$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa File: AS17538.roa (raw, json) Hash identifier: eRGUnKuCF0Huh8l35Y4l521ziwq5ngSBCNz4wqObNTU= Subject key identifier: 4A:15:8F:7B:13:3B:16:26:1C:B6:15:C3:3F:4A:9E:B1:CE:33:CE:5D Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 094E8E085008F174FD12F08AB6FA0B42AE5ACACF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa Signing time: Tue 09 Jan 2024 04:00:06 +0000 ROA not before: Tue 09 Jan 2024 03:55:06 +0000 ROA not after: Tue 07 Jan 2025 04:00:06 +0000 asID: 17538 IP address blocks: 2407:55c0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 16:39:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:4e:8e:08:50:08:f1:74:fd:12:f0:8a:b6:fa:0b:42:ae:5a:ca:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 9 03:55:06 2024 GMT Not After : Jan 7 04:00:06 2025 GMT Subject: CN=4A158F7B133B16261CB615C33F4A9EB1CE33CE5D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b1:01:78:d2:7c:84:d0:49:a8:b2:8f:84:31: 1e:84:0b:27:d7:22:d3:d3:c4:8a:74:28:c7:bd:98: 60:96:c6:44:76:0c:6c:85:03:a6:68:e5:2e:26:d0: 50:59:e9:14:52:72:1b:58:04:dd:f2:d8:3b:8e:3b: fa:09:19:5c:c2:02:11:aa:4f:34:aa:b1:92:c5:88: f2:a8:f2:5c:e8:ce:4b:77:1c:aa:1b:7b:e9:ac:ea: 0e:15:f1:be:f3:b8:22:6e:88:2f:a4:33:cd:6a:68: be:91:05:dd:f9:62:78:18:38:75:a3:1e:08:f3:b4: a8:98:50:25:8f:93:c3:1a:67:ba:74:58:74:a1:8f: 13:55:01:ec:82:91:6a:a6:0a:47:d5:cc:b5:75:c8: 37:98:0e:76:4b:42:39:93:5a:58:7b:2c:a9:8d:8c: fd:61:81:3d:85:58:5d:05:dd:2f:0b:97:ba:cb:be: 33:b5:03:85:48:dc:ab:0c:b3:f1:d9:9e:48:89:e9: dd:a2:46:ff:5b:bc:6b:f5:1f:6e:b6:87:88:86:e3: 02:b8:4a:9c:bf:d3:8c:53:13:f2:c3:b7:ee:44:a7: 84:9c:e5:20:bd:1c:0a:d1:ed:79:98:6c:20:e4:e2: 30:48:80:d1:61:54:b7:9b:1e:21:25:02:b8:19:6e: 10:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:15:8F:7B:13:3B:16:26:1C:B6:15:C3:3F:4A:9E:B1:CE:33:CE:5D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS17538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:55c0::/32 Signature Algorithm: sha256WithRSAEncryption 4a:f2:2a:3a:ac:a1:b8:ed:c0:57:54:cd:9e:8c:71:e7:f9:e7: 66:2b:b6:51:3f:79:9d:c5:9b:6d:7b:e5:40:f3:4c:b2:7d:a9: 2d:a4:b6:85:8d:07:f6:47:a6:0b:d2:fa:5b:de:14:34:39:be: 0b:1f:f1:27:2b:48:44:e1:19:33:d2:25:bd:e4:3e:77:11:0c: 84:04:33:21:3f:6a:01:13:40:56:91:d5:29:fc:d3:bc:d5:d1: 33:d9:aa:6a:81:6c:c8:44:5f:5c:bc:27:3b:b3:04:66:4e:32: 84:d3:96:e4:ea:51:e4:f6:49:ff:0e:3c:fd:c3:bf:d8:82:38: 31:80:0f:bb:c4:a8:d4:a7:b3:28:37:72:47:c1:97:61:4b:9e: b9:09:2a:7b:39:5f:31:ba:c2:6e:c5:15:9a:61:26:6f:fe:20: 28:1e:9d:78:65:9d:25:a6:49:54:46:cf:7d:9f:04:2b:45:f7: 83:26:1e:96:7e:54:31:ed:12:08:e5:08:0c:85:0b:67:89:86: a2:b7:b7:a8:6b:56:25:9d:85:cf:37:9f:20:bc:d6:e0:fa:03: d1:01:03:5b:52:ec:11:d6:ad:d0:62:bc:95:40:d3:76:0c:29: 16:de:31:f1:03:12:b6:84:24:c8:77:9e:7f:e7:0c:fd:90:32: b7:5a:a7:40 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUCU6OCFAI8XT9EvCKtvoLQq5ays8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwOTAzNTUwNloX DTI1MDEwNzA0MDAwNlowMzExMC8GA1UEAxMoNEExNThGN0IxMzNCMTYyNjFDQjYx NUMzM0Y0QTlFQjFDRTMzQ0U1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMWxAXjSfITQSaiyj4QxHoQLJ9ci09PEinQox72YYJbGRHYMbIUDpmjlLibQ UFnpFFJyG1gE3fLYO447+gkZXMICEapPNKqxksWI8qjyXOjOS3ccqht76azqDhXx vvO4Im6IL6QzzWpovpEF3flieBg4daMeCPO0qJhQJY+TwxpnunRYdKGPE1UB7IKR aqYKR9XMtXXIN5gOdktCOZNaWHssqY2M/WGBPYVYXQXdLwuXusu+M7UDhUjcqwyz 8dmeSInp3aJG/1u8a/UfbraHiIbjArhKnL/TjFMT8sO37kSnhJzlIL0cCtHteZhs IOTiMEiA0WFUt5seISUCuBluEFECAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRKFY97 EzsWJhy2FcM/Sp6xzjPOXTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE3NTM4LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAdVwDANBgkqhkiG9w0BAQsFAAOCAQEASvIqOqyhuO3AV1TNnoxx 5/nnZiu2UT95ncWbbXvlQPNMsn2pLaS2hY0H9kemC9L6W94UNDm+Cx/xJytIROEZ M9IlveQ+dxEMhAQzIT9qARNAVpHVKfzTvNXRM9mqaoFsyERfXLwnO7MEZk4yhNOW 5OpR5PZJ/w48/cO/2II4MYAPu8So1KezKDdyR8GXYUueuQkqezlfMbrCbsUVmmEm b/4gKB6deGWdJaZJVEbPfZ8EK0X3gyYeln5UMe0SCOUIDIULZ4mGore3qGtWJZ2F zzefILzW4PoD0QEDW1LsEdat0GK8lUDTdgwpFt4x8QMStoQkyHeef+cM/ZAyt1qn QA== -----END CERTIFICATE-----Generated at Tue May 7 16:42:42 2024 by rpki-client on console-ams.rpki-client.org