$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152061.roa File: AS152061.roa (raw, json) Hash identifier: 7kSfmEI+zb9lV1fx0xaTyziYXQkXoewBi30/Q4kfEIE= Subject key identifier: D3:7F:9E:98:4B:6F:66:65:B9:ED:12:53:E1:D9:55:57:90:08:6E:77 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 14136F4B105F96328E68D51F611AF719EFD42490 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152061.roa Signing time: Fri 02 Feb 2024 08:57:24 +0000 ROA not before: Fri 02 Feb 2024 08:52:24 +0000 ROA not after: Fri 31 Jan 2025 08:57:24 +0000 asID: 152061 IP address blocks: 113.192.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:13:6f:4b:10:5f:96:32:8e:68:d5:1f:61:1a:f7:19:ef:d4:24:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 2 08:52:24 2024 GMT Not After : Jan 31 08:57:24 2025 GMT Subject: CN=D37F9E984B6F6665B9ED1253E1D9555790086E77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c0:bd:9e:34:23:f5:37:6b:ba:68:6d:ce:5f: 57:03:cf:50:f2:6b:cd:c5:46:02:7e:43:f9:98:1e: 3c:2c:36:68:83:62:f1:e3:7e:79:62:61:8f:3c:cb: 13:c7:ca:9f:0c:77:4b:d7:ab:6d:25:d4:8f:5e:d4: 80:36:8a:ee:a2:8c:27:a8:2a:a3:f1:10:c1:89:df: bd:49:f7:58:88:5c:4a:92:2e:d5:b0:a6:b8:78:5a: 21:6c:31:80:76:a3:ed:2a:3c:eb:fe:8f:4b:cc:6b: cf:e2:fe:1b:d2:36:8a:2d:83:d8:d0:e4:3b:bb:42: 02:d9:25:16:e5:12:ef:90:41:28:a7:f6:d7:4d:26: 94:59:3f:ba:4d:e1:bb:63:f0:20:1b:49:ad:e5:98: dd:78:a6:69:92:fd:92:82:50:62:6f:17:ef:49:21: 2b:06:85:d1:28:63:b6:0a:76:ad:7c:26:46:ea:67: 79:31:25:0f:71:da:00:4d:50:6e:88:af:60:cf:7c: 6a:88:90:60:6f:07:af:83:f5:79:bd:1f:35:7f:0f: ec:95:4c:73:43:2d:25:76:30:bf:c6:10:3c:6b:28: 42:8b:91:73:fa:f6:aa:2a:a5:72:8d:e4:dd:9f:5e: b9:8a:d4:08:3a:0f:0a:93:fc:b0:6b:c1:c5:18:bd: af:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:7F:9E:98:4B:6F:66:65:B9:ED:12:53:E1:D9:55:57:90:08:6E:77 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152061.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 113.192.2.0/24 Signature Algorithm: sha256WithRSAEncryption 40:23:de:2e:7a:3a:e9:08:e2:79:b6:ef:bb:4e:be:cc:b0:ef: 0f:78:fd:37:20:88:b4:bc:c5:40:00:08:7b:66:c7:34:e9:68: 82:f1:00:14:ca:78:04:e9:09:e7:ec:99:71:17:8f:0f:8a:57: cf:fa:56:82:a7:8f:33:d5:dd:03:46:b8:10:cd:fa:66:9e:13: 1e:7d:ad:18:99:6a:0c:1d:02:3f:39:34:9c:39:f9:88:c5:94: 97:5a:04:7a:30:40:85:84:af:c3:ba:2e:d5:36:95:25:6d:a7: 60:56:74:07:0c:31:ec:8b:44:ef:12:39:ca:74:f3:13:b7:44: 3e:c0:cf:e3:d4:45:22:62:0f:4a:22:b4:32:b1:20:39:b9:a1: 07:2e:9e:d9:73:4d:59:9f:82:da:25:ca:93:a5:86:f9:e2:dc: c4:87:b1:56:2f:8c:cd:57:40:d5:25:c4:8d:e9:fc:db:b5:08: b1:13:59:ae:a0:75:10:dd:c1:99:78:d4:52:ff:19:ce:48:04: 67:52:5d:be:c0:ed:95:98:29:cd:4a:34:33:3e:a6:52:c2:ed: cd:0c:45:8d:81:f6:29:e2:3d:8e:50:59:77:01:3a:90:0e:1b: 58:86:0f:8a:fd:62:0b:07:e0:bb:86:44:29:d8:ed:4a:52:7e: a4:37:5d:ad -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUFBNvSxBfljKOaNUfYRr3Ge/UJJAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIwMjA4NTIyNFoX DTI1MDEzMTA4NTcyNFowMzExMC8GA1UEAxMoRDM3RjlFOTg0QjZGNjY2NUI5RUQx MjUzRTFEOTU1NTc5MDA4NkU3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAObAvZ40I/U3a7pobc5fVwPPUPJrzcVGAn5D+ZgePCw2aINi8eN+eWJhjzzL E8fKnwx3S9erbSXUj17UgDaK7qKMJ6gqo/EQwYnfvUn3WIhcSpIu1bCmuHhaIWwx gHaj7So86/6PS8xrz+L+G9I2ii2D2NDkO7tCAtklFuUS75BBKKf2100mlFk/uk3h u2PwIBtJreWY3XimaZL9koJQYm8X70khKwaF0Shjtgp2rXwmRupneTElD3HaAE1Q boivYM98aoiQYG8Hr4P1eb0fNX8P7JVMc0MtJXYwv8YQPGsoQouRc/r2qiqlco3k 3Z9euYrUCDoPCpP8sGvBxRi9ry0CAwEAAaOCAdAwggHMMB0GA1UdDgQWBBTTf56Y S29mZbntElPh2VVXkAhudzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjA2MS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAHHAAjANBgkqhkiG9w0BAQsFAAOCAQEAQCPeLno66Qjiebbvu06+ zLDvD3j9NyCItLzFQAAIe2bHNOlogvEAFMp4BOkJ5+yZcRePD4pXz/pWgqePM9Xd A0a4EM36Zp4THn2tGJlqDB0CPzk0nDn5iMWUl1oEejBAhYSvw7ou1TaVJW2nYFZ0 Bwwx7ItE7xI5ynTzE7dEPsDP49RFImIPSiK0MrEgObmhBy6e2XNNWZ+C2iXKk6WG +eLcxIexVi+MzVdA1SXEjen827UIsRNZrqB1EN3BmXjUUv8ZzkgEZ1JdvsDtlZgp zUo0Mz6mUsLtzQxFjYH2KeI9jlBZdwE6kA4bWIYPiv1iCwfgu4ZEKdjtSlJ+pDdd rQ== -----END CERTIFICATE-----Generated at Wed May 8 17:45:23 2024 by rpki-client on console-ams.rpki-client.org