$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa File: AS152394.roa (raw, json) Hash identifier: 96tSPQAnhIy+7ByFmZ1qiqT7C5MfwHsAtjcdltwN9Pw= Subject key identifier: 2B:D4:FD:40:91:11:BA:EC:11:B3:15:7A:92:37:5A:87:DD:6D:15:2E Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4F4FC2170710083EC3B1C841C76CD35F4DD271CB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa Signing time: Fri 22 Mar 2024 03:34:46 +0000 ROA not before: Fri 22 Mar 2024 03:29:46 +0000 ROA not after: Fri 21 Mar 2025 03:34:46 +0000 asID: 152394 IP address blocks: 2001:df3:98c0::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:4f:c2:17:07:10:08:3e:c3:b1:c8:41:c7:6c:d3:5f:4d:d2:71:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 22 03:29:46 2024 GMT Not After : Mar 21 03:34:46 2025 GMT Subject: CN=2BD4FD409111BAEC11B3157A92375A87DD6D152E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:2c:6d:af:b7:ac:e2:e5:62:39:ba:93:f4:a3: 73:02:76:04:d3:5c:65:9f:d7:a7:ad:59:28:03:78: 45:47:ad:50:1b:85:23:1d:d1:6e:d8:bf:f5:78:2d: d9:ee:6a:ae:23:c5:4f:f2:59:6e:22:22:62:15:17: ec:74:ae:4d:31:eb:b1:9a:60:76:43:9c:c6:6f:8e: 31:e8:a7:e1:c9:cc:7f:6c:71:57:22:b0:99:f4:27: cd:42:6b:81:77:27:2c:cd:65:6b:a9:4c:13:33:c3: c1:00:fd:26:08:2e:66:8c:7e:00:2e:71:69:c4:dd: 7a:35:17:be:38:f0:16:53:90:b6:00:63:f2:b1:09: d4:e0:ec:d9:e8:4c:7a:05:95:40:f7:6b:b4:73:79: 7d:67:4a:55:1d:c8:7e:46:99:c6:95:9d:c2:36:b0: e2:9c:3c:9e:7f:72:ac:0c:3a:c5:23:b1:93:76:62: 1b:13:7d:11:61:27:23:ed:93:29:9a:06:ae:35:c9: f4:9f:87:af:8e:36:2f:d0:79:92:8c:55:0c:8f:4d: df:b0:7b:88:14:e5:40:77:20:d0:38:cd:d4:5c:82: c0:7c:71:c4:59:e6:93:1f:fa:99:02:e5:f0:e9:da: 55:f9:fc:a0:20:21:b0:31:01:2e:fa:8f:28:78:f8: 92:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D4:FD:40:91:11:BA:EC:11:B3:15:7A:92:37:5A:87:DD:6D:15:2E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS152394.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:98c0::/48 Signature Algorithm: sha256WithRSAEncryption 8a:40:42:6a:93:a5:ef:e6:c6:3f:1e:23:98:1b:7d:7e:49:76: 1e:d3:b6:53:ab:43:3f:6a:19:1d:da:08:a3:54:f5:75:1f:27: 66:8f:b2:a1:9d:8c:22:2e:e5:a8:95:3d:fd:90:cf:14:32:19: cc:b5:25:d7:4e:9e:d5:c7:52:50:8b:82:44:9a:25:77:86:84: 22:44:7c:cb:ae:84:9e:83:25:58:2b:8f:8e:5d:bc:b2:2f:24: b6:f5:b9:76:a0:35:f7:80:f9:a7:f1:a1:e0:33:30:38:27:0e: 96:46:e9:29:ed:08:f1:48:83:80:be:70:e0:bc:79:56:4e:ce: df:66:c0:ca:19:be:ca:d4:b6:d0:aa:74:e2:5f:3a:89:ae:28: c2:07:8f:51:f0:e3:0b:f2:57:e5:bf:54:3f:06:19:03:9b:c1: 5f:5e:41:ae:3e:a9:c2:92:2b:c7:fc:11:95:01:4e:c3:eb:94: f8:58:9e:ab:68:14:8f:7c:03:bd:73:9d:69:71:bb:19:c2:17: 81:b4:79:c5:07:6f:f0:b9:36:bc:cd:e5:58:a5:fd:a6:e5:e6: e0:7e:ac:1c:2b:34:df:31:65:77:78:c3:bf:a4:32:fb:35:76: fa:d3:a8:68:42:85:16:ed:f8:fb:7f:f9:57:ef:6a:4d:ab:65: 27:6b:6a:60 -----BEGIN CERTIFICATE----- MIIE4DCCA8igAwIBAgIUT0/CFwcQCD7DschBx2zTX03SccswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyMjAzMjk0NloX DTI1MDMyMTAzMzQ0NlowMzExMC8GA1UEAxMoMkJENEZENDA5MTExQkFFQzExQjMx NTdBOTIzNzVBODdERDZEMTUyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANEsba+3rOLlYjm6k/SjcwJ2BNNcZZ/Xp61ZKAN4RUetUBuFIx3Rbti/9Xgt 2e5qriPFT/JZbiIiYhUX7HSuTTHrsZpgdkOcxm+OMein4cnMf2xxVyKwmfQnzUJr gXcnLM1la6lMEzPDwQD9JgguZox+AC5xacTdejUXvjjwFlOQtgBj8rEJ1ODs2ehM egWVQPdrtHN5fWdKVR3IfkaZxpWdwjaw4pw8nn9yrAw6xSOxk3ZiGxN9EWEnI+2T KZoGrjXJ9J+Hr442L9B5koxVDI9N37B7iBTlQHcg0DjN1FyCwHxxxFnmkx/6mQLl 8OnaVfn8oCAhsDEBLvqPKHj4km0CAwEAAaOCAdMwggHPMB0GA1UdDgQWBBQr1P1A kRG67BGzFXqSN1qH3W0VLjAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE1MjM5NC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw DwQCAAIwCQMHACABDfOYwDANBgkqhkiG9w0BAQsFAAOCAQEAikBCapOl7+bGPx4j mBt9fkl2HtO2U6tDP2oZHdoIo1T1dR8nZo+yoZ2MIi7lqJU9/ZDPFDIZzLUl106e 1cdSUIuCRJold4aEIkR8y66EnoMlWCuPjl28si8ktvW5dqA194D5p/Gh4DMwOCcO lkbpKe0I8UiDgL5w4Lx5Vk7O32bAyhm+ytS20Kp04l86ia4owgePUfDjC/JX5b9U PwYZA5vBX15Brj6pwpIrx/wRlQFOw+uU+Fieq2gUj3wDvXOdaXG7GcIXgbR5xQdv 8Lk2vM3lWKX9puXm4H6sHCs03zFld3jDv6Qy+zV2+tOoaEKFFu34+3/5V+9qTatl J2tqYA== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:27 2024 by rpki-client on console-fra.rpki-client.org