$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23699.roa File: AS23699.roa (raw, json) Hash identifier: nzmdb9pTzJeE+v555E9RrSjR/S4Yrk/h5ntqqVYgxIA= Subject key identifier: 5A:BC:B1:52:72:00:7C:93:D0:2D:1E:7E:53:83:05:D6:92:6B:F0:E7 Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5B758700498467AA519D725C6CCB5DFFC39848C0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23699.roa Signing time: Fri 24 Nov 2023 04:00:00 +0000 ROA not before: Fri 24 Nov 2023 03:55:00 +0000 ROA not after: Fri 22 Nov 2024 04:00:00 +0000 asID: 23699 IP address blocks: 2400:cce0::/32 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:75:87:00:49:84:67:aa:51:9d:72:5c:6c:cb:5d:ff:c3:98:48:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 24 03:55:00 2023 GMT Not After : Nov 22 04:00:00 2024 GMT Subject: CN=5ABCB15272007C93D02D1E7E538305D6926BF0E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f6:35:82:ed:9e:e1:e4:7c:9c:c3:cc:af:a7: b7:a8:cc:62:59:e4:65:08:3c:3d:99:1f:88:2c:46: ed:4d:7a:73:05:59:27:df:bd:81:f3:bf:be:dc:ce: 30:78:76:1f:76:73:12:84:5e:04:a1:e3:a0:a2:e0: 0d:3e:d0:c9:b3:6f:75:67:02:59:ad:d3:e8:e2:1a: 75:2a:57:e2:ca:4c:6e:5d:9b:a8:10:a7:6f:e4:e3: 67:fb:05:8f:71:b3:cc:71:7a:51:45:71:5a:84:1f: 69:a9:b0:17:1a:3d:7b:54:6e:4a:64:ca:55:15:16: d4:c1:25:a4:68:f5:56:86:26:80:f3:e7:39:30:5f: 02:d6:63:1a:4d:06:ec:92:84:7a:ba:cd:e3:8f:21: 52:d8:19:11:4b:e8:2c:67:52:a0:e1:f7:db:13:f8: 05:44:d2:38:92:af:01:c5:f4:a3:a2:98:c1:e1:7b: af:b2:5c:c6:de:b5:d2:14:f5:2c:4b:19:2b:44:78: 11:d4:e3:8b:ee:b4:bc:21:01:dd:b0:72:ee:9f:86: 62:20:f2:3d:e4:d7:a2:78:8d:90:8e:8e:b3:e9:4f: 5b:f5:95:80:1d:90:9e:f5:86:f9:68:1a:c5:48:18: 81:80:b8:e2:30:ee:a6:76:5a:3a:e7:5a:69:e4:29: 15:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:BC:B1:52:72:00:7C:93:D0:2D:1E:7E:53:83:05:D6:92:6B:F0:E7 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23699.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:cce0::/32 Signature Algorithm: sha256WithRSAEncryption 5f:15:9f:8e:ac:fb:eb:6b:1e:8a:2b:5b:13:25:e1:63:2e:72: fa:02:e6:2c:12:ab:b0:dd:f3:e0:74:1a:60:3b:79:a5:04:2d: cb:78:b5:e1:07:40:f6:8d:b6:fd:1c:cf:4d:2f:3b:ba:b2:ba: ba:9d:d1:49:77:3f:2f:d0:7e:2a:55:8f:a8:80:07:0e:7e:be: 62:c3:8c:f5:aa:0d:dd:57:3f:e9:b2:e2:59:19:09:b5:c2:c7: d7:53:b9:8a:aa:95:78:79:15:f7:67:e5:05:ef:23:37:a9:c2: a9:ca:92:86:e4:00:e3:e8:e4:9f:a1:6b:da:2d:4a:4c:53:2c: 25:ee:3a:fa:1d:22:62:db:f2:da:a8:42:57:57:72:8e:96:c6: 74:a3:3a:c7:e4:a9:c6:13:d8:7a:73:1f:db:b7:9a:40:a1:3e: 4a:38:e7:5f:47:5b:66:31:e1:e5:54:45:36:a8:84:a4:0e:ff: ee:9e:68:53:8d:19:94:0a:ae:c1:0f:5f:f6:64:f6:37:22:ba: 0a:b6:8b:08:7e:d0:5a:db:3c:5c:81:11:1d:4b:47:c2:97:b5: 4f:27:04:14:a5:16:78:df:d7:ac:a4:70:1f:6b:4f:c2:77:eb: 5b:8b:b7:33:bb:8f:a1:32:44:86:90:7d:18:22:e7:b9:8f:d1: e6:e0:07:0b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgIUW3WHAEmEZ6pRnXJcbMtd/8OYSMAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEyNDAzNTUwMFoX DTI0MTEyMjA0MDAwMFowMzExMC8GA1UEAxMoNUFCQ0IxNTI3MjAwN0M5M0QwMkQx RTdFNTM4MzA1RDY5MjZCRjBFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMv2NYLtnuHkfJzDzK+nt6jMYlnkZQg8PZkfiCxG7U16cwVZJ9+9gfO/vtzO MHh2H3ZzEoReBKHjoKLgDT7QybNvdWcCWa3T6OIadSpX4spMbl2bqBCnb+TjZ/sF j3GzzHF6UUVxWoQfaamwFxo9e1RuSmTKVRUW1MElpGj1VoYmgPPnOTBfAtZjGk0G 7JKEerrN448hUtgZEUvoLGdSoOH32xP4BUTSOJKvAcX0o6KYweF7r7Jcxt610hT1 LEsZK0R4EdTji+60vCEB3bBy7p+GYiDyPeTXoniNkI6Os+lPW/WVgB2QnvWG+Wga xUgYgYC44jDupnZaOudaaeQpFZcCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRavLFS cgB8k9AtHn5TgwXWkmvw5zAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzIzNjk5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJADM4DANBgkqhkiG9w0BAQsFAAOCAQEAXxWfjqz762seiitbEyXh Yy5y+gLmLBKrsN3z4HQaYDt5pQQty3i14QdA9o22/RzPTS87urK6up3RSXc/L9B+ KlWPqIAHDn6+YsOM9aoN3Vc/6bLiWRkJtcLH11O5iqqVeHkV92flBe8jN6nCqcqS huQA4+jkn6Fr2i1KTFMsJe46+h0iYtvy2qhCV1dyjpbGdKM6x+SpxhPYenMf27ea QKE+SjjnX0dbZjHh5VRFNqiEpA7/7p5oU40ZlAquwQ9f9mT2NyK6CraLCH7QWts8 XIERHUtHwpe1TycEFKUWeN/XrKRwH2tPwnfrW4u3M7uPoTJEhpB9GCLnuY/R5uAH Cw== -----END CERTIFICATE-----Generated at Wed May 8 14:59:57 2024 by rpki-client on console-ams.rpki-client.org