$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa File: AS23947.roa (raw, json) Hash identifier: BT5AnFZ+4wsgRraPrOUf9foq0LyXYnB5vIBn+UXvgug= Subject key identifier: AE:95:02:49:0B:D5:3E:0D:FA:20:9D:17:87:E1:9A:E2:07:0A:FE:8F Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5B417D3E2C3FD5190D5F90A787F5904DBEA67490 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa Signing time: Sat 24 Aug 2024 09:00:00 +0000 ROA not before: Sat 24 Aug 2024 08:55:00 +0000 ROA not after: Sat 23 Aug 2025 09:00:00 +0000 asID: 23947 IP address blocks: 103.129.216.0/22 maxlen: 24 103.154.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:41:7d:3e:2c:3f:d5:19:0d:5f:90:a7:87:f5:90:4d:be:a6:74:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 24 08:55:00 2024 GMT Not After : Aug 23 09:00:00 2025 GMT Subject: CN=AE9502490BD53E0DFA209D1787E19AE2070AFE8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:6c:b8:26:63:6f:31:66:8b:c8:0f:6a:2c:86: b4:25:9e:42:d5:8e:44:b7:76:6e:85:bd:bb:9b:cc: 67:2d:c8:ae:0a:ed:6c:db:a1:a7:8a:ec:2e:8d:08: 37:f3:06:bf:14:97:16:7a:2b:aa:4e:02:fa:a1:ad: 5e:c7:d2:dd:ca:1d:1c:e9:07:41:0b:19:46:81:cb: ad:f6:ce:fe:f7:b6:04:3c:cc:05:f4:34:bb:bc:56: a3:69:d0:8b:87:98:4f:1e:3c:e0:ba:49:7b:4d:11: aa:a0:54:2b:15:db:de:fb:ee:f8:dd:a9:04:38:a1: b7:7d:0c:67:0e:bf:1c:c3:15:e3:af:c7:39:a7:d0: 43:28:5a:6b:e5:17:67:ba:11:5a:43:2e:26:5f:df: 92:62:a3:c9:45:5c:4a:12:43:6c:81:3e:a7:fc:97: 03:5c:55:e8:e1:dc:b6:e3:47:ad:55:4e:9f:62:ae: e1:80:04:ad:0a:cb:15:bc:0a:f5:1b:12:3d:8d:a5: 33:55:7b:a5:d7:82:8a:b4:58:6f:37:89:02:1e:77: af:dc:26:27:00:56:0c:57:7d:8b:ee:35:87:e0:be: b9:c2:33:57:68:b8:52:4c:03:40:8d:c0:44:3a:6b: 8a:bf:86:80:97:7b:03:51:ba:dc:23:8c:1a:0f:94: 44:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:95:02:49:0B:D5:3E:0D:FA:20:9D:17:87:E1:9A:E2:07:0A:FE:8F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS23947.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.216.0/22 103.154.136.0/24 Signature Algorithm: sha256WithRSAEncryption 34:6e:12:c1:3f:f4:b2:9a:92:f7:d3:b4:8a:93:f1:cf:ee:6c: 0b:ff:d5:fc:19:32:65:97:b9:5c:c2:f1:02:65:36:5d:d4:cb: fb:a8:35:70:d0:6d:d1:43:70:02:87:35:59:69:d3:95:81:35: 56:0d:7f:fd:f9:fb:38:f0:06:2e:71:81:21:48:e8:b2:44:56: 04:02:64:54:9e:80:3f:99:64:dc:77:64:9d:cc:95:65:35:9f: bb:36:52:62:5c:1b:4a:f1:71:19:3d:a9:fd:30:ed:39:82:37: 76:57:17:dc:64:a7:02:ae:0e:6e:53:8b:28:33:c3:6f:35:c4: 3e:4b:47:f7:14:7a:8c:d3:f6:8e:b6:99:88:0b:0e:11:e1:90: 8a:b3:8c:ae:19:5e:00:34:0b:f8:29:c4:b9:ad:e1:09:c2:d2: 18:8a:e4:a7:a6:59:e1:c2:96:5d:f9:cd:8f:14:39:37:c8:35: 90:ec:ae:69:2a:0a:ff:55:10:b1:9d:f2:cf:99:7c:7d:da:df: ee:9a:20:6c:8d:14:42:a4:07:ca:45:2f:ce:02:60:3c:a6:6b: b6:2c:59:62:6e:44:04:0f:c2:50:f8:98:e2:cf:5b:8b:d1:6c: 12:8c:e3:1a:6b:47:22:2f:4a:7a:75:20:71:20:0d:ac:a3:41: 13:5e:d3:79 -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIUW0F9Piw/1RkNX5Cnh/WQTb6mdJAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgyNDA4NTUwMFoX DTI1MDgyMzA5MDAwMFowMzExMC8GA1UEAxMoQUU5NTAyNDkwQkQ1M0UwREZBMjA5 RDE3ODdFMTlBRTIwNzBBRkU4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJxsuCZjbzFmi8gPaiyGtCWeQtWORLd2boW9u5vMZy3IrgrtbNuhp4rsLo0I N/MGvxSXFnorqk4C+qGtXsfS3codHOkHQQsZRoHLrfbO/ve2BDzMBfQ0u7xWo2nQ i4eYTx484LpJe00RqqBUKxXb3vvu+N2pBDiht30MZw6/HMMV46/HOafQQyhaa+UX Z7oRWkMuJl/fkmKjyUVcShJDbIE+p/yXA1xV6OHctuNHrVVOn2Ku4YAErQrLFbwK 9RsSPY2lM1V7pdeCirRYbzeJAh53r9wmJwBWDFd9i+41h+C+ucIzV2i4UkwDQI3A RDprir+GgJd7A1G63COMGg+URJ0CAwEAAaOCAdUwggHRMB0GA1UdDgQWBBSulQJJ C9U+DfognReH4ZriBwr+jzAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3 azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3 RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo V0YtR0ROMnMuY2VyMFMGCCsGAQUFBwELBEcwRTBDBggrBgEFBQcwC4Y3cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzIzOTQ3LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDAS BAIAATAMAwQCZ4HYAwQAZ5qIMA0GCSqGSIb3DQEBCwUAA4IBAQA0bhLBP/SympL3 07SKk/HP7mwL/9X8GTJll7lcwvECZTZd1Mv7qDVw0G3RQ3AChzVZadOVgTVWDX/9 +fs48AYucYEhSOiyRFYEAmRUnoA/mWTcd2SdzJVlNZ+7NlJiXBtK8XEZPan9MO05 gjd2VxfcZKcCrg5uU4soM8NvNcQ+S0f3FHqM0/aOtpmICw4R4ZCKs4yuGV4ANAv4 KcS5reEJwtIYiuSnplnhwpZd+c2PFDk3yDWQ7K5pKgr/VRCxnfLPmXx92t/umiBs jRRCpAfKRS/OAmA8pmu2LFlibkQED8JQ+Jjiz1uL0WwSjOMaa0ciL0p6dSBxIA2s o0ETXtN5 -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org