$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa File: AS152036.roa (raw, json) Hash identifier: yDYJUU5ZoqzKWDLE7I020heWXGDhjPTrHnpnYcgiH7Q= Subject key identifier: 20:64:7D:ED:C3:5C:14:3A:92:F4:F1:DC:89:D2:20:09:A8:A8:47:9A Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 759516AEB33949573E4292858C1D5476ED1AC08A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa Signing time: Tue 16 Jan 2024 08:04:27 +0000 ROA not before: Tue 16 Jan 2024 07:59:27 +0000 ROA not after: Tue 14 Jan 2025 08:04:27 +0000 asID: 152036 IP address blocks: 2001:df3:5d40::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:95:16:ae:b3:39:49:57:3e:42:92:85:8c:1d:54:76:ed:1a:c0:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 16 07:59:27 2024 GMT Not After : Jan 14 08:04:27 2025 GMT Subject: CN=20647DEDC35C143A92F4F1DC89D22009A8A8479A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:bd:4d:95:1c:87:2b:dc:9c:fa:74:ff:f1:de: 85:2b:85:73:1e:3a:e6:b7:9a:52:e5:51:ad:07:81: e8:29:60:f1:b6:76:0b:6a:df:dc:66:d2:10:d7:fc: c3:06:16:64:eb:03:8f:c5:06:f2:04:89:b5:fc:fc: c6:3c:e4:44:ea:aa:73:82:df:26:74:a4:67:23:53: 66:82:f3:74:3d:61:92:45:91:b5:28:dc:6e:b9:2d: 57:20:78:7b:41:1b:a6:5b:63:a4:73:cc:e7:1f:90: d2:99:33:d7:e9:c7:58:6c:f8:59:79:fd:fd:22:28: b4:f2:25:be:af:5a:07:0c:b0:9e:1e:cb:94:5f:1a: 47:f7:67:f3:eb:48:f6:7e:21:21:9d:4a:4b:c1:f8: 5d:35:ab:e3:97:23:4c:17:09:d4:f4:63:5c:a2:c8: cb:44:d7:a4:08:09:a5:1d:c9:d3:98:6e:3a:9f:6b: fe:01:e2:05:66:36:f6:dc:46:b7:8f:89:e3:af:9e: 51:c1:48:9b:21:a7:1f:1e:62:5d:68:c5:68:cb:e2: 16:5b:41:7e:a5:a6:b2:91:ee:84:2e:c3:41:51:8c: 86:ba:3a:b7:8d:5a:33:87:2d:2b:ee:ed:0e:5b:9a: e7:43:10:63:eb:d7:f9:14:2c:25:b9:d1:53:61:b0: 4a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:64:7D:ED:C3:5C:14:3A:92:F4:F1:DC:89:D2:20:09:A8:A8:47:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152036.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5d40::/48 Signature Algorithm: sha256WithRSAEncryption 5a:1c:53:f2:4c:78:15:9e:23:9a:22:13:3c:78:d6:15:6f:e6: 7e:60:15:19:5a:f8:41:87:9d:6d:61:82:d2:9c:94:ae:79:d6: 6c:56:1e:03:1c:92:4c:f4:60:e2:c2:e5:c9:af:23:67:f4:ef: bc:71:4c:bf:04:35:57:da:34:48:50:8a:f8:1e:ba:a9:46:35: d9:b2:4d:4d:a7:09:d0:7a:6a:4a:5e:0d:69:04:75:2b:f6:c2: e7:fe:d9:af:3f:9b:68:b4:4c:8e:a3:84:7c:81:ba:5b:e2:4d: b2:03:01:1c:c0:cd:90:56:3f:9e:9e:e0:4d:30:2c:05:4a:ba: 7a:de:7f:c5:88:3e:27:8c:bb:c8:04:be:8e:a5:9a:8c:45:b8: 6a:b7:f0:c4:40:6a:87:c2:1d:6b:2e:bd:d3:e2:bf:5d:3a:1b: 98:43:96:5f:b5:2f:ad:02:6d:90:a2:75:2e:88:c2:9e:cb:79: f9:0b:dc:00:12:47:3d:96:92:8f:8f:10:6f:fd:d0:ed:61:4f: af:91:13:b3:8f:c9:8b:ff:c2:45:53:4d:68:56:45:90:7a:5d: 53:41:60:16:cd:87:25:42:5e:70:cf:c0:cd:38:43:f6:0b:c2: 56:dc:31:cd:2e:1f:66:b6:03:ff:cf:9e:f1:05:85:e4:08:94: 51:94:4e:90 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUdZUWrrM5SVc+QpKFjB1Udu0awIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDExNjA3NTkyN1oX DTI1MDExNDA4MDQyN1owMzExMC8GA1UEAxMoMjA2NDdERURDMzVDMTQzQTkyRjRG MURDODlEMjIwMDlBOEE4NDc5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK69TZUchyvcnPp0//HehSuFcx465reaUuVRrQeB6Clg8bZ2C2rf3GbSENf8 wwYWZOsDj8UG8gSJtfz8xjzkROqqc4LfJnSkZyNTZoLzdD1hkkWRtSjcbrktVyB4 e0EbpltjpHPM5x+Q0pkz1+nHWGz4WXn9/SIotPIlvq9aBwywnh7LlF8aR/dn8+tI 9n4hIZ1KS8H4XTWr45cjTBcJ1PRjXKLIy0TXpAgJpR3J05huOp9r/gHiBWY29txG t4+J46+eUcFImyGnHx5iXWjFaMviFltBfqWmspHuhC7DQVGMhro6t41aM4ctK+7t Dlua50MQY+vX+RQsJbnRU2GwSmcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQgZH3t w1wUOpL08dyJ0iAJqKhHmjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjAzNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNdQDANBgkqhkiG9w0BAQsFAAOCAQEAWhxT8kx4FZ4jmiIT PHjWFW/mfmAVGVr4QYedbWGC0pyUrnnWbFYeAxySTPRg4sLlya8jZ/TvvHFMvwQ1 V9o0SFCK+B66qUY12bJNTacJ0HpqSl4NaQR1K/bC5/7Zrz+baLRMjqOEfIG6W+JN sgMBHMDNkFY/np7gTTAsBUq6et5/xYg+J4y7yAS+jqWajEW4arfwxEBqh8Iday69 0+K/XTobmEOWX7UvrQJtkKJ1LojCnst5+QvcABJHPZaSj48Qb/3Q7WFPr5ETs4/J i//CRVNNaFZFkHpdU0FgFs2HJUJecM/AzThD9gvCVtwxzS4fZrYD/8+e8QWF5AiU UZROkA== -----END CERTIFICATE-----Generated at Wed May 8 10:06:55 2024 by rpki-client on console-ams.rpki-client.org