:70:b4:e3:b3:dc:26:61:0b:fd:8b:9e:b4:46: 8f:4e:b6:c9:32:21:1b:eb:c6:19:47:da:03:05:9c: 94:d9:f9:01:f1:c9:66:de:6e:b2:9c:7a:82:57:59: af:a0:be:44:e1:df:a8:c7:c9:e7:59:69:5e:04:de: 50:50:d0:ca:7d:a8:85:0e:c4:e7:d4:0f:38:94:17: df:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D3:CD:22:A0:EA:36:4A:DD:00:54:C3:50:42:C9:15:85:56:0B:8B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152023.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.123.143.0/24 Signature Algorithm: sha256WithRSAEncryption 66:e3:d4:04:bf:b3:3d:99:46:34:7a:07:48:a4:d7:66:e3:c7: 5b:a2:5d:53:ad:79:a8:34:82:3b:01:42:7a:7a:dc:ea:0c:c3: 39:1b:c3:0c:75:8a:33:64:b4:48:68:08:88:b9:cd:03:e6:91: bb:d8:57:51:99:d1:59:b7:ec:56:07:a2:f3:04:8b:f2:9a:8a: 3e:e1:67:e2:8e:5b:4d:ae:2d:e7:5d:5c:3a:90:43:65:02:06: 68:50:0e:2a:64:5b:9f:0e:63:21:13:fc:39:0e:bd:a2:c5:7e: 94:eb:77:ce:7b:6e:b4:85:bd:32:0b:98:28:50:30:63:d5:27: b7:96:d6:32:df:f6:cc:0e:97:f5:a9:10:60:11:08:06:52:5d: 3d:a7:75:36:77:39:b2:61:68:4a:b0:ee:ba:26:bc:b0:f1:ef: 7d:93:b7:79:bd:98:df:f4:f6:d3:4f:81:5e:8c:33:ac:99:f2: d8:00:dd:61:8f:6c:3e:ff:ce:45:17:25:bd:74:71:67:52:80: d7:56:a7:f4:3b:3a:4b:32:2d:ac:b5:8f:d5:c6:4a:ad:b8:8e: 64:89:61:32:f2:0c:2e:7f:42:e8:7e:4a:a3:59:3d:53:57:c7: fc:1a:88:ae:ee:ac:07:c4:76:4a:80:e1:15:33:8d:d3:c3:fb: 38:f5:db:12 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUJl94xSH8rWu3VAefd2Kkvqhhql0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEyNDAyMTUxMloX DTI1MDEyMjAyMjAxMlowMzExMC8GA1UEAxMoNjNEM0NEMjJBMEVBMzY0QUREMDA1 NEMzNTA0MkM5MTU4NTU2MEI4QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANszTOlXFYwxAti+3MFsQHW/of97t23D9fTiJhfKHeKD9TBb/PCiu4Hv03Xz jHxJBj2dOT/Jg7rgfS74Ka3vFxipezjWrD/biUo7cTWkMSHDrejqSEoQzP2dIqj9 jhT8pd+gZ8cZTTcU0fj9Ib+oKP0XJv1DDcQ67DFXuHsiIod+IK2V9H3+1Z9btQJb FXED8x89KzUkhloZ0d93O2nCmOKKRWEEJVEPYHiPfgt7gLSkTI2DtQtwtOOz3CZh C/2LnrRGj062yTIhG+vGGUfaAwWclNn5AfHJZt5uspx6gldZr6C+ROHfqMfJ51lp XgTeUFDQyn2ohQ7E59QPOJQX3wUCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRj080i oOo2St0AVMNQQskVhVYLizAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAyMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAC17jzANBgkqhkiG9w0BAQsFAAOCAQEAZuPUBL+zPZlGNHoHSKTX ZuPHW6JdU615qDSCOwFCenrc6gzDORvDDHWKM2S0SGgIiLnNA+aRu9hXUZnRWbfs Vgei8wSL8pqKPuFn4o5bTa4t511cOpBDZQIGaFAOKmRbnw5jIRP8OQ69osV+lOt3 zntutIW9MguYKFAwY9Unt5bWMt/2zA6X9akQYBEIBlJdPad1Nnc5smFoSrDuuia8 sPHvfZO3eb2Y3/T200+BXowzrJny2ADdYY9sPv/ORRclvXRxZ1KA11an9Ds6SzIt rLWP1cZKrbiOZIlhMvIMLn9C6H5Ko1k9U1fH/BqIru6sB8R2SoDhFTON08P7OPXb Eg== -----END CERTIFICATE-----Generated at Wed May 8 10:06:55 2024 by rpki-client on console-ams.rpki-client.org