$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa File: AS152086.roa (raw, json) Hash identifier: XfP8CqRtN2UaRRiAEviqGeobHFOTYlxk3xtS8ItTqrI= Subject key identifier: 66:A2:E5:1A:CF:DA:F5:77:36:60:B9:D9:1C:F8:5A:38:79:1C:3C:BD Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 521642A6898FDDCB3F83CEA47408FA0A5D5935EC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa Signing time: Tue 20 Feb 2024 02:59:36 +0000 ROA not before: Tue 20 Feb 2024 02:54:36 +0000 ROA not after: Tue 18 Feb 2025 02:59:36 +0000 asID: 152086 IP address blocks: 2001:df3:5dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:16:42:a6:89:8f:dd:cb:3f:83:ce:a4:74:08:fa:0a:5d:59:35:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 20 02:54:36 2024 GMT Not After : Feb 18 02:59:36 2025 GMT Subject: CN=66A2E51ACFDAF5773660B9D91CF85A38791C3CBD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a3:99:a8:34:04:85:8d:d1:4c:cd:39:fa:5f: e9:0e:b8:91:04:16:72:6c:90:b5:92:fc:c1:03:56: 2f:f5:b7:ce:b3:94:d8:d0:ed:1b:dd:90:99:38:9c: f6:20:2f:cf:08:7c:1e:8e:f7:8a:d8:fe:83:1c:25: 71:99:51:43:47:c0:06:93:3e:8f:eb:43:8c:35:c2: 57:14:d0:ad:37:b2:0b:e6:53:13:7c:d7:fc:8b:03: c4:e3:4b:20:c2:8e:f7:95:92:c4:80:cd:44:bb:b6: 4e:58:15:be:ae:ec:57:e7:0b:97:e0:40:0e:56:01: 10:c9:2c:ea:69:85:6c:70:e2:50:12:62:27:d9:cc: ff:81:59:86:ee:a2:73:1c:1a:f6:6b:be:28:33:d3: 68:12:5a:83:83:b5:83:b3:ee:f3:86:da:c9:d5:a6: cc:7f:e0:e9:c0:0a:c9:5f:ad:98:58:d0:e2:27:48: cf:6b:c3:50:22:b3:c2:25:4c:0b:10:99:fb:3c:11: 19:a0:4f:fd:3d:6a:62:58:75:f3:29:a6:da:78:65: d6:80:6a:73:fb:9d:97:a7:db:f8:2b:9b:60:fa:f7: b9:01:d8:f9:aa:76:3c:89:c6:dc:47:d0:38:75:d5: e6:bc:98:c2:4b:13:b2:8f:78:37:50:ab:37:86:4a: d6:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:A2:E5:1A:CF:DA:F5:77:36:60:B9:D9:1C:F8:5A:38:79:1C:3C:BD X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152086.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:5dc0::/48 Signature Algorithm: sha256WithRSAEncryption 1b:20:9d:18:f7:98:98:94:77:d8:dc:d5:39:15:cf:75:94:a5: 24:60:15:4d:4e:92:0a:e7:d2:fe:4d:43:d0:83:c9:34:6c:c1: 83:e0:3c:c3:47:ac:87:80:bc:2a:68:1b:ca:88:1d:d0:da:7b: ac:b4:6d:13:64:4c:51:a2:15:54:e5:c8:0b:44:99:26:37:90: 35:24:13:17:f9:3c:1f:3d:57:d3:e0:2d:dd:63:f4:ed:bc:d2: b4:e0:1e:ba:d7:36:6b:c5:c9:50:83:75:d7:ed:68:40:87:ea: 92:9e:61:07:73:4f:f0:5b:c8:05:15:e7:9c:17:6c:4e:ad:dc: 42:43:b3:c4:43:2f:34:9d:e7:3c:48:fe:23:db:06:9a:82:f8: 9f:78:23:40:1b:ca:c0:14:7e:d0:b8:7c:d4:d1:ff:c5:08:e6: a8:aa:63:44:9b:0e:38:81:fb:ad:f9:c0:75:6d:0a:39:75:c1: e4:71:f3:d1:28:ed:a4:2a:3e:bb:df:a4:91:47:40:e2:dc:88: ac:cb:03:c4:c2:9a:60:29:1f:a2:5f:3a:c4:6d:a6:bf:eb:46: 8f:f8:d5:c2:69:78:cf:bc:c1:ab:9a:ab:48:4b:6b:69:59:da: d0:70:12:db:66:d3:a3:4d:96:c9:e4:d9:17:a2:fb:34:a2:ff: 82:17:39:04 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUUhZCpomP3cs/g86kdAj6Cl1ZNewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIyMDAyNTQzNloX DTI1MDIxODAyNTkzNlowMzExMC8GA1UEAxMoNjZBMkU1MUFDRkRBRjU3NzM2NjBC OUQ5MUNGODVBMzg3OTFDM0NCRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWjmag0BIWN0UzNOfpf6Q64kQQWcmyQtZL8wQNWL/W3zrOU2NDtG92QmTic 9iAvzwh8Ho73itj+gxwlcZlRQ0fABpM+j+tDjDXCVxTQrTeyC+ZTE3zX/IsDxONL IMKO95WSxIDNRLu2TlgVvq7sV+cLl+BADlYBEMks6mmFbHDiUBJiJ9nM/4FZhu6i cxwa9mu+KDPTaBJag4O1g7Pu84baydWmzH/g6cAKyV+tmFjQ4idIz2vDUCKzwiVM CxCZ+zwRGaBP/T1qYlh18ymm2nhl1oBqc/udl6fb+CubYPr3uQHY+ap2PInG3EfQ OHXV5ryYwksTso94N1CrN4ZK1mcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRmouUa z9r1dzZgudkc+Fo4eRw8vTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjA4Ni5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNdwDANBgkqhkiG9w0BAQsFAAOCAQEAGyCdGPeYmJR32NzV ORXPdZSlJGAVTU6SCufS/k1D0IPJNGzBg+A8w0esh4C8Kmgbyogd0Np7rLRtE2RM UaIVVOXIC0SZJjeQNSQTF/k8Hz1X0+At3WP07bzStOAeutc2a8XJUIN11+1oQIfq kp5hB3NP8FvIBRXnnBdsTq3cQkOzxEMvNJ3nPEj+I9sGmoL4n3gjQBvKwBR+0Lh8 1NH/xQjmqKpjRJsOOIH7rfnAdW0KOXXB5HHz0SjtpCo+u9+kkUdA4tyIrMsDxMKa YCkfol86xG2mv+tGj/jVwml4z7zBq5qrSEtraVna0HAS22bTo02WyeTZF6L7NKL/ ghc5BA== -----END CERTIFICATE-----Generated at Thu May 9 00:37:08 2024 by rpki-client on console-fra.rpki-client.org