$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa File: AS152373.roa (raw, json) Hash identifier: 3/ZWRuJURhCbwbRuYNMtJ7fxjNU59rk8ejr1/rVPq1g= Subject key identifier: 65:3F:48:92:62:48:65:54:4D:C8:DF:E1:09:F6:D1:84:B8:27:5A:90 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 367559C0F28C259C29E6DE55286E4E5F864E676D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa Signing time: Wed 20 Mar 2024 04:26:53 +0000 ROA not before: Wed 20 Mar 2024 04:21:53 +0000 ROA not after: Wed 19 Mar 2025 04:26:53 +0000 asID: 152373 IP address blocks: 2001:df3:72c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:75:59:c0:f2:8c:25:9c:29:e6:de:55:28:6e:4e:5f:86:4e:67:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 20 04:21:53 2024 GMT Not After : Mar 19 04:26:53 2025 GMT Subject: CN=653F4892624865544DC8DFE109F6D184B8275A90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:d2:bb:1d:04:18:e7:c1:bc:59:70:cb:50:7b: cf:7e:a2:bd:70:ca:0f:f1:20:94:e9:7a:ad:1a:d1: 0c:8a:4c:55:e6:ba:f3:48:82:fd:2a:ca:be:d7:0b: b2:ea:b7:0c:4e:80:67:11:01:3f:47:f8:f3:80:cf: 55:9b:20:96:04:c4:6b:de:9b:f5:84:b8:1a:d7:b5: 6a:41:30:7f:07:ea:a6:00:09:46:41:17:25:10:d9: 79:90:71:30:b9:9f:0c:38:78:4a:b3:d7:f1:ea:a4: 57:db:21:70:a0:43:6f:04:5c:4c:70:78:8f:af:11: 74:5c:78:82:c4:90:28:ea:ad:84:11:b2:09:64:82: b5:01:ce:47:dd:32:c0:e1:72:dc:7e:e3:45:ac:73: 56:0e:c0:53:b6:98:2f:de:db:9a:69:58:9c:e3:c3: 45:95:a9:1b:ee:c8:d9:ca:da:6c:4e:7e:c9:b4:52: 01:00:0f:0b:9a:fe:73:a5:4e:10:52:a6:1f:eb:f1: 8e:88:80:9a:46:2d:7a:31:fd:52:c4:f7:43:80:3f: 20:16:58:69:76:da:d1:43:ff:6d:85:35:fc:a0:8a: 17:6b:a1:ce:e5:4b:39:63:b9:e6:01:21:26:ca:f7: 08:8c:b4:40:3f:76:70:84:28:e4:c8:76:af:fb:7c: 1d:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:3F:48:92:62:48:65:54:4D:C8:DF:E1:09:F6:D1:84:B8:27:5A:90 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:72c0::/48 Signature Algorithm: sha256WithRSAEncryption 60:b8:ff:32:89:c6:3a:f8:37:c0:a9:0b:5b:c5:a2:70:f0:bf: fa:f6:ee:e5:53:96:d5:99:07:66:33:1b:74:8c:85:12:21:78: b7:18:35:fb:d8:09:5f:06:47:b8:ce:7a:dc:53:1b:b9:a0:ad: 04:ee:48:a9:4c:76:9c:11:64:26:f9:f0:df:f0:ac:f1:d8:42: 76:fd:07:35:35:8c:14:85:c9:63:85:1f:0b:59:91:42:82:67: f6:23:19:b9:bb:12:4c:5a:16:ec:48:ea:71:3f:9a:a3:5a:ed: 03:12:e2:84:ae:8b:d9:4d:c5:52:4c:78:47:c5:2a:f4:c7:8f: d8:65:8d:fc:40:df:ef:db:3a:64:19:f6:b7:4b:8d:37:7b:58: 33:39:8c:2c:c1:01:7a:00:95:53:f5:e9:bd:1c:13:91:5f:d2: 36:d3:f1:4b:33:65:1e:29:2a:a1:1b:3c:6a:1c:9d:d7:63:3d: c0:58:e2:18:32:15:51:f9:9a:46:91:6e:d6:9d:fb:9b:92:8e: 6a:90:42:d1:c8:f4:cf:48:2a:8f:96:e1:f8:22:b5:8f:cd:76: da:4e:6c:9b:d2:47:b6:7b:f4:af:e0:48:8c:ad:02:98:4f:bd: 28:ec:38:19:c4:fb:90:46:a2:3b:38:c3:74:ef:5d:92:b2:d6: 99:68:08:f1 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUNnVZwPKMJZwp5t5VKG5OX4ZOZ20wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyMDA0MjE1M1oX DTI1MDMxOTA0MjY1M1owMzExMC8GA1UEAxMoNjUzRjQ4OTI2MjQ4NjU1NDREQzhE RkUxMDlGNkQxODRCODI3NUE5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPHSux0EGOfBvFlwy1B7z36ivXDKD/EglOl6rRrRDIpMVea680iC/SrKvtcL suq3DE6AZxEBP0f484DPVZsglgTEa96b9YS4Gte1akEwfwfqpgAJRkEXJRDZeZBx MLmfDDh4SrPX8eqkV9shcKBDbwRcTHB4j68RdFx4gsSQKOqthBGyCWSCtQHOR90y wOFy3H7jRaxzVg7AU7aYL97bmmlYnOPDRZWpG+7I2crabE5+ybRSAQAPC5r+c6VO EFKmH+vxjoiAmkYtejH9UsT3Q4A/IBZYaXba0UP/bYU1/KCKF2uhzuVLOWO55gEh Jsr3CIy0QD92cIQo5Mh2r/t8HYcCAwEAAaOCAdMwggHPMB0GA1UdDgQWBBRlP0iS YkhlVE3I3+EJ9tGEuCdakDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM3My5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfNywDANBgkqhkiG9w0BAQsFAAOCAQEAYLj/MonGOvg3wKkL W8WicPC/+vbu5VOW1ZkHZjMbdIyFEiF4txg1+9gJXwZHuM563FMbuaCtBO5IqUx2 nBFkJvnw3/Cs8dhCdv0HNTWMFIXJY4UfC1mRQoJn9iMZubsSTFoW7EjqcT+ao1rt AxLihK6L2U3FUkx4R8Uq9MeP2GWN/EDf79s6ZBn2t0uNN3tYMzmMLMEBegCVU/Xp vRwTkV/SNtPxSzNlHikqoRs8ahyd12M9wFjiGDIVUfmaRpFu1p37m5KOapBC0cj0 z0gqj5bh+CK1j8122k5sm9JHtnv0r+BIjK0CmE+9KOw4GcT7kEaiOzjDdO9dkrLW mWgI8Q== -----END CERTIFICATE-----Generated at Wed May 8 14:59:57 2024 by rpki-client on console-ams.rpki-client.org